// Copyright 2024 the V8 project authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "include/v8-context.h" #include "include/v8-exception.h" #include "include/v8-isolate.h" #include "include/v8-local-handle.h" #include "src/base/vector.h" #include "src/execution/isolate.h" #include "src/objects/property-descriptor.h" #include "src/wasm/compilation-environment-inl.h" #include "src/wasm/fuzzing/random-module-generation.h" #include "src/wasm/wasm-engine.h" #include "src/wasm/wasm-feature-flags.h" #include "src/wasm/wasm-module.h" #include "src/wasm/wasm-objects-inl.h" #include "src/wasm/wasm-subtyping.h" #include "src/zone/accounting-allocator.h" #include "src/zone/zone.h" #include "test/common/flag-utils.h" #include "test/common/wasm/wasm-module-runner.h" #include "test/fuzzer/fuzzer-support.h" #include "test/fuzzer/wasm-fuzzer-common.h" // This fuzzer fuzzes initializer expressions used e.g. in globals. // The fuzzer creates a set of globals with initializer expressions and a set of // functions containing the same body as these initializer expressions. // The global value should be equal to the result of running the corresponding // function. namespace v8::internal::wasm::fuzzing { #define CHECK_FLOAT_EQ(expected, actual) … namespace { bool IsNullOrWasmNull(Tagged<Object> obj) { … } Handle<Object> GetExport(Isolate* isolate, Handle<WasmInstanceObject> instance, const char* name) { … } void CheckEquivalent(const WasmValue& lhs, const WasmValue& rhs, const WasmModule& module) { … } void FuzzIt(base::Vector<const uint8_t> data) { … } } // anonymous namespace extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { … } } // namespace v8::internal::wasm::fuzzing
Codebase Browser
chromium