Commit fcaf0a3e authored by Rakhim Khismet's avatar Rakhim Khismet Committed by V8 LUCI CQ

[fuzzer] Add struct.get operation to fuzzed module

We add support for struct.get operation to the fuzzed module.
struct_get alternative is added to Generators
(i32, i64, f32, f64).

Bug: v8:11954
Change-Id: I85c03bb6ba896bff399eb1382fa42b0795ef65ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3081613Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Rakhim Khismet <khismet@google.com>
Cr-Commit-Position: refs/heads/master@{#76191}
parent 8b87e36e
...@@ -794,6 +794,33 @@ class WasmGenerator { ...@@ -794,6 +794,33 @@ class WasmGenerator {
ref_null(type, data); ref_null(type, data);
} }
template <ValueKind wanted_kind>
void struct_get(DataRange* data) {
WasmModuleBuilder* builder = builder_->builder();
int num_types = builder->NumTypes();
ZoneVector<uint32_t> field_index(builder->zone());
ZoneVector<uint32_t> struct_index(builder->zone());
for (int i = 0; i < num_types; i++) {
if (builder->IsStructType(i)) {
int field_count = builder->GetStructType(i)->field_count();
for (int index = 0; index < field_count; index++) {
if (builder->GetStructType(i)->field(index).kind() == wanted_kind) {
field_index.push_back(index);
struct_index.push_back(i);
}
}
}
}
if (field_index.empty()) {
Generate<wanted_kind>(data);
return;
}
int index = data->get<uint8_t>() % static_cast<int>(field_index.size());
GenerateOptRef(HeapType(struct_index[index]), data);
builder_->EmitWithPrefix(kExprStructGet);
builder_->EmitU32V(struct_index[index]);
builder_->EmitU32V(field_index[index]);
}
using GenerateFn = void (WasmGenerator::*const)(DataRange*); using GenerateFn = void (WasmGenerator::*const)(DataRange*);
using GenerateFnWithHeap = void (WasmGenerator::*const)(HeapType, DataRange*); using GenerateFnWithHeap = void (WasmGenerator::*const)(HeapType, DataRange*);
...@@ -1101,7 +1128,9 @@ void WasmGenerator::Generate<kI32>(DataRange* data) { ...@@ -1101,7 +1128,9 @@ void WasmGenerator::Generate<kI32>(DataRange* data) {
&WasmGenerator::call<kI32>, &WasmGenerator::call<kI32>,
&WasmGenerator::call_indirect<kI32>, &WasmGenerator::call_indirect<kI32>,
&WasmGenerator::try_block<kI32>}; &WasmGenerator::try_block<kI32>,
&WasmGenerator::struct_get<kI32>};
GenerateOneOf(alternatives, data); GenerateOneOf(alternatives, data);
} }
...@@ -1215,7 +1244,9 @@ void WasmGenerator::Generate<kI64>(DataRange* data) { ...@@ -1215,7 +1244,9 @@ void WasmGenerator::Generate<kI64>(DataRange* data) {
&WasmGenerator::call<kI64>, &WasmGenerator::call<kI64>,
&WasmGenerator::call_indirect<kI64>, &WasmGenerator::call_indirect<kI64>,
&WasmGenerator::try_block<kI64>}; &WasmGenerator::try_block<kI64>,
&WasmGenerator::struct_get<kI64>};
GenerateOneOf(alternatives, data); GenerateOneOf(alternatives, data);
} }
...@@ -1272,7 +1303,9 @@ void WasmGenerator::Generate<kF32>(DataRange* data) { ...@@ -1272,7 +1303,9 @@ void WasmGenerator::Generate<kF32>(DataRange* data) {
&WasmGenerator::call<kF32>, &WasmGenerator::call<kF32>,
&WasmGenerator::call_indirect<kF32>, &WasmGenerator::call_indirect<kF32>,
&WasmGenerator::try_block<kF32>}; &WasmGenerator::try_block<kF32>,
&WasmGenerator::struct_get<kF32>};
GenerateOneOf(alternatives, data); GenerateOneOf(alternatives, data);
} }
...@@ -1329,7 +1362,9 @@ void WasmGenerator::Generate<kF64>(DataRange* data) { ...@@ -1329,7 +1362,9 @@ void WasmGenerator::Generate<kF64>(DataRange* data) {
&WasmGenerator::call<kF64>, &WasmGenerator::call<kF64>,
&WasmGenerator::call_indirect<kF64>, &WasmGenerator::call_indirect<kF64>,
&WasmGenerator::try_block<kF64>}; &WasmGenerator::try_block<kF64>,
&WasmGenerator::struct_get<kF64>};
GenerateOneOf(alternatives, data); GenerateOneOf(alternatives, data);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment