diff options
| author | Alon Zakai <azakai@google.com> | 2024-02-22 10:56:10 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-22 10:56:10 -0800 |
| commit | 212f7c3374357af9eea3983b5e2cf649ccef7d0f (patch) | |
| tree | 9aa26f77e01697e6a5cafa03ece80897402564c2 /src | |
| parent | 4969f936bd44943b08525aff3db709dfc24ab1d6 (diff) | |
| download | binaryen-212f7c3374357af9eea3983b5e2cf649ccef7d0f.tar.gz binaryen-212f7c3374357af9eea3983b5e2cf649ccef7d0f.tar.bz2 binaryen-212f7c3374357af9eea3983b5e2cf649ccef7d0f.zip | |
Fuzzer: Allow using initial content with V8 (#6327)
One problem was that spec testcases had exports with names that are not
valid to write as JS exports.name. For example an export with a - in the
name would end up as exports.foo-bar etc. Since #6310 that is fixed as
we do not emit such JS (we use the generic fuzz_shell.js script which iterates
over the keys in exports with exports[name]).
Also fix a few trivial fuzzer issues that initial content uncovered:
- Ignore a wat file with invalid utf-8.
- Print string literals in the same way from JS as from C++.
- Enable the stringref flag in V8.
- Remove tag imports (the same as we do for global and function and other imports).
Diffstat (limited to 'src')
| -rw-r--r-- | src/tools/fuzzing/fuzzing.cpp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp index 2b776144d..c1625d726 100644 --- a/src/tools/fuzzing/fuzzing.cpp +++ b/src/tools/fuzzing/fuzzing.cpp @@ -433,6 +433,15 @@ void TranslateToFuzzReader::setupGlobals() { } void TranslateToFuzzReader::setupTags() { + // As in modifyInitialFunctions(), we can't allow tag imports as it would trap + // when the fuzzing infrastructure doesn't know what to provide. + for (auto& tag : wasm.tags) { + if (tag->imported()) { + tag->module = tag->base = Name(); + } + } + + // Add some random tags. Index num = upTo(3); for (size_t i = 0; i < num; i++) { addTag(); |