fix re-reloop fuzz bug, we need to ensure a terminator in all relooper blocks (#1214)

kripken · web-flow · commit 69408e62ee19 · 2017-10-11T10:12:43.000-07:00
diff --git a/src/cfg/Relooper.h b/src/cfg/Relooper.h
@@ -136,6 +136,7 @@ struct InsertOrderedSet
   }
 
   size_t size() const { return Map.size(); }
+  bool empty() const { return Map.empty(); }
 
   void clear() {
     Map.clear();
@@ -194,6 +195,7 @@ struct InsertOrderedMap
   }
 
   size_t size() const { return Map.size(); }
+  bool empty() const { return Map.empty(); }
   size_t count(const Key& k) const { return Map.count(k); }
 
   InsertOrderedMap() {}
diff --git a/src/passes/ReReloop.cpp b/src/passes/ReReloop.cpp
@@ -30,6 +30,10 @@
 #include "cfg/Relooper.h"
 #include "ast_utils.h"
 
+#ifdef RERELOOP_DEBUG
+#include <wasm-printing.h>
+#endif
+
 namespace wasm {
 
 struct ReReloop final : public Pass {
@@ -307,6 +311,33 @@ struct ReReloop final : public Pass {
     }
     // finish the current block
     finishBlock();
+    // blocks that do not have any exits are dead ends in the relooper. we need
+    // to make sure that are in fact dead ends, and do not flow control anywhere.
+    // add a return as needed
+    for (auto* cfgBlock : relooper.Blocks) {
+      auto* block = cfgBlock->Code->cast<Block>();
+      if (cfgBlock->BranchesOut.empty() && block->type != unreachable) {
+        block->list.push_back(
+          function->result == none ? (Expression*)builder->makeReturn()
+                                   : (Expression*)builder->makeUnreachable()
+        );
+        block->finalize();
+      }
+    }
+#ifdef RERELOOP_DEBUG
+    std::cout << "rerelooping " << function->name << '\n';
+    for (auto* block : relooper.Blocks) {
+      std::cout << block << " block:\n" << block->Code << '\n';
+      for (auto& pair : block->BranchesOut) {
+        auto* target = pair.first;
+        auto* branch = pair.second;
+        std::cout << "branch to " << target << "\n";
+        if (branch->Condition) {
+          std::cout << "  with condition\n" << branch->Condition << '\n';
+        }
+      }
+    }
+#endif
     // run the relooper to recreate control flow
     relooper.Calculate(entry);
     // render
diff --git a/test/passes/rereloop.txt b/test/passes/rereloop.txt
@@ -8,13 +8,15 @@
   (local $0 i32)
   (block
    (nop)
+   (return)
   )
  )
  (func $trivial2 (type $0)
   (local $0 i32)
   (block
    (call $trivial)
    (call $trivial)
+   (return)
   )
  )
  (func $return-void (type $0)
@@ -161,6 +163,7 @@
       )
       (block
        (block
+        (return)
        )
       )
      )
@@ -182,6 +185,7 @@
   )
   (block
    (block
+    (return)
    )
   )
  )
@@ -206,6 +210,7 @@
      )
      (block
       (block
+       (return)
       )
      )
     )
@@ -254,6 +259,7 @@
    )
    (block
     (block
+     (return)
     )
    )
   )
@@ -509,6 +515,7 @@
                   (call $before-and-after
                    (i32.const 25)
                   )
+                  (return)
                  )
                 )
                )
@@ -598,6 +605,7 @@
     )
     (block
      (block
+      (return)
      )
     )
    )
@@ -634,6 +642,7 @@
   )
   (block
    (block
+    (return)
    )
   )
  )
@@ -697,6 +706,7 @@
     (call $if-br-wat
      (i32.const 3)
     )
+    (return)
    )
   )
  )
@@ -744,3 +754,52 @@
   )
  )
 )
+(module
+ (type $0 (func))
+ (type $1 (func (result i32)))
+ (global $global$0 (mut i32) (i32.const 1))
+ (memory $0 0)
+ (export "one" (func $0))
+ (export "two" (func $1))
+ (func $0 (type $0)
+  (local $0 i32)
+  (block $block$4$break
+   (block
+   )
+   (if
+    (i32.const 1)
+    (block
+     (block
+      (return)
+     )
+    )
+    (br $block$4$break)
+   )
+  )
+  (block
+   (block $block$3$break
+    (block
+     (set_global $global$0
+      (i32.const 0)
+     )
+    )
+    (block
+     (br $block$3$break)
+    )
+   )
+   (block
+    (block
+     (unreachable)
+    )
+   )
+  )
+ )
+ (func $1 (type $1) (result i32)
+  (local $0 i32)
+  (block
+   (return
+    (get_global $global$0)
+   )
+  )
+ )
+)
diff --git a/test/passes/rereloop.wast b/test/passes/rereloop.wast
@@ -197,4 +197,25 @@
   )
  )
 )
+(module
+ (global $global$0 (mut i32) (i32.const 1))
+ (export "one" (func $0))
+ (export "two" (func $1))
+ (func $0
+  (block $outer
+   (block
+    (br_if $outer ;; taken - do not modify the global, stay it at 1
+     (i32.const 1)
+    )
+    (set_global $global$0 ;; never get here!
+     (i32.const 0)
+    )
+   )
+   (unreachable)
+  )
+ )
+ (func $1 (result i32)
+  (return (get_global $global$0))
+ )
+)
 
diff --git a/test/passes/rereloop_dce_remove-unused-brs_remove-unused-names_coalesce-locals_simplify-locals_reorder-locals_remove-unused-brs_merge-blocks_vacuum.txt b/test/passes/rereloop_dce_remove-unused-brs_remove-unused-names_coalesce-locals_simplify-locals_reorder-locals_remove-unused-brs_merge-blocks_vacuum.txt
@@ -68,8 +68,11 @@
    (i32.eqz
     (get_local $0)
    )
-   (call $unreachable
-    (i32.const 5)
+   (block
+    (call $unreachable
+     (i32.const 5)
+    )
+    (return)
    )
   )
   (if

Original file line number	Diff line number	Diff line change
`@@ -136,6 +136,7 @@ struct InsertOrderedSet`
`136`	`136`	`}`
`137`	`137`
`138`	`138`	`size_t size() const { return Map.size(); }`
	`139`	`+ bool empty() const { return Map.empty(); }`
`139`	`140`
`140`	`141`	`void clear() {`
`141`	`142`	`Map.clear();`
`@@ -194,6 +195,7 @@ struct InsertOrderedMap`
`194`	`195`	`}`
`195`	`196`
`196`	`197`	`size_t size() const { return Map.size(); }`
	`198`	`+ bool empty() const { return Map.empty(); }`
`197`	`199`	`size_t count(const Key& k) const { return Map.count(k); }`
`198`	`200`
`199`	`201`	`InsertOrderedMap() {}`
Original file line number	Diff line number	Diff line change
`@@ -8,13 +8,15 @@`
`8`	`8`	`(local $0 i32)`
`9`	`9`	`(block`
`10`	`10`	`(nop)`
	`11`	`+ (return)`
`11`	`12`	`)`
`12`	`13`	`)`
`13`	`14`	`(func $trivial2 (type $0)`
`14`	`15`	`(local $0 i32)`
`15`	`16`	`(block`
`16`	`17`	`(call $trivial)`
`17`	`18`	`(call $trivial)`
	`19`	`+ (return)`
`18`	`20`	`)`
`19`	`21`	`)`
`20`	`22`	`(func $return-void (type $0)`
`@@ -161,6 +163,7 @@`
`161`	`163`	`)`
`162`	`164`	`(block`
`163`	`165`	`(block`
	`166`	`+ (return)`
`164`	`167`	`)`
`165`	`168`	`)`
`166`	`169`	`)`
`@@ -182,6 +185,7 @@`
`182`	`185`	`)`
`183`	`186`	`(block`
`184`	`187`	`(block`
	`188`	`+ (return)`
`185`	`189`	`)`
`186`	`190`	`)`
`187`	`191`	`)`
`@@ -206,6 +210,7 @@`
`206`	`210`	`)`
`207`	`211`	`(block`
`208`	`212`	`(block`
	`213`	`+ (return)`
`209`	`214`	`)`
`210`	`215`	`)`
`211`	`216`	`)`
`@@ -254,6 +259,7 @@`
`254`	`259`	`)`
`255`	`260`	`(block`
`256`	`261`	`(block`
	`262`	`+ (return)`
`257`	`263`	`)`
`258`	`264`	`)`
`259`	`265`	`)`
`@@ -509,6 +515,7 @@`
`509`	`515`	`(call $before-and-after`
`510`	`516`	`(i32.const 25)`
`511`	`517`	`)`
	`518`	`+ (return)`
`512`	`519`	`)`
`513`	`520`	`)`
`514`	`521`	`)`
`@@ -598,6 +605,7 @@`
`598`	`605`	`)`
`599`	`606`	`(block`
`600`	`607`	`(block`
	`608`	`+ (return)`
`601`	`609`	`)`
`602`	`610`	`)`
`603`	`611`	`)`
`@@ -634,6 +642,7 @@`
`634`	`642`	`)`
`635`	`643`	`(block`
`636`	`644`	`(block`
	`645`	`+ (return)`
`637`	`646`	`)`
`638`	`647`	`)`
`639`	`648`	`)`
`@@ -697,6 +706,7 @@`
`697`	`706`	`(call $if-br-wat`
`698`	`707`	`(i32.const 3)`
`699`	`708`	`)`
	`709`	`+ (return)`
`700`	`710`	`)`
`701`	`711`	`)`
`702`	`712`	`)`
`@@ -744,3 +754,52 @@`
`744`	`754`	`)`
`745`	`755`	`)`
`746`	`756`	`)`
	`757`	`+(module`
	`758`	`+ (type $0 (func))`
	`759`	`+ (type $1 (func (result i32)))`
	`760`	`+ (global $global$0 (mut i32) (i32.const 1))`
	`761`	`+ (memory $0 0)`
	`762`	`+ (export "one" (func $0))`
	`763`	`+ (export "two" (func $1))`
	`764`	`+ (func $0 (type $0)`
	`765`	`+ (local $0 i32)`
	`766`	`+ (block $block$4$break`
	`767`	`+ (block`
	`768`	`+ )`
	`769`	`+ (if`
	`770`	`+ (i32.const 1)`
	`771`	`+ (block`
	`772`	`+ (block`
	`773`	`+ (return)`
	`774`	`+ )`
	`775`	`+ )`
	`776`	`+ (br $block$4$break)`
	`777`	`+ )`
	`778`	`+ )`
	`779`	`+ (block`
	`780`	`+ (block $block$3$break`
	`781`	`+ (block`
	`782`	`+ (set_global $global$0`
	`783`	`+ (i32.const 0)`
	`784`	`+ )`
	`785`	`+ )`
	`786`	`+ (block`
	`787`	`+ (br $block$3$break)`
	`788`	`+ )`
	`789`	`+ )`
	`790`	`+ (block`
	`791`	`+ (block`
	`792`	`+ (unreachable)`
	`793`	`+ )`
	`794`	`+ )`
	`795`	`+ )`
	`796`	`+ )`
	`797`	`+ (func $1 (type $1) (result i32)`
	`798`	`+ (local $0 i32)`
	`799`	`+ (block`
	`800`	`+ (return`
	`801`	`+ (get_global $global$0)`
	`802`	`+ )`
	`803`	`+ )`
	`804`	`+ )`
	`805`	`+)`
Original file line number	Diff line number	Diff line change
`@@ -68,8 +68,11 @@`
`68`	`68`	`(i32.eqz`
`69`	`69`	`(get_local $0)`
`70`	`70`	`)`
`71`		`- (call $unreachable`
`72`		`- (i32.const 5)`
	`71`	`+ (block`
	`72`	`+ (call $unreachable`
	`73`	`+ (i32.const 5)`
	`74`	`+ )`
	`75`	`+ (return)`
`73`	`76`	`)`
`74`	`77`	`)`
`75`	`78`	`(if`