diff options
| -rw-r--r-- | src/tools/fuzzing/fuzzing.cpp | 24 | ||||
| -rw-r--r-- | test/passes/translate-to-fuzz_all-features_metrics_noprint.txt | 62 |
2 files changed, 56 insertions, 30 deletions
diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp index 5b75d859c..22006a6a1 100644 --- a/src/tools/fuzzing/fuzzing.cpp +++ b/src/tools/fuzzing/fuzzing.cpp @@ -1936,6 +1936,14 @@ Expression* TranslateToFuzzReader::makeConst(Type type) { return makeConst(Type(subtype, nullability)); } case HeapType::eq: { + assert(wasm.features.hasReferenceTypes()); + if (!wasm.features.hasGC()) { + // Without wasm GC all we have is an "abstract" eqref type, which is + // a subtype of anyref, but we cannot create constants of it, except + // for null. + assert(type.isNullable()); + return builder.makeRefNull(type); + } auto nullability = getSubType(type.getNullability()); // i31.new is not allowed in initializer expressions. HeapType subtype; @@ -1947,6 +1955,7 @@ Expression* TranslateToFuzzReader::makeConst(Type type) { return makeConst(Type(subtype, nullability)); } case HeapType::i31: + assert(wasm.features.hasReferenceTypes() && wasm.features.hasGC()); // i31.new is not allowed in initializer expressions. if (funcContext) { return builder.makeI31New(makeConst(Type::i32)); @@ -3002,8 +3011,19 @@ bool TranslateToFuzzReader::isLoggableType(Type type) { } Nullability TranslateToFuzzReader::getSubType(Nullability nullability) { - return nullability == NonNullable ? NonNullable - : oneIn(2) ? Nullable : NonNullable; + if (nullability == NonNullable) { + return NonNullable; + } + // Without wasm GC, avoid non-nullable types as we cannot create any values + // of such types. For example, reference types adds eqref, but there is no + // way to create such a value, only to receive it from the outside, while GC + // adds i31/struct/array creation. Without GC, we will likely need to create a + // null of this type (unless we are lucky enough to have a non-null value + // arriving from an import), so avoid a non-null type if possible. + if (wasm.features.hasGC() && oneIn(2)) { + return NonNullable; + } + return Nullable; } HeapType TranslateToFuzzReader::getSubType(HeapType type) { diff --git a/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt b/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt index 1170f8a5a..fa88cc5ef 100644 --- a/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt +++ b/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt @@ -1,36 +1,42 @@ total - [exports] : 5 - [funcs] : 4 + [exports] : 8 + [funcs] : 9 [globals] : 6 [imports] : 5 [memory-data] : 22 - [table-data] : 0 + [table-data] : 4 [tables] : 1 - [tags] : 1 - [total] : 363 - [vars] : 9 + [tags] : 0 + [total] : 650 + [vars] : 12 + AtomicCmpxchg : 1 AtomicFence : 1 - AtomicRMW : 1 - Binary : 65 - Block : 36 - Break : 7 - Call : 2 - CallRef : 1 - Const : 75 - Drop : 1 - GlobalGet : 19 - GlobalSet : 10 - I31New : 1 - If : 13 - Load : 19 - LocalGet : 47 - LocalSet : 24 - Loop : 6 - MemoryCopy : 1 - Nop : 6 - RefFunc : 2 - Return : 10 + AtomicNotify : 1 + Binary : 83 + Block : 72 + Break : 5 + Call : 23 + CallRef : 4 + Const : 141 + Drop : 3 + GlobalGet : 39 + GlobalSet : 21 + I31New : 10 + If : 31 + Load : 24 + LocalGet : 49 + LocalSet : 25 + Loop : 11 + Nop : 9 + RefEq : 2 + RefFunc : 12 + RefIs : 1 + RefNull : 2 + Return : 27 + SIMDExtract : 1 Select : 2 Store : 2 - TupleMake : 1 - Unary : 11 + StructNew : 4 + TupleExtract : 2 + TupleMake : 7 + Unary : 35 |