| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
The special-casing of unreachable there could lead to bad
behavior, where we did nothing to the unreachable and ended
up moving something with side effects before it, see testcase
in test/passes/flatten_all-features.wast.
This emits less efficient code, but only if --dce was not run
earlier, so probably not worth optimizing.
|
| |
|
|
| |
We need the memory to be exported in order to read and
write stuff for the asyncify data structure.
|
| | |
|
| | |
|
| |
|
|
| |
Remove rmtree call from check.py & auto_update_tests.py
|
| |
|
|
|
|
| |
Push and Pop have been superseded by tuples for their original
intended purpose of supporting multivalue. Pop is still used to
represent block arguments for exception handling, but there are no
plans to use Push for anything now or in the future.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
These are now implemented in assembly as part of emscripten's
compiler-rt.
See: https://github.com/emscripten-core/emscripten/pull/11166
|
| |
|
|
|
|
|
| |
- `br_on_exn`'s target block cannot be optimized to have a separate
return value. This handles that in `SimplifyLocals`.
- `br_on_exn` and `rethrow` can trap (when the arg is null). This
handles that in `EffectAnalyzer`.
- Fix a few nits
|
| |
|
|
| |
This is the only instruction in the current spec proposal that had not
yet been implemnented in the tools.
|
| |
|
|
| |
Turns out we had a testcase for this already, but were doing the
wrong thing on it.
|
| |
|
|
|
|
|
|
|
|
| |
This change was generated by running:
$ ./scripts/test/generate_lld_tests.py --binaryen-bin=$PWD/../binaryen-out/bin/ $PWD/../llvm-build/bin/ $PWD/../emscripten
Then:
$ ./auto_update_tests.py --binaryen-bin=../binaryen-out/bin/ lld
|
| |
|
|
|
| |
This test verifies that functions in the llvm input source that
do stack pointer manipulation get correctly handled by
`wasm-emscripten-finalize --check-stack-overflow` (StackLimitEnforcer)
|
| |
|
|
|
|
| |
That is only for the old source maps logic, not DWARF, and it is
only useful to debug source maps (it's not actually useful for
regular users that see the message) which we do not plan to do
since DWARF is the future.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In `ReFinalize`'s branch handling, `updateBreakValueType` is supposed to
be executed only when the branch itself is not replaced with its
argument (because it is guaranteed not to be taken).
Also this moves `visitBrOnExn` from `RuntimeExpressionRunner` to its
base class `ExpressionRunner`, because it does not depend on anything on
the runtime instance to work. This is effectively NFC for now because
`visitTry` is still only implemented only in `RuntimeExpressionRunner`
because it relies on multivalue handling of it, and without it we cannot
create a valid exception `Literal`.
|
| |
|
|
| |
This should allow https://github.com/emscripten-core/emscripten/pull/11166
to land, afterwhich we can completely remove these functions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we were able to omit the new syntax `do` when `try` body is
empty. This makes `do` clause mandatory, so when a `try` body is empty,
the folded text format will be
```
(try
(do)
(catch
...
)
```
Suggested in
https://github.com/WebAssembly/exception-handling/issues/52#issuecomment-626696720.
|
| |
|
|
|
|
|
| |
This adds support for `throw`, `rethrow`, and `br_on_exn` in
MergeBlocks. While unrelated instructions within blocks can be hoisted
as in other instructions, `br_on_exn` requires a special handling in
`ProblemFinder`, because unlike `br_if`, its `exnref` argument itself
cannot be moved out of `br_on_exn`.
|
| |
|
| |
As specified in https://github.com/WebAssembly/simd/pull/122.
|
| |
|
|
|
|
|
| |
Currently the fuzzer only generate a script for wasm-reduce only when it
first discovers a case and doesn't do that when a seed is given. But
when you get a bug report with a seed or you want to reproduce the
situation, is still helpful if the fuzzer generates a reduce script for
you.
|
| |
|
|
|
|
| |
This API enables use cases where we want to keep the original expression, yet utilize passes like `vacuum` or `precompute` to evaluate it without implicitly modifying the original.
C-API: **BinaryenExpressionCopy**(expr, module)
JS-API: **Module#copyExpression**(expr)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In WebAssembly/exception-handling#52, We decided to put `try` bodies in
a `do` clause to be more consistent with `catch`.
- Before
```wast
(try
...
(catch
...
)
)
```
- After
```wast
(try
(do
...
)
(catch
...
)
)
```
Another upside of this change is when there are multiple instructions
within a `try` body, we no longer need to wrap them in a `block`.
|
| |
|
|
| |
This adds missing handlings for `throw` and `rethrow` in DCE. They
should set `reachable` variable to `false`, like other branches.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This feature was very useful in the early days of the C API,
but has not shown usefuless for quite a while, and has a
significant maintenance burden, so it it's makes sense to
remove it now.
|
| |
|
|
|
|
|
| |
Turned out that the behavior of MODULARIZE_INSTANCE, which has
been removed from Emscripten lately, cannot be easily reproduced
using MODULARIZE. So, instead of modularizing and attempting to
undo it, this just uses some good old wrapper code to achieve the same.
|
| |
|
|
| |
This hopefully fixes a build problem on older GCC as reported in
#2827.
|
| |
|
|
|
|
|
| |
Use --emit-target-features and --detect-features.
Rename Asyncify handler temp files (I happened to notice they overwrote other files, which was annoying.
Fixes #2831
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this, when it finds a bug all you need to do is copy-paste
a single line and it runs the reducer. To do that, it creates a
reducer script and fills it out for you. The script has all the docs
we used to print out to the console, so the console output is
more focused and concise now.
In most cases just running the single line it suggests should
work, however I found that it doesn't always. One reason is
#2831
Also add a missing sys.exit(1), without which we returned 0
despite printing out an error on a failing testcase.
|
| |
|
|
| |
MODULARIZE_INSTANCE (#2834)
|
| |
|
|
|
|
|
|
|
| |
This adds interpreter support for EH instructions. This adds
`ExceptionPackage` struct, which contains info of a thrown exception (an
event tag and thrown values), and the union in `Literal` can take a
`unique_ptr` to `ExceptionPackage`. We need a destructor, a copy
constructor, and an assignment operator for `Literal`, because the union
in `Literal` now has a member that cannot be trivially copied or
deleted.
|
| |
|
|
|
|
| |
(#2830)
We need to find another approach than MODULARIZE_INSTANCE, which
is not trivial. This unbreaks CI for now.
|
| |
|
|
|
|
|
| |
GCC complains that the enclosing class of the constexpr member
function is not a literal type. This change removes the constexpr
qualifier to fix the GCC build.
Fixes #2827.
|
| |
|
|
|
|
|
|
|
|
|
| |
Even though `Release` is the default configuration for make better
to be explicit.
Also, for windows build we need to make sure we pass `--config Release`
when actually building since the projects files will build Debug by
default regardless of CMAKE_BUILD_TYPE.
Fixes: #2825
|
| |
|
| |
As described in https://github.com/WebAssembly/simd/pull/209.
|
| |
|
|
|
|
|
| |
This allows emscripten to statically set the initial value of the
stack pointer.
Should allow use to avoid doing it dynamically at startup:
https://github.com/emscripten-core/emscripten/pull/11031
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't run wasm2c2wasm on large wasm files, as it can OOM the VM.
I've seen this happen on a single wasm on multiple engines, so it's not
a specific engine bug. Sticking to below-average wasm sizes seems ok.
That change means that we check if a vm can run on a per-wasm basis.
That required some refactoring as it means we may be able to run on
the "before" wasm but not the "after" one, or vice versa.
Fix a tiny nondeterminism issue with iterating on a set().
Some tiny docs improvements to the error shown when a bug is found.
|
| |
|
|
| |
This list is identical to the export list no there is no need to
output this twice.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This builds on recent work for deterministic reproduction of fuzzer
testcases using IDs. With that, we can remove all the old auto-reduction
code and make something very similar possible for all* things the
fuzzer script checks for.
The idea is simple: if you run the fuzzer script and it finds a bug,
it prints out the ID it found it with. If you then run
fuzz_opt.py ID
then it runs that exact testcase again, deterministically, making
all the same random choices it made before. The new addition
in this PR is that you can do
fuzz_opt.py ID WASM
which also adds a wasm file. If provided, we still randomly
generate one in the fuzzer script (so that later random numbers
are the same) but we swap in that provided wasm. This then
lets wasm-reduce drive fuzz_opt.py itself as a whole. No more
extracting a testcase and all its commands, it's all done for you.
The fuzzer script will print out hopefully-useful text when it finds
a bug, something like this:
================================================================================
You found a bug! Please report it with
seed: 4671273171120144526
and the exact version of Binaryen you found it on, plus the exact Python
version (hopefully deterministic random numbers will be identical).
You can run that testcase again with "fuzz_opt.py 4671273171120144526"
The initial wasm file used here is saved as /home/username/binaryen/out/test/original.wasm
You can try to reduce the testcase with
wasm-reduce /home/username/binaryen/out/test/original.wasm '--command=bash reduce.sh' -t /home/username/binaryen/out/test/t.wasm -w /home/username/binaryen/out/test/w.wasm
where "reduce.sh" is something like
# check the input is even a valid wasm file
bin/wasm-opt /home/username/binaryen/out/test/t.wasm
echo $?
# run the command
./scripts/fuzz_opt.py 4671273171120144526 /home/username/binaryen/out/test/t.wasm > o 2> e
cat o | tail -n 10
echo $?
You may want to adjust what is printed there: in the example we save stdout
and stderr separately and then print (so that wasm-reduce can see it) what we
think is the relevant part of that output. Make sure that includes the right
details, and preferably no more (less details allow more reduction, but raise
the risk of it reducing to something you don't quite want).
You may also need to add --timeout 5 or such if the testcase is a slow one.
================================================================================
The text has full instructions to run the reducer, which should
work in almost all cases - see (*) note below. Because of that
corner case I think it's safer to not run the reducer automatically,
but it's just a quick copy-paste away, and the user can then adjust
the reduce.sh script if necessary.
(*) Well, almost any. There are some corner cases, such as if the
fuzzer generator includes bounds checks in the wasm, reduction
might remove them. We can fix this eventually by making the
bounds checks additions a pass that can be run after the fuzzer
generator, but meanwhile you can work around this by making the
reduction script look for the right thing (i.e. if all it looks for is a
failing return code, that won't be enough as a removed bounds
check will fail but on something else).
|
| |
|
|
|
|
| |
The refactoring of the loop in #2812 was wrong - we need to
loop over all the exports and ignore the non-function ones.
Rewrote it to stress that part.
|
| |
|
|
|
| |
Just like the parent wasm2c, with NaNs don't compare to self before
and after optimizations. The binaryen optimizer does different things than the
LLVM optimizer there, and NaN bits can change.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tackles the concerns raised in https://github.com/WebAssembly/binaryen/issues/2797 directly related to https://github.com/WebAssembly/binaryen/pull/2702 by reverting merging all of `PrecomputeExpressionRunner` into the base `ExpressionRunner`, instead adding a common base for both the precompute pass and the new C-API to inherit. No functional changes.
---
### Current hierarchy after https://github.com/WebAssembly/binaryen/pull/2702 is
```
ExpressionRunner
├ [PrecomputeExpressionRunner]
├ [CExpressionRunner]
├ ConstantExpressionRunner
└ RuntimeExpressionRunner
```
where `ExpressionRunner` contains functionality not utilized by `ConstantExpressionRunner` and `RuntimeExpressionRunner`.
### New hierarchy will be:
```
ExpressionRunner
├ ConstantExpressionRunner
│ ├ [PrecomputeExpressionRunner]
│ └ [CExpressionRunner]
├ InitializerExpressionRunner
└ RuntimeExpressionRunner
```
with the precompute pass's and the C-API's shared functionality now moved out of `ExpressionRunner` into a new `ConstantExpressionRunner`. Also renames the previous `ConstantExpressionRunner` to `InitializerExpressionRunner` to [better represent its uses](https://webassembly.org/docs/modules/#initializer-expression) and to make its previous name usable for the new intermediate template, where it fits perfectly. Also adds a few comments answering some of the questions that came up recently.
### Old hierarchy before https://github.com/WebAssembly/binaryen/pull/2702 for comparison:
```
ExpressionRunner
├ [PrecomputeExpressionRunner]
├ ConstantExpressionRunner
└ RuntimeExpressionRunner
```
|
| |
|
|
|
|
| |
Avoid pass-debug when fuzzing emcc, as it can be slow and isn't
what we care about.
Clean up a loop.
|
| | |
|
| |
|
|
|
|
| |
These tests are now optional. However, if you run them and the
build is not found they will now error out, in order to avoid silently
failing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had some ad-hoc tuning of which nodes to emit more
frequently in the fuzzer, but it wasn't very good. Things like
loads and stores for example were far too rare. Also it wasn't
easy to adjust the frequencies.
This adds a simple way to adjust them, by passing a size_t
which is the "weight" of that node. Then it just makes that
number of copies of it, making it more likely to be picked.
Example output comparison:
node before after
================================
binary 281 365
block 898 649
break 278 144
call 182 290
call_indirect 9 42
const 808 854
drop 43 92
global.get 440 398
global.set 223 171
if 335 254
load 22 84
local.get 429 301
local.set 434 211
loop 176 99
nop 117 54
return 264 197
select 8 33
store 1 39
unary 405 304
unreachable 1 2
Lots of noise here obviously, but there are large increases
for loads and stores compared to before.
Also add a testcase of random data of the typical size the
fuzzer runs, and print metrics on it. This might help us get
a feel for how future tuning changes affect frequencies.
|
| |
|
| |
Since the --roundtrip pass is more general than --fuzz-binary anyways. Also reimplements `ModuleUtils::clearModule` to use the module destructor and placement new to ensure that no members are missed.
|
