how to test wasm fuzzer in v8?
92 views
Skip to first unread message
parr...@gmail.com
Jun 5, 2017, 5:51:30 AM6/5/17
to v8-dev
i want running wasm fuzzer in v8
I want to run v8_simple_wasm _ ** _ fuzzer.
So I used the * .wasm file as the <input>.
But there was no reaction.
No log was generated,
No error message is generated.
Is it wrong to use a .wasm file as input?
Should I use a file converted to .js?
Or do you need a special .wasm file as the input file?
If my inquiry does not fit here, I apologize if it is wrong.
If there is a group or site discussing wasm in v8, please let me know.
Thank you!
Jochen Eisinger
Jun 5, 2017, 6:09:58 AM6/5/17
to v8-dev
The simple fuzzers not really fuzzers but just testing the libfuzzer backends against known inputs. Even if you run them using libfuzzer, they shouldn't output anything - we just test for "not crashing".
--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Thomas Young
Jul 22, 2020, 1:01:53 AM7/22/20
to v8-dev
Hi, does v8-team disable fuzzer test as default?
I notice that class TestLoader of fuzzer/testcfg.py extends testsuite.GenericTestLoader, so each loaded file will be filtered when we execute " tools/run-tests.py --outdir=out/x64.release fuzzer "
Could you please tell me how to enable fuzzer test in v8, and why TestLoader extends testsuite.GenericTestLoader instead of testsuite.TestLoader ?
Thank you very much!
Andreas Haas
Jul 22, 2020, 1:26:10 AM7/22/20
to v8-dev
Hi,
The v8_simple_wasm_*_fuzzer binaries exist just to reproduce issues found by libFuzzer-based fuzzers in Chromium. These binaries don't produce any output other than crashing or not crashing. You can take a look at https://github.com/v8/v8/blob/master/test/fuzzer/README.md#changes-to-chromium on how to run the fuzzers in Chromium.
The tests run by fuzzer/testcfg.py are supposed to test the fuzzer code, not to start fuzzing itself.
Cheers,
Andreas
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/75177ec3-1055-4acc-81e4-26329990edb4n%40googlegroups.com.
Thomas Young
Jul 22, 2020, 3:36:12 AM7/22/20
to v8-...@googlegroups.com
Hi Andreas, thank you for your reply!
Indeed, I would like to test the fuzzer code. The test script collects 37 base tests but produced 0 non-filtered tests.
Is this a right output below and why there is 0 non-filtered tests ?
>>> Autodetected:
pointer_compression
>>> Loading test suite: fuzzer
>>> Running tests for x64.release
>>> Running with test processors
[00:00|% 0|+ 0|- 0]: Done
>>> 37 base tests produced 0 (0%) non-filtered tests
>>> 0 tests ran
pointer_compression
>>> Loading test suite: fuzzer
>>> Running tests for x64.release
>>> Running with test processors
[00:00|% 0|+ 0|- 0]: Done
>>> 37 base tests produced 0 (0%) non-filtered tests
>>> 0 tests ran
Thank you again!
'Andreas Haas' via v8-dev <v8-...@googlegroups.com> 于2020年7月22日周三 下午1:26写道:
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAELSTvecKZyNPKdAsFeQkOZdCfCR6j2eQ3ONEc38NHyiK%2B463g%40mail.gmail.com.
Andreas Haas
Jul 29, 2020, 11:11:06 AM7/29/20
to v8-dev
Hi Thomas,
There may be a bug in the testrunner. I will investigate. All I can suggest you right now is to run the fuzzer code manually, or with your own testrunner.
Thanks for telling us about this issue.
Cheers, Andreas
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAG%3D2e1OkRba06rXSVms87piN190N9dHRf8a2twtB09A77t1KBA%40mail.gmail.com.
Andreas Haas
Aug 13, 2020, 3:35:10 AM8/13/20
to v8-dev
Hi Thomas,
The issue got fixed now.
Cheers, Andreas
Reply all
Reply to author
Forward
0 new messages