| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
* if a block has a concrete final element (or a break with a value), then even if it has an unreachable child, keep it with that concrete type. this means we no longe allow the silly case of a block with an unreachable in the middle and a concrete as the final element while the block is unreachable - after this change, the block would have the type of the final element
* if an if has a concrete element in one arm, make it have that type as a result, even if the if condition is unreachable, to parallel block
* make type rules for brs and switches simpler, ignore whether they are reachable or not. whether they are dead code should not affect how they influence other types in our IR.
|
| |
|
| |
Reduce an interesting wasm to a smaller still interesting wasm. This takes an arbitrary command to run, and reduces the wasm as much as it can while keeping the behavior of that command fixed. This can be used to reduce compiler bugs in an arbitrary VM, etc.
|
| | |
|
| | |
|
| |\
| |
| | |
Fuzz fixes
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
| |
Adds --safe-heap which instruments the code to check heap loads and stores for validity (null pointer derefs, within range of valid sbrk memory, and alignment). Used in SAFE_HEAP in emscripten.
|
| |
|
|
| |
with a value from the current state, not just set the global state as to whether we can flow or not (as it will be set later by other things)
|
| |
|
|
| |
remove-unused-brs, as they are dead code anyhow, and it is pointless to work hard to handle the type changes
|
| | |
|
| |
|
|
| |
special handling to emit valid code
|
| | |
|
| |
|
|
| |
for now this is linux-only as it uses popen etc.
|
| |
|
|
| |
etc. don't always return a constant, but may return the result of computation
|
| |
|
|
| |
almost fails)
|
| |
|
| |
According to spec at https://github.com/WebAssembly/threads/blob/master/proposals/threads/Overview.md#wait-and-wake-operators
|
| |
|
|
| |
* Added BinaryenModulePrintAsmjs (using wasm2asm) + Module#emitAsmjs JS binding
|
| |
|
|
|
|
|
|
| |
* run execution results on the same instance, so side effects of memory writes persist, which is the same as when we run the code in a js vm, so we can directly compare
* fuzz only exported functions, not things that opts might remove
* note results in fuzz-exec by export name
|
| |
|
|
|
|
|
| |
* Improve inlining pass to inline single-use functions that are fairly small, which makes it useful for removing unnecessary global constructors from clang.
* Add an inlining-optimizing pass that also optimizes where it inlined, as new opportunities arise. enable that it by default in O2+
* In addition, in -O3+ also inline small functions with multiple uses. This helps a lot with things like safe-int-divide functions (where each int divide is replaced by a safe divide that won't trap). Inlining gets rid of around half of the overhead there.
|
| |
|
| |
Ignoring unreachable code in wasm binaries lets us avoid corner cases with unstructured code in wasm binaries that is a poor fit for Binaryen's structured IR.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Translate assert_return invokes to asm
* Translate assert_trap tests to JS
* Enable wasm2asm tests
* Fix wasm2asm translation of store
* Update ubuntu nodejs in Travis
* Free JSPrinter buffer
* Use unique_ptr for Functions to prevent leaks
* Add tests for assert translation
|
| |
|
|
| |
* emit optimal-size LEBs in section/subsection/function body sizes, instead of preallocating 5 bytes
|
| |
|
|
|
|
| |
This adds a new method of fuzzing, "translate to fuzz" which means we consider the input to be a stream of data that we translate into a valid wasm module. It's sort of like a random seed for a process that creates a random wasm module. By using the input that way, we can explore the space of valid wasm modules quickly, and it makes afl-fuzz integration easy.
Also adds a "fuzz binary" option which is similar to "fuzz execution". It makes wasm-opt not only execute the code before and after opts, but also write to binary and read from it, helping to fuzz the binary format.
|
| |
|
|
| |
value may be depended on (#1127)
|
| |
|
|
|
|
|
|
| |
* improve inlining pass to inline single-use functions that are fairly small, which makes it useful for removing unnecessary global constructors from clang. add an inlining-optimizing pass that also optimizes where it inlined, as new opportunities arise. enable that it by default in O2+
* fix a bug where we didn't run all passes properly - refactor addDefaultGlobalOptimizationPasses() into a pre and post version. we can only run the post version in incremental optimizing builds (functions appear one by one, we optimize them first, and do global stuff when all are done), but can run both when doing a full optimize
* copy in inlining, allowing multiple inlinings of the same function in the future
|
| |\
| |
| | |
Yet more fuzz fixes
|
| | |
| |
| |
| | |
middle
|
| | |
| |
| |
| | |
be invalid. stop on the unreachable, it is easier and better
|
| | |
| |
| |
| | |
final element (which is never reached)
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
branches to them are interchangeable
|
| | |
| |
| |
| | |
unreachable
|
| | | |
|
| | |
| |
| |
| | |
which can cause type changes in the outside. dce should be run on that anyhow
|
| |/
|
| |
* Rotations, popcnt, ctz, etc
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Get wasm2asm building again
Updates CMakeLists.txt to have wasm2asm built by default, updates
wasm2asm.h to account for recent interface changes, and restores
JSPrinter functionality.
* Implement splice for array values
* Clean up wasm2asm testing
* Print semicolons after statements in blocks
* Cleanups and semicolons for condition arms
* Prettify semicolon emission
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Emit valid wasm binaries even for corner cases of unreachable code.
* emit an unreachable after a node that pushes a value that has unreachable type (where wasm type checking would have pushed a concrete type)
* conversely, as a hack, emulate the wasm polymorphic stack mode by not emptying the stack when it has one element and that element is unreachable. this lets further pops work (all returning an unreachable element)
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
overflows, it is not vali to just add them
|
