diff options
| author | Alon Zakai <azakai@google.com> | 2023-04-05 12:44:47 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-05 12:44:47 -0700 |
| commit | d21b6d04ff8020d76636ee0e09a8ccede9c0bf39 (patch) | |
| tree | 1f14970e55c6af7a2241efe35b5f166be221d448 | |
| parent | 02277fb28f3a0632819b1046fddd0ec3de52a8a3 (diff) | |
| download | binaryen-d21b6d04ff8020d76636ee0e09a8ccede9c0bf39.tar.gz binaryen-d21b6d04ff8020d76636ee0e09a8ccede9c0bf39.tar.bz2 binaryen-d21b6d04ff8020d76636ee0e09a8ccede9c0bf39.zip | |
Avoid imported memories in the fuzzer (#5626)
We already did this for the first memory, and just needed to loop to handle initial
content in the test suite that has multiple memories.
Also clean up that code while I'm around, to avoid repeating
wasm.memories[0] all the time.
| -rw-r--r-- | src/tools/fuzzing/fuzzing.cpp | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp index d904fd7bd..b69ff855e 100644 --- a/src/tools/fuzzing/fuzzing.cpp +++ b/src/tools/fuzzing/fuzzing.cpp @@ -196,6 +196,7 @@ void TranslateToFuzzReader::build() { void TranslateToFuzzReader::setupMemory() { // Add memory itself MemoryUtils::ensureExists(&wasm); + auto& memory = wasm.memories[0]; if (wasm.features.hasBulkMemory()) { size_t memCovered = 0; // need at least one segment for memory.inits @@ -213,14 +214,14 @@ void TranslateToFuzzReader::setupMemory() { if (!segment->isPassive) { segment->offset = builder.makeConst(int32_t(memCovered)); memCovered += segSize; - segment->memory = wasm.memories[0]->name; + segment->memory = memory->name; } wasm.addDataSegment(std::move(segment)); } } else { // init some data auto segment = builder.makeDataSegment(); - segment->memory = wasm.memories[0]->name; + segment->memory = memory->name; segment->offset = builder.makeConst(int32_t(0)); segment->setName(Name::fromInt(0), false); wasm.dataSegments.push_back(std::move(segment)); @@ -385,6 +386,7 @@ void TranslateToFuzzReader::setupTags() { } void TranslateToFuzzReader::finalizeMemory() { + auto& memory = wasm.memories[0]; for (auto& segment : wasm.dataSegments) { Address maxOffset = segment->data.size(); if (!segment->isPassive) { @@ -409,26 +411,27 @@ void TranslateToFuzzReader::finalizeMemory() { maxOffset = maxOffset + offset->value.getInteger(); } } - wasm.memories[0]->initial = std::max( - wasm.memories[0]->initial, + memory->initial = std::max( + memory->initial, Address((maxOffset + Memory::kPageSize - 1) / Memory::kPageSize)); } - wasm.memories[0]->initial = - std::max(wasm.memories[0]->initial, USABLE_MEMORY); + memory->initial = std::max(memory->initial, USABLE_MEMORY); // Avoid an unlimited memory size, which would make fuzzing very difficult // as different VMs will run out of system memory in different ways. - if (wasm.memories[0]->max == Memory::kUnlimitedSize) { - wasm.memories[0]->max = wasm.memories[0]->initial; + if (memory->max == Memory::kUnlimitedSize) { + memory->max = memory->initial; } - if (wasm.memories[0]->max <= wasm.memories[0]->initial) { + if (memory->max <= memory->initial) { // To allow growth to work (which a testcase may assume), try to make the // maximum larger than the initial. // TODO: scan the wasm for grow instructions? - wasm.memories[0]->max = std::min(Address(wasm.memories[0]->initial + 1), - Address(Memory::kMaxSize32)); + memory->max = + std::min(Address(memory->initial + 1), Address(Memory::kMaxSize32)); } // Avoid an imported memory (which the fuzz harness would need to handle). - wasm.memories[0]->module = wasm.memories[0]->base = Name(); + for (auto& memory : wasm.memories) { + memory->module = memory->base = Name(); + } } void TranslateToFuzzReader::finalizeTable() { |