def start_runs():
collector = createCollector.createCollector("DOMFuzz")
try:
refreshSignatures(collector)
except Exception:
pass
many_timed_runs(None, sps.createWtmpDir(os.getcwdu()), sys.argv[1:], collector, quiet=False)
def mightUseDivision(code):
# Work around MSVC division inconsistencies (bug 948321)
# by leaving division out of *-cj-in.js files on Windows.
# (Unfortunately, this will also match regexps and a bunch
# of other things.)
i = 0
while i < len(code):
if code[i] == '/':
if i + 1 < len(code) and (code[i + 1] == '/' or code[i + 1] == '*'):
# An open-comment like "//" or "/*" is okay. Skip the next character.
i += 1
elif i > 0 and code[i - 1] == '*':
# A close-comment like "*/" is okay too.
pass
else:
# Plain "/" could be division (or regexp or something else)
return True
i += 1
return False
assert not mightUseDivision("//")
assert not mightUseDivision("// a")
assert not mightUseDivision("/*FOO*/")
assert mightUseDivision("a / b")
assert mightUseDivision("eval('/**/'); a / b;")
assert mightUseDivision("eval('//x'); a / b;")
if __name__ == "__main__":
many_timed_runs(None, sps.createWtmpDir(os.getcwdu()), sys.argv[1:], createCollector.createCollector("jsfunfuzz"))
# metaMax controls how many [generated js functions] each browser instance will run
# (but fuzz-finish-auto also enforces a time limit)
#
# Want it small:
# Deterministic repro from seed (because of time limit) (but how often do we actually repro-from-seed? and this is fixable)
# Limit on how much work Lithium has (but how much time do we spend in Lithium, compared to fuzzing?)
# Waste less time in huge GCs (especially with fuzzMultiDoc)
# Small variations on initial reftests are often the most interesting
# Less chance for the fuzzer to tie itself in exponential knots, and hang unexpectedly (e.g. repeated cloneNode)
#
# Want it large:
# Depth is more important as we scale
# Depth is important to fuzzerRandomJS
# Waste less time in startup, shutdown
# Waste less time parsing breakpad symbol files (!)
# Waste less time waiting for hanging testcases (?)
metaMax = 30000
return "#fuzz=" + str(metaSeed) + ",0," + str(metaPer) + "," + str(metaInterval) + "," + str(metaMax) + ",0"
def afterColon(s):
tail = s.partition(": ")[2]
return tail.strip()
if __name__ == "__main__":
many_timed_runs(None, sps.createWtmpDir(os.getcwdu()), sys.argv[1:], createCollector.createCollector("DOMFuzz"), quiet=False)
# Work around MSVC division inconsistencies (bug 948321)
# by leaving division out of *-cj-in.js files on Windows.
# (Unfortunately, this will also match regexps and a bunch
# of other things.)
i = 0
while i < len(code):
if code[i] == '/':
if i + 1 < len(code) and (code[i + 1] == '/'
or code[i + 1] == '*'):
# An open-comment like "//" or "/*" is okay. Skip the next character.
i += 1
elif i > 0 and code[i - 1] == '*':
# A close-comment like "*/" is okay too.
pass
else:
# Plain "/" could be division (or regexp or something else)
return True
i += 1
return False
assert not mightUseDivision("//")
assert not mightUseDivision("// a")
assert not mightUseDivision("/*FOO*/")
assert mightUseDivision("a / b")
assert mightUseDivision("eval('/**/'); a / b;")
assert mightUseDivision("eval('//x'); a / b;")
if __name__ == "__main__":
many_timed_runs(None, sps.createWtmpDir(os.getcwdu()), sys.argv[1:])
# metaMax controls how many [generated js functions] each browser instance will run
# (but fuzz-finish-auto also enforces a time limit)
#
# Want it small:
# Deterministic repro from seed (because of time limit) (but how often do we actually repro-from-seed? and this is fixable)
# Limit on how much work Lithium has (but how much time do we spend in Lithium, compared to fuzzing?)
# Waste less time in huge GCs (especially with fuzzMultiDoc)
# Small variations on initial reftests are often the most interesting
# Less chance for the fuzzer to tie itself in exponential knots, and hang unexpectedly (e.g. repeated cloneNode)
#
# Want it large:
# Depth is more important as we scale
# Depth is important to fuzzerRandomJS
# Waste less time in startup, shutdown
# Waste less time parsing breakpad symbol files (!)
# Waste less time waiting for hanging testcases (?)
metaMax = 30000
return "#fuzz=" + str(metaSeed) + ",0," + str(metaPer) + "," + str(metaInterval) + "," + str(metaMax) + ",0"
def afterColon(s):
tail = s.partition(": ")[2]
return tail.strip()
if __name__ == "__main__":
many_timed_runs(None, sps.createWtmpDir(os.getcwdu()), sys.argv[1:], quiet=False)
# Want it small:
# Deterministic repro from seed (because of time limit) (but how often do we actually repro-from-seed? and this is fixable)
# Limit on how much work Lithium has (but how much time do we spend in Lithium, compared to fuzzing?)
# Waste less time in huge GCs (especially with fuzzMultiDoc)
# Small variations on initial reftests are often the most interesting
# Less chance for the fuzzer to tie itself in exponential knots, and hang unexpectedly (e.g. repeated cloneNode)
#
# Want it large:
# Depth is more important as we scale
# Depth is important to fuzzerRandomJS
# Waste less time in startup, shutdown
# Waste less time parsing breakpad symbol files (!)
# Waste less time waiting for hanging testcases (?)
metaMax = 30000
return "#fuzz=" + str(metaSeed) + ",0," + str(metaPer) + "," + str(
metaInterval) + "," + str(metaMax) + ",0"
def afterColon(s):
tail = s.partition(": ")[2]
return tail.strip()
if __name__ == "__main__":
many_timed_runs(None,
sps.createWtmpDir(os.getcwdu()),
sys.argv[1:],
quiet=False)