Adding Wasm + Wasm-asm variant fuzzer.

test/fuzzer/wasm-asmjs.cc

Index: test/fuzzer/wasm-asmjs.cc
diff --git a/test/fuzzer/json.cc b/test/fuzzer/wasm-asmjs.cc
similarity index 56%
copy from test/fuzzer/json.cc
copy to test/fuzzer/wasm-asmjs.cc
index f20e9b9a3bf3cfb9641a4279c5155f01b26d457b..959faa21eb7acdcccbc711fad94bede71607265a 100644
--- a/test/fuzzer/json.cc
+++ b/test/fuzzer/wasm-asmjs.cc
@@ -7,25 +7,26 @@
 #include <stdint.h>
 
 #include "include/v8.h"
+#include "src/factory.h"
+#include "src/isolate.h"
+#include "src/objects-inl.h"
+#include "src/objects.h"
+#include "src/wasm/wasm-js.h"
+#include "src/wasm/wasm-module.h"
 #include "test/fuzzer/fuzzer-support.h"
 
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   v8_fuzzer::FuzzerSupport* support = v8_fuzzer::FuzzerSupport::Get();
   v8::Isolate* isolate = support->GetIsolate();
-
+  v8::internal::Isolate* i_isolate =
+      reinterpret_cast<v8::internal::Isolate*>(isolate);
   v8::Isolate::Scope isolate_scope(isolate);
   v8::HandleScope handle_scope(isolate);
   v8::Context::Scope context_scope(support->GetContext());
   v8::TryCatch try_catch(isolate);
-
-  if (size > INT_MAX) return 0;
-  v8::Local<v8::String> source;
-  if (!v8::String::NewFromOneByte(isolate, data, v8::NewStringType::kNormal,
-                                  static_cast<int>(size))
-           .ToLocal(&source)) {
-    return 0;
-  }
-
-  v8::JSON::Parse(isolate, source).IsEmpty();
+  v8::internal::WasmJs::InstallWasmFunctionMap(i_isolate,
+                                               i_isolate->native_context());
+  v8::internal::wasm::CompileAndRunWasmModule(i_isolate, data, data + size,
+                                              true);
   return 0;
 }