Add fuzzing support for relaxed atomics (#8253)

stevenfontanella · web-flow · commit 1d0b1d699594 · 2026-01-30T18:46:02.000Z
Part of #8165. We already don't run v8 fuzz handlers for relaxed atomics ([link](https://github.com/WebAssembly/binaryen/blob/660166319b6cdb255b5dbc3d2a3ef3e9c0a00ad3/scripts/fuzz_opt.py#L68)) since this feature isn't implemented in V8 yet. To test, ran `fuzz_opt.py` for ~1 hour with no failures.
diff --git a/src/tools/fuzzing.h b/src/tools/fuzzing.h
@@ -276,6 +276,8 @@ class TranslateToFuzzReader {
   // overridden using another context in an RAII manner).
   std::unique_ptr<FuzzParamsContext> globalParams;
 
+  std::vector<MemoryOrder> atomicMemoryOrders;
+
 public:
   int nesting = 0;
 
diff --git a/src/tools/fuzzing/fuzzing.cpp b/src/tools/fuzzing/fuzzing.cpp
@@ -36,6 +36,10 @@ TranslateToFuzzReader::TranslateToFuzzReader(Module& wasm,
     random(std::move(input), wasm.features),
     publicTypeValidator(wasm.features) {
 
+  atomicMemoryOrders = wasm.features.hasRelaxedAtomics()
+                         ? std::vector{MemoryOrder::AcqRel, MemoryOrder::SeqCst}
+                         : std::vector{MemoryOrder::SeqCst};
+
   haveInitialFunctions = !wasm.functions.empty();
 
   // - funcref cannot be logged because referenced functions can be inlined or
@@ -3239,7 +3243,7 @@ Expression* TranslateToFuzzReader::makeLoad(Type type) {
   // make it atomic
   auto* load = ret->cast<Load>();
   wasm.memories[0]->shared = true;
-  load->order = MemoryOrder::SeqCst;
+  load->order = pick(atomicMemoryOrders);
   load->signed_ = false;
   load->align = load->bytes;
   return load;
@@ -3358,7 +3362,7 @@ Expression* TranslateToFuzzReader::makeStore(Type type) {
   }
   // make it atomic
   wasm.memories[0]->shared = true;
-  store->order = MemoryOrder::SeqCst;
+  store->order = pick(atomicMemoryOrders);
   store->align = store->bytes;
   return store;
 }
@@ -4771,7 +4775,7 @@ Expression* TranslateToFuzzReader::makeAtomic(Type type) {
       value,
       type,
       wasm.memories[0]->name,
-      MemoryOrder::SeqCst);
+      pick(atomicMemoryOrders));
   } else {
     auto* expected = make(type);
     auto* replacement = make(type);
@@ -4782,7 +4786,7 @@ Expression* TranslateToFuzzReader::makeAtomic(Type type) {
                                      replacement,
                                      type,
                                      wasm.memories[0]->name,
-                                     MemoryOrder::SeqCst);
+                                     pick(atomicMemoryOrders));
   }
 }
 
diff --git a/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt b/test/passes/translate-to-fuzz_all-features_metrics_noprint.txt
@@ -1,51 +1,49 @@
 Metrics
 total
- [exports]      : 13      
- [funcs]        : 11      
+ [exports]      : 15      
+ [funcs]        : 13      
  [globals]      : 26      
  [imports]      : 10      
  [memories]     : 1       
  [memory-data]  : 16      
  [table-data]   : 5       
  [tables]       : 2       
  [tags]         : 1       
- [total]        : 548     
- [vars]         : 32      
- ArrayNewFixed  : 7       
- AtomicRMW      : 1       
+ [total]        : 459     
+ [vars]         : 50      
+ ArrayNewFixed  : 9       
+ AtomicCmpxchg  : 1       
+ AtomicNotify   : 1       
  Binary         : 25      
- Block          : 81      
- BrOn           : 1       
- Break          : 7       
- Call           : 18      
- CallIndirect   : 3       
+ Block          : 68      
+ Break          : 2       
+ Call           : 14      
+ CallIndirect   : 2       
  CallRef        : 1       
- Const          : 128     
- Drop           : 3       
- GlobalGet      : 47      
- GlobalSet      : 36      
- If             : 24      
- Load           : 4       
- LocalGet       : 19      
- LocalSet       : 13      
- Loop           : 7       
- Nop            : 5       
- RefEq          : 3       
- RefFunc        : 9       
- RefI31         : 3       
- RefNull        : 5       
- Return         : 6       
- SIMDExtract    : 2       
- Select         : 4       
- Store          : 2       
- StringConst    : 9       
- StringEq       : 1       
- StringWTF16Get : 1       
+ Const          : 104     
+ Drop           : 2       
+ GlobalGet      : 44      
+ GlobalSet      : 32      
+ If             : 21      
+ Load           : 5       
+ LocalGet       : 15      
+ LocalSet       : 7       
+ Loop           : 3       
+ Nop            : 6       
+ Pop            : 3       
+ RefEq          : 2       
+ RefFunc        : 8       
+ RefI31         : 1       
+ RefNull        : 3       
+ Return         : 7       
+ SIMDExtract    : 3       
+ Select         : 1       
+ StringConst    : 6       
+ StringMeasure  : 2       
  StructNew      : 4       
- TableSet       : 1       
- Throw          : 2       
- TryTable       : 4       
- TupleExtract   : 2       
- TupleMake      : 15      
- Unary          : 27      
- Unreachable    : 18      
+ Try            : 3       
+ TryTable       : 3       
+ TupleExtract   : 1       
+ TupleMake      : 11      
+ Unary          : 23      
+ Unreachable    : 16      
