[wasm][fuzzer] Second instantiation cannot fail

A minor fix to the {InterpretAndExecuteModule} function: We instantiate the module twice. If the first instantiation worked, then also the second instantiation must succeed. Plus minor drive-by cleanup. R=ahaas@chromium.org Bug: chromium:1113681 Change-Id: Ib897cb1907152cdd9b0ed2b513a6c8217a3f400c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2349288 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#69352}

[wasm][fuzzer] Second instantiation cannot fail
A minor fix to the {InterpretAndExecuteModule} function: We instantiate the module twice. If the first instantiation worked, then also the second instantiation must succeed. Plus minor drive-by cleanup. R=ahaas@chromium.org Bug: chromium:1113681 Change-Id: Ib897cb1907152cdd9b0ed2b513a6c8217a3f400c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2349288 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#69352}
c32a3106 · Clemens Backes · Commit Bot · 3c0fb324 · c32a3106
Commit c32a3106 authored Aug 11, 2020 by Clemens Backes Committed by Commit Bot Aug 12, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 16 deletions

wasm-fuzzer-common.cc test/fuzzer/wasm-fuzzer-common.cc +10 -16

No files found.
--- a/test/fuzzer/wasm-fuzzer-common.cc
+++ b/test/fuzzer/wasm-fuzzer-common.cc
@@ -33,17 +33,15 @@ void InterpretAndExecuteModule(i::Isolate* isolate,
  if (module_object->module()->start_function_index >= 0) return;

  HandleScope handle_scope(isolate);  // Avoid leaking handles.
-  MaybeHandle<WasmInstanceObject> maybe_instance;
  Handle<WasmInstanceObject> instance;

  // Try to instantiate, return if it fails.
  {
    ErrorThrower thrower(isolate, "WebAssembly Instantiation");
-    maybe_instance = isolate->wasm_engine()->SyncInstantiate(
-        isolate, &thrower, module_object,
-        Handle<JSReceiver>::null(),     // imports
-        MaybeHandle<JSArrayBuffer>());  // memory
-    if (!maybe_instance.ToHandle(&instance)) {
+    if (!isolate->wasm_engine()
+             ->SyncInstantiate(isolate, &thrower, module_object, {},
+                               {})  // no imports & memory
+             .ToHandle(&instance)) {
      isolate->clear_pending_exception();
      thrower.Reset();  // Ignore errors.
      return;
@@ -76,16 +74,12 @@ void InterpretAndExecuteModule(i::Isolate* isolate,

  // Try to instantiate and execute the module_object.
  {
-    ErrorThrower thrower(isolate, "InterpretAndExecuteModule");
-    maybe_instance = isolate->wasm_engine()->SyncInstantiate(
-        isolate, &thrower, module_object,
-        Handle<JSReceiver>::null(),     // imports
-        MaybeHandle<JSArrayBuffer>());  // memory
-    if (!maybe_instance.ToHandle(&instance)) {
-      isolate->clear_pending_exception();
-      thrower.Reset();  // Ignore errors.
-      return;
-    }
+    ErrorThrower thrower(isolate, "Second Instantiation");
+    // We instantiated before, so the second instantiation must also succeed:
+    CHECK(isolate->wasm_engine()
+              ->SyncInstantiate(isolate, &thrower, module_object, {},
+                                {})  // no imports & memory
+              .ToHandle(&instance));
  }

  int32_t result_compiled = testing::CallWasmFunctionForTesting(