[wasm][fuzzer] Fix empty break types for br_if

Fix underflow when the break type list is empty, and do not try to reuse the first value to generate the wanted type. Bug: chromium:1084452 Change-Id: Ia9855a267730bb9f427518c27157f449475fb6ba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2208858Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#67895}

[wasm][fuzzer] Fix empty break types for br_if
Fix underflow when the break type list is empty, and do not try to reuse the first value to generate the wanted type. Bug: chromium:1084452 Change-Id: Ia9855a267730bb9f427518c27157f449475fb6ba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2208858Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#67895}
01046af9 · Thibaud Michaud · Commit Bot · 4126662b · 01046af9
Commit 01046af9 authored May 19, 2020 by Thibaud Michaud Committed by Commit Bot May 19, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

wasm-compile.cc test/fuzzer/wasm-compile.cc +6 -2

No files found.
--- a/test/fuzzer/wasm-compile.cc
+++ b/test/fuzzer/wasm-compile.cc
@@ -212,10 +212,14 @@ class WasmGenerator {
    Generate(kWasmI32, data);
    builder_->EmitWithI32V(
        kExprBrIf, static_cast<uint32_t>(blocks_.size()) - 1 - target_block);
-    for (size_t i = 0; i < break_types.size() - 1; ++i) {
+    for (size_t i = 1; i < break_types.size(); ++i) {
      builder_->Emit(kExprDrop);
    }
-    ConvertOrGenerate(break_types.front(), ValueType(wanted_type), data);
+    if (break_types.empty()) {
+      Generate(ValueType(wanted_type), data);
+    } else {
+      ConvertOrGenerate(break_types.front(), ValueType(wanted_type), data);
+    }
  }

  // TODO(eholk): make this function constexpr once gcc supports it