Consider integrating Fuzz Introspector into our continuous fuzzing setup #9699
Labels
Comments
tschneidereit
added
enhancement
fuzzing
Subscribe to Label Actioncc @fitzgen
This issue or pull request has been labeled: "fuzzing"
Thus the following users have been cc'd because of the following labels:
To subscribe or unsubscribe from this label, edit the |
tschneidereit
changed the title
|
One potentially interesting benefit is that we could experiment with Google's LLM-based fuzz target generation, which relies in Fuzz Introspector. "Potentially interesting" because I absolutely don't know if that would be valuable for a project like Wasmtime. |
|
This looks like it would give us really insightful feedback! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature
Fuzz Introspector helps to gain insights into the effectiveness of a fuzzing setup and to identify blockers that keep parts of the code base uncovered.
Benefit
Wasmtime is sufficiently complex that it's challenging to reason about the effectiveness of the various fuzzing harnesses we employ. That's the very problem Fuzz Introspector was created to help address.
Implementation
Rust support was added to Fuzz Introspector very recently, so it's not yet fully documented. I think that PR contains sufficient bread crumbs to find the right path to integration with our OSS-Fuzz setup, though.
Alternatives
There might be alternative initiatives with similar goals that'd be more valuable to integrate. If so, I'm not aware of them.
The text was updated successfully, but these errors were encountered: