wasm-code.cc 1.7 KB
Newer Older
1 2 3 4 5 6 7
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include <stddef.h>
#include <stdint.h>

8
#include "src/execution/isolate.h"
9 10
#include "src/objects/objects-inl.h"
#include "src/objects/objects.h"
11
#include "src/wasm/wasm-module-builder.h"
12
#include "test/common/wasm/test-signatures.h"
13
#include "test/fuzzer/wasm-fuzzer-common.h"
14

15 16 17 18
namespace v8 {
namespace internal {
namespace wasm {
namespace fuzzer {
19

20
class WasmCodeFuzzer : public WasmExecutionFuzzer {
21
  bool GenerateModule(
22
      Isolate* isolate, Zone* zone, Vector<const uint8_t> data,
23 24 25
      ZoneBuffer* buffer, int32_t* num_args,
      std::unique_ptr<WasmValue[]>* interpreter_args,
      std::unique_ptr<Handle<Object>[]>* compiler_args) override {
26 27 28
    TestSignatures sigs;
    WasmModuleBuilder builder(zone);
    WasmFunctionBuilder* f = builder.AddFunction(sigs.i_iii());
29
    f->EmitCode(data.begin(), static_cast<uint32_t>(data.size()));
30 31
    uint8_t end_opcode = kExprEnd;
    f->EmitCode(&end_opcode, 1);
32
    builder.AddExport(CStrVector("main"), f);
33

34
    builder.SetMaxMemorySize(32);
35 36 37
    builder.WriteTo(buffer);
    *num_args = 3;
    interpreter_args->reset(
38
        new WasmValue[3]{WasmValue(1), WasmValue(2), WasmValue(3)});
39

40 41 42 43
    compiler_args->reset(new Handle<Object>[3] {
      handle(Smi::FromInt(1), isolate), handle(Smi::FromInt(2), isolate),
          handle(Smi::FromInt(3), isolate)
    });
44 45 46
    return true;
  }
};
47

48
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
49 50
  WasmCodeFuzzer().FuzzWasmModule({data, size});
  return 0;
51
}
52 53 54 55 56

}  // namespace fuzzer
}  // namespace wasm
}  // namespace internal
}  // namespace v8