Adding support for fuzzing pure Ruby code on Macs shouldn't be too heavy of a lift. Atheris supports it. Fuzzing Ruby C extensions on Mac may theoretically be possible, but it's not clear to me how we'd accomplish that. Atheris does not support this type of fuzzing.
So, perhaps we can add support for fuzzing Ruby C extensions on Mac someday, but for now let's start with pure Ruby code and go from there. Here's a rough implementation plan:
Fuzzing pure Ruby code on Mac should not require LD_PRELOAD tricks.
Make the cruzzyextconf.rb handle not needing to merge ASAN and libFuzzer.
May need to address the following warnings when fuzzing pure Ruby code when LD_PRELOAD isn't present:
WARNING: Failed to find function "__sanitizer_acquire_crash_state".
WARNING: Failed to find function "__sanitizer_print_stack_trace".
WARNING: Failed to find function "__sanitizer_set_death_callback".
Handle dylibs in addition to .so and .a in extconf.rb
Add automated CI testing for fuzzing pure Ruby code on Mac systems
All in all, this can wait until some kind of V2 release after we make Ruzzy public.
Adding support for fuzzing pure Ruby code on Macs shouldn't be too heavy of a lift. Atheris supports it. Fuzzing Ruby C extensions on Mac may theoretically be possible, but it's not clear to me how we'd accomplish that. Atheris does not support this type of fuzzing.
So, perhaps we can add support for fuzzing Ruby C extensions on Mac someday, but for now let's start with pure Ruby code and go from there. Here's a rough implementation plan:
LD_PRELOADtricks.cruzzyextconf.rbhandle not needing to merge ASAN and libFuzzer.LD_PRELOADisn't present:dylibs in addition to.soand.ainextconf.rbAll in all, this can wait until some kind of V2 release after we make Ruzzy public.