Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Experimental integration with binaryen#219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
nth10sd merged 14 commits intoMozillaSecurity:masterfromnth10sd:binaryen-take-1
Dec 29, 2018

Conversation

@nth10sd
Copy link
Contributor

Here's a first take on the integration with binaryen for experimental deployment.

It uses stdout output from jsfunfuzz, e.g. fromw1-out.txt to act as the seed for binaryen. If an issue (e.g. a crash) is found, the wrapper and wasm files are zipped up to be submitted to FuzzManager.

I ran some crashing testcases in another branch to see that this experimentally seems to work.

Caveats:

  • Due toa bug in binaryen, the version is restricted to binaryen v52 for now
  • Note that after a bug involving a wasm testcase is found,pinpoint and henceautobisectjs auto-integration do not understand multiple testcase input, e.g../js wrapper.js wasm.file, so all of such reports to FuzzManager will have quality 10 for now.

I would like to get this in quickly to see if:

  • wasm bugs can be reported via the harness
  • see if this tweaks our coverage story.

@jschwartzentruber just asking for a cursory glance here, how does this sound?

@codecov-io
Copy link

codecov-io commentedDec 28, 2018
edited
Loading

Codecov Report

Merging#219 intomaster willincrease coverage by1.93%.
The diff coverage is55.25%.

Impacted file tree graph

@@            Coverage Diff             @@##           master     #219      +/-   ##==========================================+ Coverage   44.51%   46.45%   +1.93%==========================================  Files          39       43       +4       Lines        2736     2878     +142     ==========================================+ Hits         1218     1337     +119- Misses       1518     1541      +23
Impacted FilesCoverage Δ
src/funfuzz/js/js_interesting.py17.85% <0%> (+0.38%)⬆️
tests/js/test_with_binaryen.py100% <100%> (ø)
src/funfuzz/util/file_system_helpers.py100% <100%> (ø)
tests/util/test_file_system_helpers.py100% <100%> (ø)
src/funfuzz/js/compare_jit.py15.84% <14.28%> (+0.46%)⬆️
src/funfuzz/js/loop.py15.78% <6.59%> (-0.04%)⬇️
src/funfuzz/js/with_binaryen.py82.75% <82.75%> (ø)
... and1 more

Continue to review full report at Codecov.

Legend -Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing data
Powered byCodecov. Last update240a346...29244f7. Read thecomment docs.

@nth10sd
Copy link
ContributorAuthor

==> forkjoin-10-out.txt <==/tmp/tmp8lwivi5iloop10/w1-cj-initial-r4 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w1-cj-initial-r5 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w1-cj-initial-r6 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w1-cj-initial-r7 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w1-cj-initial-r8 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w1-cj-initial-r9 |   0.2s | 0 | fine/tmp/tmp8lwivi5iloop10/w2 |  17.8s | 0 | fine/tmp/tmp8lwivi5iloop10/w2-wasm |   0.3s | 0 | fine/tmp/tmp8lwivi5iloop10/w2-cj-initial-r0 |   0.4s | 0 | fine/tmp/tmp8lwivi5iloop10/w2-cj-initial-r1 |   0.6s | 0 | fine==> forkjoin-11-out.txt <==/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r4 |   0.2s | 0 | fine/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r5 |   0.2s | 0 | fine/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r6 |   0.2s | 0 | fine/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r7 |   0.2s | 0 | fine/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r8 |   0.6s | 0 | fine/tmp/tmpmuxmvk7jloop11/w1-cj-initial-r9 |   0.6s | 0 | fine/tmp/tmpmuxmvk7jloop11/w2 |  13.5s | 0 | fine/tmp/tmpmuxmvk7jloop11/w2-wasm |   0.3s | 0 | fine/tmp/tmpmuxmvk7jloop11/w2-cj-initial-r0 |   0.3s | 0 | fine/tmp/tmpmuxmvk7jloop11/w2-cj-initial-r1 |   3.7s | 0 | fine

Sample running logs.

I'll just land this as it is merely an if statement that activates the integration once tests pass.

@nth10sdnth10sd removed the request for review fromjschwartzentruberDecember 28, 2018 22:53
…it, round-tripping the wasm file back into the js shell. Also break up the many_timed_run function.
@nth10sd
Copy link
ContributorAuthor

I'll land this first. The experiment has already proved a success with the discovery of bug 1516720.

@nth10sdnth10sd merged commit1223f38 intoMozillaSecurity:masterDec 29, 2018
@nth10sdnth10sd deleted the binaryen-take-1 branchDecember 29, 2018 00:23
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

No reviews

Assignees

@nth10sdnth10sd

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nth10sd@codecov-io
[8]ページ先頭
©2009-2025 Movatter.jp