From d31f202cf860ba8690db2f4c3d521dfc6a178b5c Mon Sep 17 00:00:00 2001 From: Alon Zakai Date: Fri, 12 Mar 2021 12:20:36 -0800 Subject: Fix fuzz issue with ElementSegment name collisions (#3674) Now that they have names they can collide. All the fuzzer wants is to ensure there is a segment to add to, so if there is one, do not add another. --- src/tools/fuzzing.h | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'src/tools/fuzzing.h') diff --git a/src/tools/fuzzing.h b/src/tools/fuzzing.h index 288fdc23c..de03e943b 100644 --- a/src/tools/fuzzing.h +++ b/src/tools/fuzzing.h @@ -425,23 +425,20 @@ private: // TODO(reference-types): allow the fuzzer to create multiple tables void setupTables() { - if (wasm.tables.size() > 0) { - auto& table = wasm.tables[0]; - table->initial = table->max = 0; - - auto segment = std::make_unique( - table->name, builder.makeConst(int32_t(0))); - segment->setName(Name::fromInt(0), false); - wasm.addElementSegment(std::move(segment)); - } else { + // Ensure an element segment, adding one or even adding a whole table as + // needed. + if (wasm.tables.empty()) { auto table = builder.makeTable( Names::getValidTableName(wasm, "fuzzing_table"), 0, 0); table->hasExplicitName = true; + wasm.addTable(std::move(table)); + } + if (wasm.elementSegments.empty()) { + // TODO: use a random table auto segment = std::make_unique( - table->name, builder.makeConst(int32_t(0))); - segment->setName(Name::fromInt(0), false); + wasm.tables[0]->name, builder.makeConst(int32_t(0))); + segment->setName(Names::getValidElementSegmentName(wasm, "elem$"), false); wasm.addElementSegment(std::move(segment)); - wasm.addTable(std::move(table)); } } @@ -1483,6 +1480,7 @@ private: for (const auto& type : targetFn->sig.params) { args.push_back(make(type)); } + // TODO: use a random table return builder.makeCallIndirect( wasm.tables[0]->name, target, args, targetFn->sig, isReturn); } -- cgit v1.2.3