tschneidereit edited issue #9699:
Feature
Fuzz Introspector helps to gain insights into the effectiveness of a fuzzing setup and to identify blockers that keep parts of the code base uncovered.
Benefit
Wasmtime is sufficiently complex that it's challenging to reason about the effectiveness of the various fuzzing harnesses we employ. That's the very problem Fuzz Introspector was created to help address.
Implementation
Rust support was added to Fuzz Introspector very recently, so it's not yet fully documented. I think that PR contains sufficient bread crumbs to find the right path to integration with our OSS-Fuzz setup, though.
Alternatives
There might be alternative initiatives with similar goals that'd be more valuable to integrate. If so, I'm not aware of them.
tschneidereit commented on issue #9699:
One potentially interesting benefit is that we could experiment with Google's LLM-based fuzz target generation, which relies in Fuzz Introspector. "Potentially interesting" because I absolutely don't know if that would be valuable for a project like Wasmtime.
fitzgen commented on issue #9699:
This looks like it would give us really insightful feedback!
Last updated: Dec 23 2024 at 13:07 UTC