| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
* run execution results on the same instance, so side effects of memory writes persist, which is the same as when we run the code in a js vm, so we can directly compare
* fuzz only exported functions, not things that opts might remove
* note results in fuzz-exec by export name
|
| |
|
|
|
|
|
| |
* Improve inlining pass to inline single-use functions that are fairly small, which makes it useful for removing unnecessary global constructors from clang.
* Add an inlining-optimizing pass that also optimizes where it inlined, as new opportunities arise. enable that it by default in O2+
* In addition, in -O3+ also inline small functions with multiple uses. This helps a lot with things like safe-int-divide functions (where each int divide is replaced by a safe divide that won't trap). Inlining gets rid of around half of the overhead there.
|
| |
|
| |
Ignoring unreachable code in wasm binaries lets us avoid corner cases with unstructured code in wasm binaries that is a poor fit for Binaryen's structured IR.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Translate assert_return invokes to asm
* Translate assert_trap tests to JS
* Enable wasm2asm tests
* Fix wasm2asm translation of store
* Update ubuntu nodejs in Travis
* Free JSPrinter buffer
* Use unique_ptr for Functions to prevent leaks
* Add tests for assert translation
|
| |
|
|
| |
* emit optimal-size LEBs in section/subsection/function body sizes, instead of preallocating 5 bytes
|
| |
|
|
|
|
| |
This adds a new method of fuzzing, "translate to fuzz" which means we consider the input to be a stream of data that we translate into a valid wasm module. It's sort of like a random seed for a process that creates a random wasm module. By using the input that way, we can explore the space of valid wasm modules quickly, and it makes afl-fuzz integration easy.
Also adds a "fuzz binary" option which is similar to "fuzz execution". It makes wasm-opt not only execute the code before and after opts, but also write to binary and read from it, helping to fuzz the binary format.
|
| |
|
|
| |
value may be depended on (#1127)
|
| |
|
|
|
|
|
|
| |
* improve inlining pass to inline single-use functions that are fairly small, which makes it useful for removing unnecessary global constructors from clang. add an inlining-optimizing pass that also optimizes where it inlined, as new opportunities arise. enable that it by default in O2+
* fix a bug where we didn't run all passes properly - refactor addDefaultGlobalOptimizationPasses() into a pre and post version. we can only run the post version in incremental optimizing builds (functions appear one by one, we optimize them first, and do global stuff when all are done), but can run both when doing a full optimize
* copy in inlining, allowing multiple inlinings of the same function in the future
|
| |\
| |
| | |
Yet more fuzz fixes
|
| | |
| |
| |
| | |
middle
|
| | |
| |
| |
| | |
be invalid. stop on the unreachable, it is easier and better
|
| | |
| |
| |
| | |
final element (which is never reached)
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
branches to them are interchangeable
|
| | |
| |
| |
| | |
unreachable
|
| | | |
|
| | |
| |
| |
| | |
which can cause type changes in the outside. dce should be run on that anyhow
|
| |/
|
| |
* Rotations, popcnt, ctz, etc
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Get wasm2asm building again
Updates CMakeLists.txt to have wasm2asm built by default, updates
wasm2asm.h to account for recent interface changes, and restores
JSPrinter functionality.
* Implement splice for array values
* Clean up wasm2asm testing
* Print semicolons after statements in blocks
* Cleanups and semicolons for condition arms
* Prettify semicolon emission
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Emit valid wasm binaries even for corner cases of unreachable code.
* emit an unreachable after a node that pushes a value that has unreachable type (where wasm type checking would have pushed a concrete type)
* conversely, as a hack, emulate the wasm polymorphic stack mode by not emptying the stack when it has one element and that element is unreachable. this lets further pops work (all returning an unreachable element)
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
overflows, it is not vali to just add them
|
| | |
| |
| |
| | |
each other - it is not enough to check side effects, we must check the interaction as well
|
| | |
| |
| |
| | |
unreachable stacky code which may introduce concrete elements in non-final block positoins
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
for a 32-bit shift
|
| |/
|
|
| |
a negative value to a positive one, as trapping is tricky
|
| |
|
|
| |
comma, it can't be a coersion (or that would have been the parent), so there is no coercion, so the result type is none (#1115)
|
| |\
| |
| | |
Fuzz fixes
|
| | |
| |
| |
| | |
to consider type changes for its parent (changing it from a forced i32 to an unreachable might mean the parent needs to become unreachable too)
|
| | | |
|
| |/ |
|
| |
|
|
|
|
| |
* Teach EffectAnalyzer not to reorder atomics wrt other memory operations.
* Teach EffectAnalyzer not to reorder host operations with memory operations
* Teach various passes about the operands of AtomicRMW and AtomicCmpxchg
* Factor out some functions in DeadCodeElimination and MergeBlocks
|
| | |
|
| |
|
|
| |
type is unreachable (#1102)
|
| |\
| |
| | |
Yet more fuzz fixes
|
| | | |
|
| | |
| |
| |
| | |
when removed
|
| | |
| |
| |
| | |
its outer block, we need to finalize the if first and then the block containing it
|
| | |
| |
| |
| | |
to. since that's a fairly specific functionality needed in removeUnusedBrs, move it to there
|
