// Copyright 2016 the V8 project authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include #include #include "src/execution/isolate.h" #include "src/wasm/wasm-module-builder.h" #include "test/common/wasm/test-signatures.h" #include "test/fuzzer/wasm-fuzzer-common.h" namespace v8::internal::wasm::fuzzer { class WasmCodeFuzzer : public WasmExecutionFuzzer { bool GenerateModule(Isolate* isolate, Zone* zone, base::Vector data, ZoneBuffer* buffer, bool liftoff_as_reference) override { TestSignatures sigs; WasmModuleBuilder builder(zone); WasmFunctionBuilder* f = builder.AddFunction(sigs.i_iii()); f->EmitCode(data.begin(), static_cast(data.size())); uint8_t end_opcode = kExprEnd; f->EmitCode(&end_opcode, 1); builder.AddExport(base::CStrVector("main"), f); builder.SetMaxMemorySize(32); builder.WriteTo(buffer); return true; } }; extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { WasmCodeFuzzer().FuzzWasmModule({data, size}); return 0; } } // namespace v8::internal::wasm::fuzzer