Line data Source code
1 : // Copyright 2016 the V8 project authors. All rights reserved.
2 : // Use of this source code is governed by a BSD-style license that can be
3 : // found in the LICENSE file.
4 :
5 : #ifndef WASM_SECTION_FUZZERS_H_
6 : #define WASM_SECTION_FUZZERS_H_
7 :
8 : #include <stddef.h>
9 : #include <stdint.h>
10 :
11 : #include "src/wasm/module-decoder.h"
12 : #include "src/wasm/wasm-interpreter.h"
13 : #include "src/wasm/wasm-module-builder.h"
14 :
15 : namespace v8 {
16 : namespace internal {
17 : namespace wasm {
18 : namespace fuzzer {
19 :
20 : int FuzzWasmSection(SectionCode section, const uint8_t* data, size_t size);
21 :
22 : // First instantiates and interprets the "main" function within module_object if
23 : // possible. If the interpretation finishes within kMaxSteps steps,
24 : // module_object is instantiated again and the compiled "main" function is
25 : // executed.
26 : void InterpretAndExecuteModule(Isolate* isolate,
27 : Handle<WasmModuleObject> module_object);
28 :
29 3 : class WasmExecutionFuzzer {
30 : public:
31 0 : virtual ~WasmExecutionFuzzer() {}
32 : int FuzzWasmModule(const uint8_t* data, size_t size);
33 :
34 : protected:
35 : virtual bool GenerateModule(
36 : Isolate* isolate, Zone* zone, const uint8_t* data, size_t size,
37 : ZoneBuffer& buffer, int32_t& num_args,
38 : std::unique_ptr<WasmValue[]>& interpreter_args,
39 : std::unique_ptr<Handle<Object>[]>& compiler_args) = 0;
40 : };
41 :
42 : } // namespace fuzzer
43 : } // namespace wasm
44 : } // namespace internal
45 : } // namespace v8
46 : #endif // WASM_SECTION_FUZZERS_H_
|
