diff options
Diffstat (limited to 'deps/v8/test/fuzzer/wasm-code.cc')
| -rw-r--r-- | deps/v8/test/fuzzer/wasm-code.cc | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/deps/v8/test/fuzzer/wasm-code.cc b/deps/v8/test/fuzzer/wasm-code.cc index 13b665137d..3f7b091883 100644 --- a/deps/v8/test/fuzzer/wasm-code.cc +++ b/deps/v8/test/fuzzer/wasm-code.cc @@ -36,7 +36,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { v8::TryCatch try_catch(isolate); v8::internal::AccountingAllocator allocator; - v8::internal::Zone zone(&allocator); + v8::internal::Zone zone(&allocator, ZONE_NAME); TestSignatures sigs; @@ -45,8 +45,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { v8::internal::wasm::WasmFunctionBuilder* f = builder.AddFunction(sigs.i_iii()); f->EmitCode(data, static_cast<uint32_t>(size)); - f->SetExported(); - f->SetName("main", 4); + f->ExportAs(v8::internal::CStrVector("main")); ZoneBuffer buffer(&zone); builder.WriteTo(buffer); @@ -57,17 +56,19 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { ErrorThrower interpreter_thrower(i_isolate, "Interpreter"); std::unique_ptr<const WasmModule> module(testing::DecodeWasmModuleForTesting( - i_isolate, &zone, &interpreter_thrower, buffer.begin(), buffer.end(), - v8::internal::wasm::ModuleOrigin::kWasmOrigin)); + i_isolate, &interpreter_thrower, buffer.begin(), buffer.end(), + v8::internal::wasm::ModuleOrigin::kWasmOrigin, true)); if (module == nullptr) { return 0; } int32_t result_interpreted; + bool possible_nondeterminism = false; { WasmVal args[] = {WasmVal(1), WasmVal(2), WasmVal(3)}; result_interpreted = testing::InterpretWasmModule( - i_isolate, &interpreter_thrower, module.get(), 0, args); + i_isolate, &interpreter_thrower, module.get(), 0, args, + &possible_nondeterminism); } ErrorThrower compiler_thrower(i_isolate, "Compiler"); @@ -90,11 +91,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { i_isolate, instance, &compiler_thrower, "main", arraysize(arguments), arguments, v8::internal::wasm::ModuleOrigin::kWasmOrigin); } - if (result_interpreted == 0xdeadbeef) { + if (result_interpreted == bit_cast<int32_t>(0xdeadbeef)) { CHECK(i_isolate->has_pending_exception()); i_isolate->clear_pending_exception(); } else { - if (result_interpreted != result_compiled) { + // The WebAssembly spec allows the sign bit of NaN to be non-deterministic. + // This sign bit may cause result_interpreted to be different than + // result_compiled. Therefore we do not check the equality of the results + // if the execution may have produced a NaN at some point. + if (!possible_nondeterminism && (result_interpreted != result_compiled)) { V8_Fatal(__FILE__, __LINE__, "WasmCodeFuzzerHash=%x", v8::internal::StringHasher::HashSequentialString( data, static_cast<int>(size), WASM_CODE_FUZZER_HASH_SEED)); |