Our latest attempts at improving the differential fuzzer led to a lot of technical debt which we should get rid of in order to properly implement both:

• #894
• #895

Problems

• The main problem is that all of the differential fuzzing code is located in a single rather large file which we should split up into multiple logical modules.
• Another problem is that the current handling of different cases is a bit bloated and could seriously be improved to remove duplicated code.
• Furthermore we need a design decision whether we always want to fuzz all supported engines or continue to only fuzz all engines in case both Wasmi (register) and Wasmi (stack) disagree. For performance reasons we currently only run the Wasmtime backend if both Wasmi (register) and Wasmi (stack) disagree because spinning up and running Wasmtime has a larger overhead which we generally want to avoid for most test runs. However, this technique may not find bugs where both Wasmi backends are affected similarly.
• Ideally we also want to improve shared objects (linear memory and globals) mismatch between the fuzzed engines. Currently, for example, linear memory hashes are compared instead of their actual content which does not provide us with all information needed in case of a mismatch, e.g. which memory location is at fault and which bytes etc.