[fuzzer] Remove the wasm section fuzzers

The fuzzers were already removed on the chrome side and therefore
inactive, see https://crrev.com/c/1194228.

R=machenbach@chromium.org

Bug: v8:8562
Change-Id: I0cf5ec6d07e07452c5168ea952f45028bcea1c85
Reviewed-on: https://chromium-review.googlesource.com/c/1406678
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58750}
This commit is contained in:
Andreas Haas 2019-01-11 15:40:22 +01:00 committed by Commit Bot
parent 94d84cc934
commit b9854da1ec
19 changed files with 2 additions and 282 deletions

147
BUILD.gn
View File

@ -3511,14 +3511,7 @@ group("v8_fuzzers") {
":v8_simple_wasm_async_fuzzer", ":v8_simple_wasm_async_fuzzer",
":v8_simple_wasm_code_fuzzer", ":v8_simple_wasm_code_fuzzer",
":v8_simple_wasm_compile_fuzzer", ":v8_simple_wasm_compile_fuzzer",
":v8_simple_wasm_data_section_fuzzer",
":v8_simple_wasm_function_sigs_section_fuzzer",
":v8_simple_wasm_fuzzer", ":v8_simple_wasm_fuzzer",
":v8_simple_wasm_globals_section_fuzzer",
":v8_simple_wasm_imports_section_fuzzer",
":v8_simple_wasm_memory_section_fuzzer",
":v8_simple_wasm_names_section_fuzzer",
":v8_simple_wasm_types_section_fuzzer",
] ]
} }
@ -3907,146 +3900,6 @@ v8_source_set("lib_wasm_fuzzer_common") {
] ]
} }
v8_source_set("wasm_types_section_fuzzer") {
sources = [
"test/fuzzer/wasm-types-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_types_section_fuzzer") {
}
v8_source_set("wasm_names_section_fuzzer") {
sources = [
"test/fuzzer/wasm-names-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_names_section_fuzzer") {
}
v8_source_set("wasm_globals_section_fuzzer") {
sources = [
"test/fuzzer/wasm-globals-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_globals_section_fuzzer") {
}
v8_source_set("wasm_imports_section_fuzzer") {
sources = [
"test/fuzzer/wasm-imports-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_imports_section_fuzzer") {
}
v8_source_set("wasm_function_sigs_section_fuzzer") {
sources = [
"test/fuzzer/wasm-function-sigs-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_function_sigs_section_fuzzer") {
}
v8_source_set("wasm_memory_section_fuzzer") {
sources = [
"test/fuzzer/wasm-memory-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_memory_section_fuzzer") {
}
v8_source_set("wasm_data_section_fuzzer") {
sources = [
"test/fuzzer/wasm-data-section.cc",
]
deps = [
":fuzzer_support",
":lib_wasm_fuzzer_common",
":wasm_module_runner",
]
configs = [
":external_config",
":internal_config_base",
]
}
v8_fuzzer("wasm_data_section_fuzzer") {
}
v8_source_set("wasm_compile_fuzzer") { v8_source_set("wasm_compile_fuzzer") {
sources = [ sources = [
"test/common/wasm/test-signatures.h", "test/common/wasm/test-signatures.h",

View File

@ -22,12 +22,5 @@ group("v8_fuzzer") {
"./wasm_async/", "./wasm_async/",
"./wasm_code/", "./wasm_code/",
"./wasm_compile/", "./wasm_compile/",
"./wasm_data_section/",
"./wasm_function_sigs_section/",
"./wasm_globals_section/",
"./wasm_imports_section/",
"./wasm_memory_section/",
"./wasm_names_section/",
"./wasm_types_section/",
] ]
} }

View File

@ -15,10 +15,7 @@ class VariantsGenerator(testsuite.VariantsGenerator):
class TestSuite(testsuite.TestSuite): class TestSuite(testsuite.TestSuite):
SUB_TESTS = ( 'json', 'parser', 'regexp_builtins', 'regexp', 'multi_return', 'wasm', SUB_TESTS = ( 'json', 'parser', 'regexp_builtins', 'regexp', 'multi_return', 'wasm',
'wasm_async', 'wasm_code', 'wasm_compile', 'wasm_async', 'wasm_code', 'wasm_compile')
'wasm_data_section', 'wasm_function_sigs_section',
'wasm_globals_section', 'wasm_imports_section', 'wasm_memory_section',
'wasm_names_section', 'wasm_types_section' )
def ListTests(self): def ListTests(self):
tests = [] tests = []

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kDataSectionCode, data, size);
}

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kFunctionSectionCode, data, size);
}

View File

@ -24,49 +24,6 @@ namespace internal {
namespace wasm { namespace wasm {
namespace fuzzer { namespace fuzzer {
static constexpr const char* kNameString = "name";
static constexpr size_t kNameStringLength = 4;
int FuzzWasmSection(SectionCode section, const uint8_t* data, size_t size) {
v8_fuzzer::FuzzerSupport* support = v8_fuzzer::FuzzerSupport::Get();
v8::Isolate* isolate = support->GetIsolate();
i::Isolate* i_isolate = reinterpret_cast<Isolate*>(isolate);
// Clear any pending exceptions from a prior run.
i_isolate->clear_pending_exception();
v8::Isolate::Scope isolate_scope(isolate);
v8::HandleScope handle_scope(isolate);
v8::Context::Scope context_scope(support->GetContext());
v8::TryCatch try_catch(isolate);
AccountingAllocator allocator;
Zone zone(&allocator, ZONE_NAME);
ZoneBuffer buffer(&zone);
buffer.write_u32(kWasmMagic);
buffer.write_u32(kWasmVersion);
if (section == kNameSectionCode) {
buffer.write_u8(kUnknownSectionCode);
buffer.write_size(size + kNameStringLength + 1);
buffer.write_u8(kNameStringLength);
buffer.write(reinterpret_cast<const uint8_t*>(kNameString),
kNameStringLength);
buffer.write(data, size);
} else {
buffer.write_u8(section);
buffer.write_size(size);
buffer.write(data, size);
}
ErrorThrower thrower(i_isolate, "decoder");
testing::DecodeWasmModuleForTesting(i_isolate, &thrower, buffer.begin(),
buffer.end(), kWasmOrigin);
return 0;
}
void InterpretAndExecuteModule(i::Isolate* isolate, void InterpretAndExecuteModule(i::Isolate* isolate,
Handle<WasmModuleObject> module_object) { Handle<WasmModuleObject> module_object) {
// We do not instantiate the module if there is a start function, because a // We do not instantiate the module if there is a start function, because a

View File

@ -17,8 +17,6 @@ namespace internal {
namespace wasm { namespace wasm {
namespace fuzzer { namespace fuzzer {
int FuzzWasmSection(SectionCode section, const uint8_t* data, size_t size);
// First instantiates and interprets the "main" function within module_object if // First instantiates and interprets the "main" function within module_object if
// possible. If the interpretation finishes within kMaxSteps steps, // possible. If the interpretation finishes within kMaxSteps steps,
// module_object is instantiated again and the compiled "main" function is // module_object is instantiated again and the compiled "main" function is

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kGlobalSectionCode, data, size);
}

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kImportSectionCode, data, size);
}

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kMemorySectionCode, data, size);
}

View File

@ -1,12 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
// TODO(titzer): Names section requires a preceding function section.
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kNameSectionCode, data, size);
}

View File

@ -1,11 +0,0 @@
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/objects-inl.h"
#include "test/fuzzer/wasm-fuzzer-common.h"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
return v8::internal::wasm::fuzzer::FuzzWasmSection(
v8::internal::wasm::kTypeSectionCode, data, size);
}