AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[wasm][fuzzer] Fix return value of interpreter

Browse Source 
Bring the return value of {InterpretWasmModule} in sync with
{CallWasmFunctionForTesting}, because the fuzzers now compare the two.

R=ahaas@chromium.org

Bug: chromium:1115431
Change-Id: I0abf79c4418a4e6cc7365a78148e5e71cf32231b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2351678
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69374}
This commit is contained in:
Clemens Backes 2020-08-13 11:10:51 +02:00 committed by Commit Bot
parent 5fdc951df3
commit 833662c74a
2 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
test/common/wasm/wasm-module-runner.cc
View File

@ -100,12 +100,13 @@ WasmInterpretationResult InterpretWasmModule(
Zone zone(isolate->allocator(), ZONE_NAME); Zone zone(isolate->allocator(), ZONE_NAME);
v8::internal::HandleScope scope(isolate); v8::internal::HandleScope scope(isolate);
const WasmFunction* func = &instance->module()->functions[function_index];
WasmInterpreter interpreter{ WasmInterpreter interpreter{
isolate, instance->module(), isolate, instance->module(),
ModuleWireBytes{instance->module_object().native_module()->wire_bytes()}, ModuleWireBytes{instance->module_object().native_module()->wire_bytes()},
instance}; instance};
interpreter.InitFrame(&instance->module()->functions[function_index], args); interpreter.InitFrame(func, args);
WasmInterpreter::State interpreter_result = interpreter.Run(kMaxNumSteps); WasmInterpreter::State interpreter_result = interpreter.Run(kMaxNumSteps);
bool stack_overflow = isolate->has_pending_exception(); bool stack_overflow = isolate->has_pending_exception();
@ -119,9 +120,30 @@ WasmInterpretationResult InterpretWasmModule(
} }
if (interpreter_result == WasmInterpreter::FINISHED) { if (interpreter_result == WasmInterpreter::FINISHED) {
// Get the result as an {int32_t}. Keep this in sync with
// {CallWasmFunctionForTesting}, because fuzzers will compare the results.
int32_t result = -1;
if (func->sig->return_count() > 0) {
WasmValue return_value = interpreter.GetReturnValue();
switch (func->sig->GetReturn(0).kind()) {
case ValueType::kI32:
result = return_value.to<int32_t>();
break;
case ValueType::kI64:
result = static_cast<int32_t>(return_value.to<int64_t>());
break;
case ValueType::kF32:
result = static_cast<int32_t>(return_value.to<float>());
break;
case ValueType::kF64:
result = static_cast<int32_t>(return_value.to<double>());
break;
default:
break;
}
}
return WasmInterpretationResult::Finished( return WasmInterpretationResult::Finished(
interpreter.GetReturnValue().to<int32_t>(), result, interpreter.PossibleNondeterminism());
interpreter.PossibleNondeterminism());
} }
// The interpreter did not finish within the limited number of steps, so it // The interpreter did not finish within the limited number of steps, so it

BIN
test/fuzzer/wasm_async/regress-1115431.wasm Normal file
View File

Binary file not shown.