From 973ca3833a2d05ed03ac3b9311a70537e1ece01a Mon Sep 17 00:00:00 2001
From: Chris Fallin <chris@cfallin.org>
Date: Fri, 17 Dec 2021 21:15:28 -0800
Subject: [PATCH] Fuzzbug fix

---
 src/cfg/structured.rs | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/cfg/structured.rs b/src/cfg/structured.rs
index 3ea5d7d..ce31fc7 100644
--- a/src/cfg/structured.rs
+++ b/src/cfg/structured.rs
@@ -217,15 +217,18 @@ impl WasmRegion {
             forward_targets
         );
 
-        let top = WasmRegion::Block(
-            0,
-            None,
-            loop_nest
-                .nodes
-                .iter()
-                .map(|node| Self::compute_for_node(cfg, &forward_targets, node))
-                .collect::<Vec<_>>(),
+        // Enclose loop nest in a virtual loop, to handle forward
+        // edges in a unified way even outside any loop.
+        let top = Self::compute_for_node(
+            cfg,
+            &forward_targets,
+            &Node::Loop(BlockId::MAX, loop_nest.nodes.clone()),
         );
+        let subregions = match top {
+            WasmRegion::Loop(_, subregions) => subregions,
+            _ => unreachable!(),
+        };
+        let top = WasmRegion::Block(0, None, subregions);
 
         log::trace!("Wasm region: {:?}", top);
         top