Home | History | Annotate | Download | only in fuzzer 
      1 // Copyright 2016 the V8 project authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "test/fuzzer/fuzzer-support.h"
      6 
      7 #include <stdio.h>
      8 #include <stdlib.h>
      9 #include <string.h>
     10 
     11 #include "include/libplatform/libplatform.h"
     12 
     13 #include "src/flags.h"
     14 
     15 namespace v8_fuzzer {
     16 
     17 namespace {
     18 
     19 FuzzerSupport* g_fuzzer_support = nullptr;
     20 
     21 void DeleteFuzzerSupport() {
     22   if (g_fuzzer_support) {
     23     delete g_fuzzer_support;
     24     g_fuzzer_support = nullptr;
     25   }
     26 }
     27 
     28 }  // namespace
     29 
     30 class FuzzerSupport::ArrayBufferAllocator : public v8::ArrayBuffer::Allocator {
     31  public:
     32   virtual void* Allocate(size_t length) {
     33     void* data = AllocateUninitialized(length);
     34     return data == NULL ? data : memset(data, 0, length);
     35   }
     36   virtual void* AllocateUninitialized(size_t length) { return malloc(length); }
     37   virtual void Free(void* data, size_t) { free(data); }
     38 };
     39 
     40 FuzzerSupport::FuzzerSupport(int* argc, char*** argv) {
     41   v8::internal::FLAG_expose_gc = true;
     42   v8::V8::SetFlagsFromCommandLine(argc, *argv, true);
     43   v8::V8::InitializeICUDefaultLocation((*argv)[0]);
     44   v8::V8::InitializeExternalStartupData((*argv)[0]);
     45   platform_ = v8::platform::CreateDefaultPlatform();
     46   v8::V8::InitializePlatform(platform_);
     47   v8::V8::Initialize();
     48 
     49   allocator_ = new ArrayBufferAllocator;
     50   v8::Isolate::CreateParams create_params;
     51   create_params.array_buffer_allocator = allocator_;
     52   isolate_ = v8::Isolate::New(create_params);
     53 
     54   {
     55     v8::Isolate::Scope isolate_scope(isolate_);
     56     v8::HandleScope handle_scope(isolate_);
     57     context_.Reset(isolate_, v8::Context::New(isolate_));
     58   }
     59 }
     60 
     61 FuzzerSupport::~FuzzerSupport() {
     62   {
     63     v8::Isolate::Scope isolate_scope(isolate_);
     64     while (v8::platform::PumpMessageLoop(platform_, isolate_)) /* empty */
     65       ;
     66 
     67     v8::HandleScope handle_scope(isolate_);
     68     context_.Reset();
     69   }
     70 
     71   isolate_->LowMemoryNotification();
     72   isolate_->Dispose();
     73   isolate_ = nullptr;
     74 
     75   delete allocator_;
     76   allocator_ = nullptr;
     77 
     78   v8::V8::Dispose();
     79   v8::V8::ShutdownPlatform();
     80 
     81   delete platform_;
     82   platform_ = nullptr;
     83 }
     84 
     85 // static
     86 FuzzerSupport* FuzzerSupport::Get() { return g_fuzzer_support; }
     87 
     88 v8::Isolate* FuzzerSupport::GetIsolate() { return isolate_; }
     89 
     90 v8::Local<v8::Context> FuzzerSupport::GetContext() {
     91   v8::Isolate::Scope isolate_scope(isolate_);
     92   v8::EscapableHandleScope handle_scope(isolate_);
     93   v8::Local<v8::Context> context =
     94       v8::Local<v8::Context>::New(isolate_, context_);
     95   return handle_scope.Escape(context);
     96 }
     97 
     98 }  // namespace v8_fuzzer
     99 
    100 extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
    101   v8_fuzzer::g_fuzzer_support = new v8_fuzzer::FuzzerSupport(argc, argv);
    102   atexit(&v8_fuzzer::DeleteFuzzerSupport);
    103   return 0;
    104 }
    105