Open Bug 1941095 Opened 1 month ago Updated 1 month ago

Consider macOS and Windows fuzzilli builds and put them on CI

Categories

(Core :: JavaScript Engine, task, P3)

task

Tracking

()

Tracking Status
firefox136 --- affected

People

(Reporter: gkw, Unassigned)

References

(Blocks 1 open bug)

Details

fuzzilli builds of SpiderMonkey seem to be useful in helping to find security problems [1] and is likely to be currently in use by non-Mozilla folks [2] [3] as well as in other JS engines.

SpiderMonkey currently has a Linux build on CI via bug 1709404.

Shall we consider having macOS and Windows fuzzilli builds as well? If so, they should also be on CI. They will help in finding platform-specific bugs.

[1] https://github.com/googleprojectzero/fuzzilli?tab=readme-ov-file#geckospidermonkey
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1758541
[3] https://bugzilla.mozilla.org/show_bug.cgi?id=1903968

Flags: needinfo?(jdemooij)

Does Fuzzilli require a special build or can you use it with a standard JS shell build and the Fuzzilli patches provide some extra features?

Platform-specific bugs are uncommon and all of our own fuzzing is done on Linux so I find it hard to justify the cost for Mozilla to maintain and run these builds in CI.

Flags: needinfo?(jdemooij)
Blocks: sm-testing
Severity: -- → S3
Priority: -- → P3
Severity: S3 → N/A

Does Fuzzilli require a special build or can you use it with a standard JS shell build and the Fuzzilli patches provide some extra features?

There's plenty of #ifdefs in the codebase: https://searchfox.org/mozilla-central/search?q=FUZZING_JS_FUZZILLI

I don't know if this can be made into a runtime flag (similar to the --enable-more-deterministic build to --no-threads runtime flag conversion) either.

That said, Windows builds may be tougher - the tool may be made for POSIX platforms but I'm not too sure.

You need to log in before you can comment on or make changes to this bug.