AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
a10e4a179e
v8/test/fuzzer/fuzzer.gyp
Andreas Haas 7b53a0e010 [wasm] Avoid executing infinite loops in the wasm fuzzers 
The wasm-async fuzzer uses the bytes provided by the fuzzer engine
directly as wasm module bytes, compiles them with async compilation, and
then tries to execute the "main" function of the module. This "main"
can have an infinite loop which causes a timeout in the fuzzer. With
this CL the "main" function is first executed with the interpreter. If
the execution in the interpreter finishes within 16k steps, which means
that there is no infinite loop, also the compiled code is executed.

I added the raw fuzzer input as a test case because in this case I
really want to test the fuzzer and not V8.

R=clemensh@chromium.org

Bug: chromium:761784
Change-Id: Id1fe5da0da8670ec821ab9979fdb9454dbde1162
Reviewed-on: https://chromium-review.googlesource.com/651046
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47874}
2017-09-07 12:35:45 +00:00

515 lines
12 KiB
Python
Raw Blame History

# Copyright 2016 the V8 project authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
{
'variables': {
'v8_code': 1,
},
'includes': ['../../gypfiles/toolchain.gypi', '../../gypfiles/features.gypi'],
'targets': [
{
'target_name': 'v8_simple_json_fuzzer',
'type': 'executable',
'dependencies': [
'json_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'json_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'json.cc',
],
},
{
'target_name': 'v8_simple_parser_fuzzer',
'type': 'executable',
'dependencies': [
'parser_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'parser_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'parser.cc',
],
},
{
'target_name': 'v8_simple_regexp_fuzzer',
'type': 'executable',
'dependencies': [
'regexp_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'regexp_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'regexp.cc',
],
},
{
'target_name': 'v8_simple_wasm_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_async_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_async_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_async_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-async.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_call_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_call_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_call_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-call.cc',
'../common/wasm/test-signatures.h',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_code_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_code_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_code_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-code.cc',
'../common/wasm/test-signatures.h',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_compile_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_compile_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_compile_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-compile.cc',
'../common/wasm/test-signatures.h',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_data_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_data_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_data_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-data-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_function_sigs_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_function_sigs_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_function_sigs_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-function-sigs-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_globals_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_globals_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_globals_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-globals-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_imports_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_imports_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_imports_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-imports-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_memory_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_memory_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_memory_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-memory-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_names_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_names_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_names_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-names-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'v8_simple_wasm_types_section_fuzzer',
'type': 'executable',
'dependencies': [
'wasm_types_section_fuzzer_lib',
],
'include_dirs': [
'../..',
],
'sources': [
'fuzzer.cc',
],
},
{
'target_name': 'wasm_types_section_fuzzer_lib',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8_libplatform',
'fuzzer_support',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'wasm-types-section.cc',
'../common/wasm/wasm-module-runner.cc',
'../common/wasm/wasm-module-runner.h',
'wasm-fuzzer-common.cc',
'wasm-fuzzer-common.h',
],
},
{
'target_name': 'fuzzer_support',
'type': 'static_library',
'dependencies': [
'../../src/v8.gyp:v8',
'../../src/v8.gyp:v8_libbase',
'../../src/v8.gyp:v8_libplatform',
],
'include_dirs': [
'../..',
],
'sources': [ ### gcmole(all) ###
'fuzzer-support.cc',
'fuzzer-support.h',
],
'conditions': [
['v8_enable_i18n_support==1', {
'dependencies': [
'<(icu_gyp_path):icui18n',
'<(icu_gyp_path):icuuc',
],
}],
],
},
],
'conditions': [
['test_isolation_mode != "noop"', {
'targets': [
{
'target_name': 'fuzzer_run',
'type': 'none',
'dependencies': [
'v8_simple_json_fuzzer',
'v8_simple_parser_fuzzer',
'v8_simple_regexp_fuzzer',
'v8_simple_wasm_fuzzer',
],
'includes': [
'../../gypfiles/isolate.gypi',
],
'sources': [
'fuzzer.isolate',
],
},
],
}],
],
}
Reference in New Issue View Git Blame Copy Permalink