1 files changed, 16 insertions, 21 deletions

diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp
index ed653ef6b..135e50393 100644
--- a/src/tools/fuzzing/fuzzing.cpp
+++ b/src/tools/fuzzing/fuzzing.cpp
@@ -62,6 +62,17 @@ void TranslateToFuzzReader::pickPasses(OptimizationOptions& options) {
   // things like ClusterFuzz, where we are using Binaryen to fuzz other things
   // than itself). As a result, the list of passes here is different from
   // fuzz_opt.py.
+
+  // Enclose the world, some of the time. We do this before picking any other
+  // passes so that we make the initial fuzz contents more optimizable by
+  // closed-world passes later. Note that we do this regardless of whether we
+  // are in closed-world mode or not, as it is good to get this variety
+  // regardless.
+  if (oneIn(2)) {
+    options.passes.push_back("enclose-world");
+  }
+
+  // Main selection of passes.
   while (options.passes.size() < 20 && !random.finished() && !oneIn(3)) {
     switch (upTo(42)) {
       case 0:
@@ -1075,30 +1086,14 @@ Function* TranslateToFuzzReader::addFunction() {
   // Add hang limit checks after all other operations on the function body.
   wasm.addFunction(std::move(allocation));
   // Export some functions, but not all (to allow inlining etc.). Try to export
-  // at least one, though, to keep each testcase interesting. Only functions
-  // with valid params and returns can be exported because the trap fuzzer
-  // depends on that (TODO: fix this).
-  auto validExportType = [](Type t) {
-    if (!t.isRef()) {
-      return true;
-    }
-    auto heapType = t.getHeapType();
-    return heapType == HeapType::ext || heapType == HeapType::func ||
-           heapType == HeapType::string;
-  };
+  // at least one, though, to keep each testcase interesting. Avoid non-
+  // nullable params, as those cannot be constructed by the fuzzer on the
+  // outside.
   bool validExportParams =
     std::all_of(paramType.begin(), paramType.end(), [&](Type t) {
-      return validExportType(t) && t.isDefaultable();
+      return t.isDefaultable();
     });
-  // Note: spec discussions around JS API integration are still ongoing, and it
-  // is not clear if we should allow nondefaultable types in exports or not
-  // (in imports, we cannot allow them in the fuzzer anyhow, since it can't
-  // construct such values in JS to send over to the wasm from the fuzzer
-  // harness).
-  bool validExportResults =
-    std::all_of(resultType.begin(), resultType.end(), validExportType);
-  if (validExportParams && validExportResults &&
-      (numAddedFunctions == 0 || oneIn(2)) &&
+  if (validExportParams && (numAddedFunctions == 0 || oneIn(2)) &&
       !wasm.getExportOrNull(func->name)) {
     auto* export_ = new Export;
     export_->name = func->name;