[fuzzer] Disallow atomic.wait in fuzzers

It is very unlikely that atomic.wait does anything useful in the fuzzer, and will most likely just timeout the fuzzer. That's why it's better to just disallow atomic.wait on the fuzzer. R=thibaudm@chromium.org Bug: chromium:1229074 Change-Id: I57aaff013964fa4c0e6ab411789e53a9013cabd2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053584Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75920}

[fuzzer] Disallow atomic.wait in fuzzers
It is very unlikely that atomic.wait does anything useful in the fuzzer, and will most likely just timeout the fuzzer. That's why it's better to just disallow atomic.wait on the fuzzer. R=thibaudm@chromium.org Bug: chromium:1229074 Change-Id: I57aaff013964fa4c0e6ab411789e53a9013cabd2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053584Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75920}
bbeff193 · Andreas Haas · V8 LUCI CQ · d47a930d · bbeff193 · bbeff193
Commit bbeff193 authored Jul 26, 2021 by Andreas Haas Committed by V8 LUCI CQ Jul 26, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

wasm-interpreter.cc test/common/wasm/wasm-interpreter.cc +2 -2

fuzzer-support.cc test/fuzzer/fuzzer-support.cc +1 -0

No files found.
--- a/test/common/wasm/wasm-interpreter.cc
+++ b/test/common/wasm/wasm-interpreter.cc
@@ -2169,7 +2169,7 @@ class WasmInterpreterInternals {
        *len += 1;
        break;
      case kExprI32AtomicWait: {
-        if (!module()->has_shared_memory) {
+        if (!module()->has_shared_memory || !isolate_->allow_atomics_wait()) {
          DoTrap(kTrapUnreachable, pc);
          return false;
        }
@@ -2189,7 +2189,7 @@ class WasmInterpreterInternals {
        break;
      }
      case kExprI64AtomicWait: {
-        if (!module()->has_shared_memory) {
+        if (!module()->has_shared_memory || !isolate_->allow_atomics_wait()) {
          DoTrap(kTrapUnreachable, pc);
          return false;
        }

--- a/test/fuzzer/fuzzer-support.cc
+++ b/test/fuzzer/fuzzer-support.cc
@@ -26,6 +26,7 @@ FuzzerSupport::FuzzerSupport(int* argc, char*** argv) {
  allocator_ = v8::ArrayBuffer::Allocator::NewDefaultAllocator();
  v8::Isolate::CreateParams create_params;
  create_params.array_buffer_allocator = allocator_;
+  create_params.allow_atomics_wait = false;
  isolate_ = v8::Isolate::New(create_params);

  {