/src/node/test/fuzzers/fuzz_common.h

Source
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#pragma once

#include <functional>
#include <memory>
#include <string>
#include <vector>

#include "node.h"
#include "node_internals.h"
#include "node_platform.h"
#include "env-inl.h"
#include "uv.h"

namespace fuzz {

// RAII per-input isolate (fresh JS heap each call)
class IsolateScope {
 public:
  IsolateScope();
  ~IsolateScope();
  v8::Isolate* isolate() const { return isolate_; }
  bool ok() const { return isolate_ != nullptr; }
 private:
  v8::Isolate* isolate_{nullptr};
};

// Options for the one-off environment runners
struct EnvRunOptions {
  node::EnvironmentFlags::Flags flags = node::EnvironmentFlags::kDefaultFlags;
  bool print_js_to_stdout = false;
  // Pump foreground tasks + libuv + microtasks up to N rounds.
  // Most fuzzers are synchronous; override to small N (e.g., 2–4) in async fuzzers.
  int  max_pumps = 0;
};

// Evaluate a JS program string inside a fresh Context/Environment, then tear down.
void RunEnvString(v8::Isolate* isolate,
                  const char* env_js,
                  const EnvRunOptions& opts = {});

// Run arbitrary code inside a fresh Context/Environment (after Node bootstrap),
// then perform a proper Node shutdown and tear down.
using EnvCallback = std::function<void(node::Environment*, v8::Local<v8::Context>)>;

void RunInEnvironment(v8::Isolate* isolate,
                      EnvCallback cb,
                      const EnvRunOptions& opts = {});

}  // namespace fuzz

Coverage Report

Created: 2025-12-30 08:42

Line	Count	Source
1		// Copyright 2025 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.
14
15		#pragma once
16
17		#include <functional>
18		#include <memory>
19		#include <string>
20		#include <vector>
21
22		#include "node.h"
23		#include "node_internals.h"
24		#include "node_platform.h"
25		#include "env-inl.h"
26		#include "uv.h"
27
28		namespace fuzz {
29
30		// RAII per-input isolate (fresh JS heap each call)
31		class IsolateScope {
32		public:
33		IsolateScope();
34		~IsolateScope();
35	10.2k	v8::Isolate* isolate() const { return isolate_; }
36	10.2k	bool ok() const { return isolate_ != nullptr; }
37		private:
38		v8::Isolate* isolate_{nullptr};
39		};
40
41		// Options for the one-off environment runners
42		struct EnvRunOptions {
43		node::EnvironmentFlags::Flags flags = node::EnvironmentFlags::kDefaultFlags;
44		bool print_js_to_stdout = false;
45		// Pump foreground tasks + libuv + microtasks up to N rounds.
46		// Most fuzzers are synchronous; override to small N (e.g., 2–4) in async fuzzers.
47		int max_pumps = 0;
48		};
49
50		// Evaluate a JS program string inside a fresh Context/Environment, then tear down.
51		void RunEnvString(v8::Isolate* isolate,
52		const char* env_js,
53		const EnvRunOptions& opts = {});
54
55		// Run arbitrary code inside a fresh Context/Environment (after Node bootstrap),
56		// then perform a proper Node shutdown and tear down.
57		using EnvCallback = std::function<void(node::Environment*, v8::Local<v8::Context>)>;
58
59		void RunInEnvironment(v8::Isolate* isolate,
60		EnvCallback cb,
61		const EnvRunOptions& opts = {});
62
63		} // namespace fuzz