diff options
| author | Alon Zakai <azakai@google.com> | 2019-05-17 09:09:17 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-17 09:09:17 -0700 |
| commit | 1095ef96673f4f33d76da6d58b0ad65c3c257f76 (patch) | |
| tree | a8bf7d3a601aaa67c61f093560268b4a7e8745a1 /scripts/fuzz_opt.py | |
| parent | 1dd37de69aae51edaf93219f31e736576f751191 (diff) | |
| download | binaryen-1095ef96673f4f33d76da6d58b0ad65c3c257f76.tar.gz binaryen-1095ef96673f4f33d76da6d58b0ad65c3c257f76.tar.bz2 binaryen-1095ef96673f4f33d76da6d58b0ad65c3c257f76.zip | |
Add a fuzzer option to not emit code with OOB loads/indirect calls (#2113)
This is useful for wasm2js, as we don't emit traps for OOB loads etc. like wasm (like we don't trap on bad float-to-int, as it's too hard in JS, and it's undefined behavior in C anyhow). It may also help general fuzzing, as those traps may make other interesting patterns less likely.
Also add more wasm2js support in the fuzzer, which includes using this no-OOB option.
Diffstat (limited to 'scripts/fuzz_opt.py')
| -rw-r--r-- | scripts/fuzz_opt.py | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/scripts/fuzz_opt.py b/scripts/fuzz_opt.py index fb777d235..4a32e11bf 100644 --- a/scripts/fuzz_opt.py +++ b/scripts/fuzz_opt.py @@ -48,6 +48,8 @@ INPUT_SIZE_LIMIT = 150 * 1024 LOG_LIMIT = 125 +WASM2JS = False + # utilities @@ -145,7 +147,10 @@ def run_bynterp(wasm): def run_wasm2js(wasm): wrapper = run([in_bin('wasm-opt'), wasm, '--emit-js-wrapper=/dev/stdout'] + FEATURE_OPTS) - main = run([in_bin('wasm2js'), wasm, '--emscripten'] + FEATURE_OPTS) + cmd = [in_bin('wasm2js'), wasm, '--emscripten'] + if random.random() < 0.5: + cmd += ['-O'] + main = run(cmd + FEATURE_OPTS) with open(os.path.join(options.binaryen_root, 'scripts', 'wasm2js.js')) as f: glue = f.read() with open('js.js', 'w') as f: @@ -164,7 +169,8 @@ def run_vms(prefix): results = [] results.append(run_bynterp(wasm)) results.append(fix_output(run_vm([os.path.expanduser('d8'), prefix + 'js'] + V8_OPTS + ['--', wasm]))) - # results.append(run_wasm2js(wasm)) + if WASM2JS: + results.append(run_wasm2js(wasm)) # append to add results from VMs # results += [fix_output(run_vm([os.path.expanduser('d8'), prefix + 'js'] + V8_OPTS + ['--', prefix + 'wasm']))] @@ -292,6 +298,12 @@ def get_multiple_opt_choices(): if not NANS: FUZZ_OPTS += ['--no-fuzz-nans'] +if WASM2JS: + # wasm2js does not handle nans precisely, and does not + # handle oob loads etc. with traps + FUZZ_OPTS += ['--no-fuzz-nans'] + FUZZ_OPTS += ['--no-fuzz-oob'] + if __name__ == '__main__': print('checking infinite random inputs') random.seed(time.time() * os.getpid()) |