// Copyright 2016 the V8 project authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "test/fuzzer/wasm-fuzzer-common.h" #include #include "include/v8-context.h" #include "include/v8-exception.h" #include "include/v8-isolate.h" #include "include/v8-local-handle.h" #include "include/v8-metrics.h" #include "src/execution/isolate.h" #include "src/utils/ostreams.h" #include "src/wasm/baseline/liftoff-compiler.h" #include "src/wasm/function-body-decoder-impl.h" #include "src/wasm/module-decoder-impl.h" #include "src/wasm/module-instantiate.h" #include "src/wasm/wasm-engine.h" #include "src/wasm/wasm-feature-flags.h" #include "src/wasm/wasm-module-builder.h" #include "src/wasm/wasm-module.h" #include "src/wasm/wasm-objects-inl.h" #include "src/wasm/wasm-opcodes-inl.h" #include "src/zone/accounting-allocator.h" #include "src/zone/zone.h" #include "test/common/flag-utils.h" #include "test/common/wasm/wasm-module-runner.h" #include "test/fuzzer/fuzzer-support.h" namespace v8::internal::wasm::fuzzer { // Compile a baseline module. We pass a pointer to a max step counter and a // nondeterminsm flag that are updated during execution by Liftoff. Handle CompileReferenceModule( Isolate* isolate, base::Vector wire_bytes, int32_t* max_steps, int32_t* nondeterminism) { // Create the native module. std::shared_ptr native_module; constexpr bool kNoVerifyFunctions = false; auto enabled_features = WasmFeatures::FromIsolate(isolate); ModuleResult module_res = DecodeWasmModule(enabled_features, wire_bytes, kNoVerifyFunctions, ModuleOrigin::kWasmOrigin); CHECK(module_res.ok()); std::shared_ptr module = module_res.value(); CHECK_NOT_NULL(module); native_module = GetWasmEngine()->NewNativeModule(isolate, enabled_features, module, 0); native_module->SetWireBytes(base::OwnedVector::Of(wire_bytes)); // The module is known to be valid as this point (it was compiled by the // caller before). module->set_all_functions_validated(); // Compile all functions with Liftoff. WasmCodeRefScope code_ref_scope; auto env = native_module->CreateCompilationEnv(); ModuleWireBytes wire_bytes_accessor{wire_bytes}; for (size_t i = module->num_imported_functions; i < module->functions.size(); ++i) { auto& func = module->functions[i]; base::Vector func_code = wire_bytes_accessor.GetFunctionBytes(&func); FunctionBody func_body(func.sig, func.code.offset(), func_code.begin(), func_code.end()); auto result = ExecuteLiftoffCompilation(&env, func_body, LiftoffOptions{} .set_func_index(func.func_index) .set_for_debugging(kForDebugging) .set_max_steps(max_steps) .set_nondeterminism(nondeterminism)); if (!result.succeeded()) { FATAL( "Liftoff compilation failed on a valid module. Run with " "--trace-wasm-decoder (in a debug build) to see why."); } native_module->PublishCode(native_module->AddCompiledCode(result)); } // Create the module object. constexpr base::Vector kNoSourceUrl; Handle