add fuzzing script

crates/compiler/builtins/bitcode/.gitignore

@@ -0,0 +1 @@
+.fuzz_data

crates/compiler/builtins/bitcode/fuzz_in_tmux.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+set -euxo pipefail
+
+# Run from this directory.
+SCRIPT_RELATIVE_DIR=`dirname "${BASH_SOURCE[0]}"`
+cd $SCRIPT_RELATIVE_DIR
+
+# First compile the fuzz target.
+zig build-lib -static -fcompiler-rt -flto -fPIC src/fuzz_sort.zig
+afl-clang-lto -o fuzz libfuzz_sort.a
+AFL_LLVM_CMPLOG=1 afl-clang-lto -o fuzz-cmplog libfuzz_sort.a
+AFL_LLVM_LAF_ALL=1 afl-clang-lto -o fuzz-cmpcov libfuzz_sort.a
+
+# Setup fuzz directory with dummy input.
+INPUT_DIR='.fuzz_data/input'
+OUTPUT_DIR='.fuzz_data/output'
+if [ ! -d .fuzz_data ]; then
+  mkdir -p $INPUT_DIR
+  echo '1234567887654321' > $INPUT_DIR/dummy_input
+else
+  # Resuming from existing run.
+  INPUT_DIR='-'
+fi
+
+# Just hardcoding to 7 fuzzers (this avoids overwhelming 8 core machines).
+BASE_CMD="AFL_TESTCACHE_SIZE=250 AFL_IMPORT_FIRST=1 afl-fuzz -i $INPUT_DIR -o $OUTPUT_DIR"
+
+# I'm trying to follow the guide around secondary fuzzers, but I don't quite follow the wording.
+# So I feel this may be correct, but it may also be more random then they expect.
+# Overkill anyway...so this is fine.
+tmux new-session -d -s "fuzz" "AFL_FINAL_SYNC=1 $BASE_CMD -M fuzzer01 ./fuzz"
+tmux split-window -h "$BASE_CMD -S fuzzer02 -c ./fuzz-cmplog -m none -l 2AT -p explore ./fuzz"
+tmux split-window -v -t 0.0 "$BASE_CMD -S fuzzer03 -c ./fuzz-cmplog -m none -L 0 -p exploit ./fuzz"
+tmux split-window -v -t 0.2 "$BASE_CMD -S fuzzer04 -p explore ./fuzz-cmpcov"
+tmux new-window "$BASE_CMD -S fuzzer05 -Z -p coe ./fuzz-cmpcov"
+tmux split-window -h "$BASE_CMD -S fuzzer06 -P exploit ./fuzz"
+tmux split-window -v -t 1.0 "AFL_DISABLE_TRIM=1 $BASE_CMD -S fuzzer07 -p explore ./fuzz"
+tmux split-window -v -t 1.2 "htop"
+tmux new-window
+tmux send-keys "afl-whatsup -d $OUTPUT_DIR"
+tmux select-window -t 0
+tmux -2 a -t "fuzz"

crates/compiler/builtins/bitcode/src/fuzz_sort.zig

@@ -1,10 +1,3 @@
-/// Sort Fuzzer!
-/// To fuzz: On linux, first install afl++.
-/// Then build this with:
-///   zig build-lib -static -fcompiler-rt -flto -fPIC src/fuzz_sort.zig
-///   afl-clang-lto -o fuzz libfuzz_sort.a
-/// Finally, run with afl
-///   afl-fuzz -i input -o output -- ./fuzz
 const std = @import("std");
 const sort = @import("sort.zig");
 
@@ -19,6 +12,8 @@ comptime {
     @export(cMain, .{ .name = "main", .linkage = .Strong });
 }
 
+const DEBUG = false;
+
 var allocator: std.mem.Allocator = undefined;
 
 pub fn fuzz_main() !void {
@@ -36,9 +31,17 @@ pub fn fuzz_main() !void {
     const size = data.len / @sizeOf(i64);
     const arr_ptr: [*]i64 = @alignCast(@ptrCast(data.ptr));
 
+    if (DEBUG) {
+        std.debug.print("Input: [{d}]{d}\n", .{ size, arr_ptr[0..size] });
+    }
+
     sort.quadsort(@ptrCast(arr_ptr), size, &test_i64_compare, null, false, &test_i64_inc_n, @sizeOf(i64), @alignOf(i64), &test_i64_copy);
 
-    std.debug.assert(std.sort.isSorted(i64, arr_ptr[0..size], {}, std.sort.asc(i64)));
+    const sorted = std.sort.isSorted(i64, arr_ptr[0..size], {}, std.sort.asc(i64));
+    if (DEBUG) {
+        std.debug.print("Output: [{d}]{d}\nSorted: {}\n", .{ size, arr_ptr[0..size], sorted });
+    }
+    std.debug.assert(sorted);
 }
 
 const Opaque = ?[*]u8;