Skip to content

Commit 34c4913

Browse files
evicyV8-internal LUCI CQ
evicy
authored and
V8-internal LUCI CQ
committed
[fix] Fix divide by zero when generating offsets to Wasm memory
Change-Id: Ib2095297fdf79676cdfb637048afe2ef98fbb217 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/7963394 Reviewed-by: Carl Smith <[email protected]> Commit-Queue: Eva Herencsárová <[email protected]>
1 parent 706fda6 commit 34c4913

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

Sources/Fuzzilli/Base/ProgramBuilder.swift

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3492,7 +3492,12 @@ public class ProgramBuilder {
34923492
let dynamicOffsetValue = self.randomNonNegativeIndex(upTo: memSize)
34933493
let dynamicOffset = memoryTypeInfo.isMemory64 ? function.consti64(dynamicOffsetValue)
34943494
: function.consti32(Int32(dynamicOffsetValue))
3495-
let staticOffset = self.randomNonNegativeIndex(upTo: memSize) % (memSize - dynamicOffsetValue)
3495+
var staticOffset: Int64
3496+
if (dynamicOffsetValue == memSize) {
3497+
staticOffset = 0
3498+
} else {
3499+
staticOffset = self.randomNonNegativeIndex(upTo: memSize) % (memSize - dynamicOffsetValue)
3500+
}
34963501

34973502
return (dynamicOffset, staticOffset)
34983503
}

0 commit comments

Comments
 (0)