From 7cc509f54a759034fbff57fae64e142ad15cc097 Mon Sep 17 00:00:00 2001 From: Alon Zakai Date: Wed, 10 Apr 2019 10:16:57 -0700 Subject: Fuzz fixes (#1991) Get fuzzer to attempt to create almost all features. Pass v8 all the flags to allow that. Fix fuzz bugs where we read signed_ even when it was irrelevant for that type of load. Improve wasm-reduce on fuzz testcases, try to replace a node with drops of its children, not just the children themselves. --- scripts/fuzz_opt.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'scripts/fuzz_opt.py') diff --git a/scripts/fuzz_opt.py b/scripts/fuzz_opt.py index d3d2ea6e2..1cb561289 100644 --- a/scripts/fuzz_opt.py +++ b/scripts/fuzz_opt.py @@ -28,9 +28,21 @@ from test.shared import options NANS = True -FUZZ_OPTS = ['--mvp-features'] +FUZZ_OPTS = ['--all-features', '--disable-simd', '--disable-bulk-memory'] + +V8_OPTS = [ + '--experimental-wasm-eh', + '--experimental-wasm-mv', + '--experimental-wasm-sat-f2i-conversions', + '--experimental-wasm-se', + '--experimental-wasm-threads', + '--experimental-wasm-simd', + '--experimental-wasm-anyref', + '--experimental-wasm-bulk-memory', + '--experimental-wasm-return-call' +] -INPUT_SIZE_LIMIT = 250 * 1024 +INPUT_SIZE_LIMIT = 150 * 1024 LOG_LIMIT = 125 @@ -126,7 +138,7 @@ def run_vms(prefix): results = [] # append to this list to add results from VMs results += [fix_output(run_vm([in_bin('wasm-opt'), prefix + 'wasm', '--fuzz-exec-before']))] - results += [fix_output(run_vm([os.path.expanduser('d8'), prefix + 'js', '--', prefix + 'wasm']))] + results += [fix_output(run_vm([os.path.expanduser('d8'), prefix + 'js'] + V8_OPTS + ['--', prefix + 'wasm']))] # results += [fix_output(run_vm([os.path.expanduser('~/.jsvu/jsc'), prefix + 'js', '--', prefix + 'wasm']))] # spec has no mechanism to not halt on a trap. so we just check until the first trap, basically # run(['../spec/interpreter/wasm', prefix + 'wasm']) -- cgit v1.2.3