diff options
| -rw-r--r-- | src/tools/execution-results.h | 6 | ||||
| -rw-r--r-- | src/tools/fuzzing/fuzzing.cpp | 28 | ||||
| -rw-r--r-- | src/tools/fuzzing/parameters.h | 2 | ||||
| -rw-r--r-- | src/tools/js-wrapper.h | 2 | ||||
| -rw-r--r-- | src/tools/spec-wrapper.h | 3 | ||||
| -rw-r--r-- | src/tools/wasm2c-wrapper.h | 6 | ||||
| -rw-r--r-- | test/passes/emit-js-wrapper=a.js.wast.js | 5 | ||||
| -rw-r--r-- | test/passes/emit-spec-wrapper=a.wat.wast.wat | 2 | ||||
| -rw-r--r-- | test/passes/fuzz_metrics_noprint.bin.txt | 53 | ||||
| -rw-r--r-- | test/passes/translate-to-fuzz_all-features_metrics_noprint.txt | 68 | ||||
| -rw-r--r-- | test/unit/test_wasm2c.py | 21 |
11 files changed, 69 insertions, 127 deletions
diff --git a/src/tools/execution-results.h b/src/tools/execution-results.h index d12c84d1e..569052086 100644 --- a/src/tools/execution-results.h +++ b/src/tools/execution-results.h @@ -226,12 +226,8 @@ struct ExecutionResults { FunctionResult run(Function* func, Module& wasm, ModuleRunner& instance) { try { - Literals arguments; - // init hang support, if present - if (auto* ex = wasm.getExportOrNull("hangLimitInitializer")) { - instance.callFunction(ex->value, arguments); - } // call the method + Literals arguments; for (const auto& param : func->getParams()) { // zeros in arguments TODO: more? if (!param.isDefaultable()) { diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp index 4dac794e2..bb3a76766 100644 --- a/src/tools/fuzzing/fuzzing.cpp +++ b/src/tools/fuzzing/fuzzing.cpp @@ -426,26 +426,6 @@ void TranslateToFuzzReader::addHangLimitSupport() { builder.makeConst(int32_t(HANG_LIMIT)), Builder::Mutable); wasm.addGlobal(std::move(glob)); - - Name exportName = "hangLimitInitializer"; - auto funcName = Names::getValidFunctionName(wasm, exportName); - auto* func = new Function; - func->name = funcName; - func->type = Signature(Type::none, Type::none); - func->body = builder.makeGlobalSet(HANG_LIMIT_GLOBAL, - builder.makeConst(int32_t(HANG_LIMIT))); - wasm.addFunction(func); - - if (wasm.getExportOrNull(exportName)) { - // We must export our actual hang limit function - remove anything - // previously existing. - wasm.removeExport(exportName); - } - auto* export_ = new Export; - export_->name = exportName; - export_->value = func->name; - export_->kind = ExternalKind::Function; - wasm.addExport(export_); } void TranslateToFuzzReader::addImportLoggingSupport() { @@ -473,11 +453,17 @@ TranslateToFuzzReader::FunctionCreationContext::~FunctionCreationContext() { } Expression* TranslateToFuzzReader::makeHangLimitCheck() { + // If the hang limit global reaches 0 then we trap and reset it. That allows + // calls to other exports to proceed, with hang checking, after the trap halts + // the currently called export. return builder.makeSequence( builder.makeIf( builder.makeUnary(UnaryOp::EqZInt32, builder.makeGlobalGet(HANG_LIMIT_GLOBAL, Type::i32)), - makeTrivial(Type::unreachable)), + builder.makeSequence( + builder.makeGlobalSet(HANG_LIMIT_GLOBAL, + builder.makeConst(int32_t(HANG_LIMIT))), + builder.makeUnreachable())), builder.makeGlobalSet( HANG_LIMIT_GLOBAL, builder.makeBinary(BinaryOp::SubInt32, diff --git a/src/tools/fuzzing/parameters.h b/src/tools/fuzzing/parameters.h index 1ba7b064f..e92c88210 100644 --- a/src/tools/fuzzing/parameters.h +++ b/src/tools/fuzzing/parameters.h @@ -59,7 +59,7 @@ constexpr Address USABLE_MEMORY = 16; // the number of runtime iterations (function calls, loop backbranches) we // allow before we stop execution with a trap, to prevent hangs. 0 means // no hang protection. -constexpr int HANG_LIMIT = 10; +constexpr int HANG_LIMIT = 100; // constexpr size_t VeryImportant = 4; diff --git a/src/tools/js-wrapper.h b/src/tools/js-wrapper.h index 85bc3d7ba..edee301ca 100644 --- a/src/tools/js-wrapper.h +++ b/src/tools/js-wrapper.h @@ -91,8 +91,6 @@ inline std::string generateJSWrapper(Module& wasm) { continue; // something exported other than a function } auto* func = wasm.getFunction(exp->value); - ret += "if (instance.exports.hangLimitInitializer) " - "instance.exports.hangLimitInitializer();\n"; ret += "try {\n"; ret += std::string(" console.log('[fuzz-exec] calling ") + exp->name.toString() + "');\n"; diff --git a/src/tools/spec-wrapper.h b/src/tools/spec-wrapper.h index 95ead4739..5c0b8cfc8 100644 --- a/src/tools/spec-wrapper.h +++ b/src/tools/spec-wrapper.h @@ -31,8 +31,7 @@ inline std::string generateSpecWrapper(Module& wasm) { if (!func) { continue; // something exported other than a function } - ret += std::string("(invoke \"hangLimitInitializer\") (invoke \"") + - exp->name.toString() + "\" "; + ret += std::string("(invoke \"") + exp->name.toString() + "\" "; for (const auto& param : func->getParams()) { // zeros in arguments TODO more? TODO_SINGLE_COMPOUND(param); diff --git a/src/tools/wasm2c-wrapper.h b/src/tools/wasm2c-wrapper.h index 984a9b53a..53343f2d1 100644 --- a/src/tools/wasm2c-wrapper.h +++ b/src/tools/wasm2c-wrapper.h @@ -137,12 +137,6 @@ int main(int argc, char** argv) { // compile times are O(size * num_setjmps). for (size_t curr = 0;; curr++) { )"; - if (wasm.getExportOrNull("hangLimitInitializer")) { - ret += R"( - // If present, call the hang limit initializer before each export. - (*Z_hangLimitInitializerZ_vv)(); -)"; - } ret += R"( // Prepare to call the export, so we can catch traps. if (WASM_RT_SETJMP(g_jmp_buf) != 0) { diff --git a/test/passes/emit-js-wrapper=a.js.wast.js b/test/passes/emit-js-wrapper=a.js.wast.js index a3c0a22ee..916f029f5 100644 --- a/test/passes/emit-js-wrapper=a.js.wast.js +++ b/test/passes/emit-js-wrapper=a.js.wast.js @@ -47,35 +47,30 @@ var instance = new WebAssembly.Instance(new WebAssembly.Module(binary), { 'getTempRet0': function() { return tempRet0 }, }, }); -if (instance.exports.hangLimitInitializer) instance.exports.hangLimitInitializer(); try { console.log('[fuzz-exec] calling add'); console.log('[fuzz-exec] note result: add => ' + literal(instance.exports.add(0, 0), 'i32')); } catch (e) { console.log('exception!' /* + e */); } -if (instance.exports.hangLimitInitializer) instance.exports.hangLimitInitializer(); try { console.log('[fuzz-exec] calling no_return'); instance.exports.no_return(0); } catch (e) { console.log('exception!' /* + e */); } -if (instance.exports.hangLimitInitializer) instance.exports.hangLimitInitializer(); try { console.log('[fuzz-exec] calling types'); instance.exports.types(0, 0, 0, 0, 0); } catch (e) { console.log('exception!' /* + e */); } -if (instance.exports.hangLimitInitializer) instance.exports.hangLimitInitializer(); try { console.log('[fuzz-exec] calling types2'); instance.exports.types2(0, 0, 0); } catch (e) { console.log('exception!' /* + e */); } -if (instance.exports.hangLimitInitializer) instance.exports.hangLimitInitializer(); try { console.log('[fuzz-exec] calling types3'); console.log('[fuzz-exec] note result: types3 => ' + literal(instance.exports.types3(0, 0, 0), 'i32')); diff --git a/test/passes/emit-spec-wrapper=a.wat.wast.wat b/test/passes/emit-spec-wrapper=a.wat.wast.wat index 20cdac9b2..8cebe5ea8 100644 --- a/test/passes/emit-spec-wrapper=a.wat.wast.wat +++ b/test/passes/emit-spec-wrapper=a.wat.wast.wat @@ -1 +1 @@ -(invoke "hangLimitInitializer") (invoke "add" (i32.const 0) (i32.const 0) ) (invoke "hangLimitInitializer") (invoke "no_return" (i32.const 0) ) (invoke "hangLimitInitializer") (invoke "types" (i32.const 0) (i64.const 0) (f32.const 0) (f64.const 0) ) (invoke "hangLimitInitializer") (invoke "types2" (i32.const 0) (f32.const 0) (f64.const 0) ) (invoke "hangLimitInitializer") (invoke "types3" (i32.const 0) (f32.const 0) (f64.const 0) )
\ No newline at end of file +(invoke "add" (i32.const 0) (i32.const 0) ) (invoke "no_return" (i32.const 0) ) (invoke "types" (i32.const 0) (i64.const 0) (f32.const 0) (f64.const 0) ) (invoke "types2" (i32.const 0) (f32.const 0) (f64.const 0) ) (invoke "types3" (i32.const 0) (f32.const 0) (f64.const 0) )
\ No newline at end of file diff --git a/test/passes/fuzz_metrics_noprint.bin.txt b/test/passes/fuzz_metrics_noprint.bin.txt index d086298d2..3077b858d 100644 --- a/test/passes/fuzz_metrics_noprint.bin.txt +++ b/test/passes/fuzz_metrics_noprint.bin.txt @@ -1,34 +1,33 @@ total - [exports] : 35 - [funcs] : 45 + [exports] : 71 + [funcs] : 97 [globals] : 9 [imports] : 4 [memories] : 1 [memory-data] : 2 - [table-data] : 7 + [table-data] : 29 [tables] : 1 [tags] : 0 - [total] : 8644 - [vars] : 134 - Binary : 644 - Block : 1266 - Break : 398 - Call : 271 - CallIndirect : 42 - Const : 1434 - Drop : 79 - GlobalGet : 671 - GlobalSet : 290 - If : 527 - Load : 139 - LocalGet : 762 - LocalSet : 520 - Loop : 210 - Nop : 201 - RefFunc : 7 - Return : 341 - Select : 62 - Store : 94 - Switch : 4 - Unary : 673 - Unreachable : 9 + [total] : 9772 + [vars] : 262 + Binary : 728 + Block : 1590 + Break : 299 + Call : 459 + CallIndirect : 97 + Const : 1686 + Drop : 92 + GlobalGet : 775 + GlobalSet : 636 + If : 515 + Load : 166 + LocalGet : 671 + LocalSet : 502 + Loop : 201 + Nop : 111 + RefFunc : 29 + Return : 82 + Select : 87 + Store : 93 + Unary : 653 + Unreachable : 300 diff --git a/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt b/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt index c7df2c682..29bccd185 100644 --- a/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt +++ b/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt @@ -1,46 +1,42 @@ total - [exports] : 12 - [funcs] : 17 + [exports] : 11 + [funcs] : 25 [globals] : 11 [imports] : 5 [memories] : 1 [memory-data] : 20 - [table-data] : 3 + [table-data] : 7 [tables] : 1 [tags] : 1 - [total] : 747 - [vars] : 51 - ArrayInit : 6 - AtomicFence : 3 - AtomicNotify : 2 - Binary : 91 - Block : 91 + [total] : 877 + [vars] : 40 + ArrayInit : 11 + AtomicFence : 1 + Binary : 85 + Block : 139 Break : 9 - Call : 34 - CallRef : 2 - Const : 161 - Drop : 10 - GlobalGet : 59 - GlobalSet : 28 + Call : 49 + CallRef : 1 + Const : 169 + Drop : 17 + GlobalGet : 70 + GlobalSet : 66 I31Get : 1 - If : 37 - Load : 21 - LocalGet : 37 - LocalSet : 18 - Loop : 10 - MemoryCopy : 1 - Nop : 16 - RefAs : 3 - RefEq : 1 - RefFunc : 7 - RefIsNull : 2 - RefNull : 6 - Return : 31 - SIMDExtract : 2 - SIMDTernary : 1 - Select : 1 + I31New : 3 + If : 41 + Load : 18 + LocalGet : 43 + LocalSet : 26 + Loop : 7 + Nop : 2 + RefAs : 2 + RefFunc : 11 + RefNull : 7 + Return : 4 + SIMDExtract : 3 Store : 3 - StructNew : 2 - TupleExtract : 2 - TupleMake : 6 - Unary : 43 + StructNew : 9 + TupleExtract : 4 + TupleMake : 8 + Unary : 36 + Unreachable : 32 diff --git a/test/unit/test_wasm2c.py b/test/unit/test_wasm2c.py deleted file mode 100644 index bcdab355b..000000000 --- a/test/unit/test_wasm2c.py +++ /dev/null @@ -1,21 +0,0 @@ -from scripts.test import shared -from . import utils - - -class Wasm2CTest(utils.BinaryenTestCase): - def test_wrapper(self): - # the wrapper C code should only call the hang limit initializer if - # that is present. - empty_wasm = self.input_path('empty.wasm') - args = [empty_wasm, '--emit-wasm2c-wrapper=output.c'] - shared.run_process(shared.WASM_OPT + args) - with open('output.c') as f: - normal_output = f.read() - # running with ttf generates a new wasm for fuzzing, which always - # includes the hang limit initializer function - shared.run_process(shared.WASM_OPT + args + ['-ttf']) - with open('output.c') as f: - ttf_output = f.read() - hang_limit_name = 'hangLimitInitializer' - self.assertIn(hang_limit_name, ttf_output) - self.assertNotIn(hang_limit_name, normal_output) |