diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/tools/execution-results.h | 6 | ||||
| -rw-r--r-- | src/tools/fuzzing/fuzzing.cpp | 28 | ||||
| -rw-r--r-- | src/tools/fuzzing/parameters.h | 2 | ||||
| -rw-r--r-- | src/tools/js-wrapper.h | 2 | ||||
| -rw-r--r-- | src/tools/spec-wrapper.h | 3 | ||||
| -rw-r--r-- | src/tools/wasm2c-wrapper.h | 6 |
6 files changed, 10 insertions, 37 deletions
diff --git a/src/tools/execution-results.h b/src/tools/execution-results.h index d12c84d1e..569052086 100644 --- a/src/tools/execution-results.h +++ b/src/tools/execution-results.h @@ -226,12 +226,8 @@ struct ExecutionResults { FunctionResult run(Function* func, Module& wasm, ModuleRunner& instance) { try { - Literals arguments; - // init hang support, if present - if (auto* ex = wasm.getExportOrNull("hangLimitInitializer")) { - instance.callFunction(ex->value, arguments); - } // call the method + Literals arguments; for (const auto& param : func->getParams()) { // zeros in arguments TODO: more? if (!param.isDefaultable()) { diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp index 4dac794e2..bb3a76766 100644 --- a/src/tools/fuzzing/fuzzing.cpp +++ b/src/tools/fuzzing/fuzzing.cpp @@ -426,26 +426,6 @@ void TranslateToFuzzReader::addHangLimitSupport() { builder.makeConst(int32_t(HANG_LIMIT)), Builder::Mutable); wasm.addGlobal(std::move(glob)); - - Name exportName = "hangLimitInitializer"; - auto funcName = Names::getValidFunctionName(wasm, exportName); - auto* func = new Function; - func->name = funcName; - func->type = Signature(Type::none, Type::none); - func->body = builder.makeGlobalSet(HANG_LIMIT_GLOBAL, - builder.makeConst(int32_t(HANG_LIMIT))); - wasm.addFunction(func); - - if (wasm.getExportOrNull(exportName)) { - // We must export our actual hang limit function - remove anything - // previously existing. - wasm.removeExport(exportName); - } - auto* export_ = new Export; - export_->name = exportName; - export_->value = func->name; - export_->kind = ExternalKind::Function; - wasm.addExport(export_); } void TranslateToFuzzReader::addImportLoggingSupport() { @@ -473,11 +453,17 @@ TranslateToFuzzReader::FunctionCreationContext::~FunctionCreationContext() { } Expression* TranslateToFuzzReader::makeHangLimitCheck() { + // If the hang limit global reaches 0 then we trap and reset it. That allows + // calls to other exports to proceed, with hang checking, after the trap halts + // the currently called export. return builder.makeSequence( builder.makeIf( builder.makeUnary(UnaryOp::EqZInt32, builder.makeGlobalGet(HANG_LIMIT_GLOBAL, Type::i32)), - makeTrivial(Type::unreachable)), + builder.makeSequence( + builder.makeGlobalSet(HANG_LIMIT_GLOBAL, + builder.makeConst(int32_t(HANG_LIMIT))), + builder.makeUnreachable())), builder.makeGlobalSet( HANG_LIMIT_GLOBAL, builder.makeBinary(BinaryOp::SubInt32, diff --git a/src/tools/fuzzing/parameters.h b/src/tools/fuzzing/parameters.h index 1ba7b064f..e92c88210 100644 --- a/src/tools/fuzzing/parameters.h +++ b/src/tools/fuzzing/parameters.h @@ -59,7 +59,7 @@ constexpr Address USABLE_MEMORY = 16; // the number of runtime iterations (function calls, loop backbranches) we // allow before we stop execution with a trap, to prevent hangs. 0 means // no hang protection. -constexpr int HANG_LIMIT = 10; +constexpr int HANG_LIMIT = 100; // constexpr size_t VeryImportant = 4; diff --git a/src/tools/js-wrapper.h b/src/tools/js-wrapper.h index 85bc3d7ba..edee301ca 100644 --- a/src/tools/js-wrapper.h +++ b/src/tools/js-wrapper.h @@ -91,8 +91,6 @@ inline std::string generateJSWrapper(Module& wasm) { continue; // something exported other than a function } auto* func = wasm.getFunction(exp->value); - ret += "if (instance.exports.hangLimitInitializer) " - "instance.exports.hangLimitInitializer();\n"; ret += "try {\n"; ret += std::string(" console.log('[fuzz-exec] calling ") + exp->name.toString() + "');\n"; diff --git a/src/tools/spec-wrapper.h b/src/tools/spec-wrapper.h index 95ead4739..5c0b8cfc8 100644 --- a/src/tools/spec-wrapper.h +++ b/src/tools/spec-wrapper.h @@ -31,8 +31,7 @@ inline std::string generateSpecWrapper(Module& wasm) { if (!func) { continue; // something exported other than a function } - ret += std::string("(invoke \"hangLimitInitializer\") (invoke \"") + - exp->name.toString() + "\" "; + ret += std::string("(invoke \"") + exp->name.toString() + "\" "; for (const auto& param : func->getParams()) { // zeros in arguments TODO more? TODO_SINGLE_COMPOUND(param); diff --git a/src/tools/wasm2c-wrapper.h b/src/tools/wasm2c-wrapper.h index 984a9b53a..53343f2d1 100644 --- a/src/tools/wasm2c-wrapper.h +++ b/src/tools/wasm2c-wrapper.h @@ -137,12 +137,6 @@ int main(int argc, char** argv) { // compile times are O(size * num_setjmps). for (size_t curr = 0;; curr++) { )"; - if (wasm.getExportOrNull("hangLimitInitializer")) { - ret += R"( - // If present, call the hang limit initializer before each export. - (*Z_hangLimitInitializerZ_vv)(); -)"; - } ret += R"( // Prepare to call the export, so we can catch traps. if (WASM_RT_SETJMP(g_jmp_buf) != 0) { |