• Manos Koukoutos's avatar
    [wasm][fuzzer] Complex init. expressions in JS testcase · 74d9a764
    Manos Koukoutos authored
    We enable struct.new and array.init initializer expressions in the JS
    testcase generated by --wasm-fuzzer-gen-test. We needed to make some
    changes in the WasmInitExpr class, and to implement a new interface for
    the WasmFullDecoder, which constructs a WasmInitExpr.
    Changes:
    - Make WasmInitExpr a ZoneObject. Use a pointer for its operands_ field.
      This is needed so WasmInitExpr is trivially copiable, and thus usable
      as a Value type in WasmFullDecoder.
    - Implement a WasmFullDecoder interface in wasm-fuzzer-common that
      constructs a WasmInitExpr. Use it to decode initializers in the
      module generated by the fuzzer.
    - Change AppendInitExpr to take a WasmInitExpr as argument.
    - Fix an issue with printing of struct definitions.
    - Change initializer expression used for structs to struct.new_with_rtt.
      This is consistent with the currently used structural types.
    
    Bug: v8:11954
    Change-Id: I65a87cc98701a54f32500be192b3b6eef2ff6c8c
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257712Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
    Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
    Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#77730}
    74d9a764
wasm-fuzzer-common.cc 30.4 KB