Line data Source code
1 : // Copyright 2016 the V8 project authors. All rights reserved.
2 : // Use of this source code is governed by a BSD-style license that can be
3 : // found in the LICENSE file.
4 :
5 : #include <stddef.h>
6 : #include <stdint.h>
7 :
8 : #include "src/isolate.h"
9 : #include "src/objects-inl.h"
10 : #include "src/objects.h"
11 : #include "src/wasm/wasm-interpreter.h"
12 : #include "src/wasm/wasm-module-builder.h"
13 : #include "test/common/wasm/test-signatures.h"
14 : #include "test/fuzzer/wasm-fuzzer-common.h"
15 :
16 : namespace v8 {
17 : namespace internal {
18 : namespace wasm {
19 : namespace fuzzer {
20 :
21 2 : class WasmCodeFuzzer : public WasmExecutionFuzzer {
22 1 : bool GenerateModule(
23 : Isolate* isolate, Zone* zone, Vector<const uint8_t> data,
24 : ZoneBuffer& buffer, int32_t& num_args,
25 : std::unique_ptr<WasmValue[]>& interpreter_args,
26 : std::unique_ptr<Handle<Object>[]>& compiler_args) override {
27 1 : TestSignatures sigs;
28 1 : WasmModuleBuilder builder(zone);
29 1 : WasmFunctionBuilder* f = builder.AddFunction(sigs.i_iii());
30 1 : f->EmitCode(data.start(), static_cast<uint32_t>(data.size()));
31 1 : uint8_t end_opcode = kExprEnd;
32 1 : f->EmitCode(&end_opcode, 1);
33 1 : builder.AddExport(CStrVector("main"), f);
34 :
35 1 : builder.SetMaxMemorySize(32);
36 1 : builder.WriteTo(buffer);
37 1 : num_args = 3;
38 1 : interpreter_args.reset(
39 : new WasmValue[3]{WasmValue(1), WasmValue(2), WasmValue(3)});
40 :
41 1 : compiler_args.reset(new Handle<Object>[3]{
42 : handle(Smi::FromInt(1), isolate), handle(Smi::FromInt(2), isolate),
43 : handle(Smi::FromInt(3), isolate)});
44 1 : return true;
45 : }
46 : };
47 :
48 1 : extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
49 3 : WasmCodeFuzzer().FuzzWasmModule({data, size});
50 1 : return 0;
51 : }
52 :
53 : } // namespace fuzzer
54 : } // namespace wasm
55 : } // namespace internal
56 2 : } // namespace v8
|
