[Fuzzing] Use initial contents in ClusterFuzz#7192
[Fuzzing] Use initial contents in ClusterFuzz#7192kripken merged 50 commits intoWebAssembly:mainfrom
Conversation
|
|
||
| from test import fuzzing # noqa | ||
| from test import shared # noqa | ||
| from test import support # noqa |
There was a problem hiding this comment.
What lints are we skipping here?
There was a problem hiding this comment.
The one that imports must be on top (which we can't do because of lines 83-89, which I can't think of a nice alternative to).
| features = [ | ||
| '-all', | ||
| '--disable-shared-everything', | ||
| '--disable-fp16', | ||
| ] |
There was a problem hiding this comment.
Would it be feasible to deduplicate these into a shared location?
There was a problem hiding this comment.
Not trivially, since run.py is not part of the normal "tree". We never run it as part of our own code, only after being packaged for ClusterFuzz. So we don't have the normal shared locations. I suppose we could have a file that we import locally and copy over for ClusterFuzz, but given this is just a few lines, that seems a bit excessive to me.
| # Write initial/num.txt which contains the number of testcases in that | ||
| # directory (saves run.py from needing to listdir each time). |
There was a problem hiding this comment.
Does this make a measurable performance difference?
There was a problem hiding this comment.
I can't measure this on ClusterFuzz itself, which is where it really matters. But imagine that ClusterFuzz might start to move to calling run.py more times for fewer testcases (rather than once for 1,000, it could do 1000 for single testcases each), then this constant overhead could matter.
|
|
||
| # Replace the wasm files and write them out. | ||
| js = re.sub(r'var \w+ = new Uint8Array\(\[([\d,]+)\]\);', repl, js) | ||
| js = re.sub(r'var \w+ = new Uint8Array\(\[([\d,]+)\]\)', repl, js) |
There was a problem hiding this comment.
Because now we can have one of the new comments between this and the semicolon. Detecting that would make this complicated for no useful reason (and adding the comment after the semicolon would be a little annoying in run.py).
(Sorry if this wasn't clear enough in the description.)
Co-authored-by: Thomas Lively <tlively123@gmail.com>
2 participants
The ClusterFuzz bundler now looks through all of our test suites and
packages all testcases that are suitable for ClusterFuzz to use. This adds
more variety to the wasm files we fuzz there, as the test suite has
corner cases that the main fuzzer is unlikely to generate.
This adds a comment in the JS whenever it uses initial content, to
make debugging easier, something like
(this is the reason for the change to
extract_wasms.py).