[−][src]Crate wasm_smith

A WebAssembly test case generator.

Usage

First, use cargo fuzz to define a new fuzz target:

$ cargo fuzz add my_wasm_smith_fuzz_target

Next, add wasm-smith to your dependencies:

# fuzz/Cargo.toml

[dependencies]
wasm-smith = "0.1.5"

Then, define your fuzz target so that it takes arbitrary wasm_smith::Modules as an argument, convert the module into serialized Wasm bytes via the to_bytes method, and then feed it into your system:

// fuzz/fuzz_targets/my_wasm_smith_fuzz_target.rs

#![no_main]

use libfuzzer_sys::fuzz_target;
use wasm_smith::Module;

fuzz_target!(|module: Module| {
    let wasm_bytes = module.to_bytes();

    // Your code here...
});

Finally, start fuzzing:

$ cargo fuzz run my_wasm_smith_fuzz_target

Note: For a real world example, also check out the validate fuzz target defined in this repository. Using the wasmparser crate, it checks that every module generated by wasm-smith validates successfully.

Structs

ConfiguredModule	A pseudo-random generated WebAssembly file with custom configuration.
DefaultConfig	The default configuration.
MaybeInvalidModule	Same as `Module`, but may be invalid.
Module	A pseudo-random WebAssembly module.
SwarmConfig	A module configuration that uses swarm testing.

Traits

Config

Configuration for a generated module.