Line data Source code
1 : // Copyright 2016 the V8 project authors. All rights reserved.
2 : // Use of this source code is governed by a BSD-style license that can be
3 : // found in the LICENSE file.
4 :
5 : #include "test/fuzzer/fuzzer-support.h"
6 :
7 : #include <stdio.h>
8 : #include <stdlib.h>
9 : #include <string.h>
10 :
11 : #include "include/libplatform/libplatform.h"
12 :
13 : #include "src/flags.h"
14 :
15 : namespace v8_fuzzer {
16 :
17 37 : FuzzerSupport::FuzzerSupport(int* argc, char*** argv) {
18 37 : v8::internal::FLAG_expose_gc = true;
19 37 : v8::V8::SetFlagsFromCommandLine(argc, *argv, true);
20 37 : v8::V8::InitializeICUDefaultLocation((*argv)[0]);
21 37 : v8::V8::InitializeExternalStartupData((*argv)[0]);
22 111 : platform_ = v8::platform::NewDefaultPlatform();
23 37 : v8::V8::InitializePlatform(platform_.get());
24 37 : v8::V8::Initialize();
25 :
26 37 : allocator_ = v8::ArrayBuffer::Allocator::NewDefaultAllocator();
27 : v8::Isolate::CreateParams create_params;
28 37 : create_params.array_buffer_allocator = allocator_;
29 37 : isolate_ = v8::Isolate::New(create_params);
30 :
31 : {
32 : v8::Isolate::Scope isolate_scope(isolate_);
33 74 : v8::HandleScope handle_scope(isolate_);
34 74 : context_.Reset(isolate_, v8::Context::New(isolate_));
35 : }
36 37 : }
37 :
38 74 : FuzzerSupport::~FuzzerSupport() {
39 : {
40 37 : v8::Isolate::Scope isolate_scope(isolate_);
41 79 : while (PumpMessageLoop()) {
42 : // empty
43 : }
44 :
45 74 : v8::HandleScope handle_scope(isolate_);
46 : context_.Reset();
47 : }
48 :
49 37 : isolate_->LowMemoryNotification();
50 37 : isolate_->Dispose();
51 37 : isolate_ = nullptr;
52 :
53 37 : delete allocator_;
54 37 : allocator_ = nullptr;
55 :
56 37 : v8::V8::Dispose();
57 37 : v8::V8::ShutdownPlatform();
58 37 : }
59 :
60 37 : std::unique_ptr<FuzzerSupport> FuzzerSupport::fuzzer_support_;
61 :
62 : // static
63 37 : void FuzzerSupport::InitializeFuzzerSupport(int* argc, char*** argv) {
64 : DCHECK_NULL(FuzzerSupport::fuzzer_support_);
65 : FuzzerSupport::fuzzer_support_ =
66 74 : v8::base::make_unique<v8_fuzzer::FuzzerSupport>(argc, argv);
67 37 : }
68 :
69 : // static
70 37 : FuzzerSupport* FuzzerSupport::Get() {
71 : DCHECK_NOT_NULL(FuzzerSupport::fuzzer_support_);
72 37 : return FuzzerSupport::fuzzer_support_.get();
73 : }
74 :
75 39 : v8::Local<v8::Context> FuzzerSupport::GetContext() {
76 39 : v8::Isolate::Scope isolate_scope(isolate_);
77 39 : v8::EscapableHandleScope handle_scope(isolate_);
78 : v8::Local<v8::Context> context =
79 39 : v8::Local<v8::Context>::New(isolate_, context_);
80 39 : return handle_scope.Escape(context);
81 : }
82 :
83 6 : bool FuzzerSupport::PumpMessageLoop(
84 : v8::platform::MessageLoopBehavior behavior) {
85 170 : return v8::platform::PumpMessageLoop(platform_.get(), isolate_, behavior);
86 : }
87 :
88 : } // namespace v8_fuzzer
89 :
90 : // Explicitly specify some attributes to avoid issues with the linker dead-
91 : // stripping the following function on macOS, as it is not called directly
92 : // by fuzz target. LibFuzzer runtime uses dlsym() to resolve that function.
93 : #if V8_OS_MACOSX
94 : __attribute__((used)) __attribute__((visibility("default")))
95 : #endif // V8_OS_MACOSX
96 : extern "C" int
97 37 : LLVMFuzzerInitialize(int* argc, char*** argv) {
98 37 : v8_fuzzer::FuzzerSupport::InitializeFuzzerSupport(argc, argv);
99 37 : return 0;
100 74 : }
|