1 // Copyright 2016 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "test/fuzzer/fuzzer-support.h"
6
7 #include <stdio.h>
8 #include <stdlib.h>
9 #include <string.h>
10
11 #include "include/libplatform/libplatform.h"
12
13 #include "src/flags.h"
14
15 namespace v8_fuzzer {
16
17 namespace {
18
19 FuzzerSupport* g_fuzzer_support = nullptr;
20
DeleteFuzzerSupport()21 void DeleteFuzzerSupport() {
22 if (g_fuzzer_support) {
23 delete g_fuzzer_support;
24 g_fuzzer_support = nullptr;
25 }
26 }
27
28 } // namespace
29
30 class FuzzerSupport::ArrayBufferAllocator : public v8::ArrayBuffer::Allocator {
31 public:
Allocate(size_t length)32 virtual void* Allocate(size_t length) {
33 void* data = AllocateUninitialized(length);
34 return data == NULL ? data : memset(data, 0, length);
35 }
AllocateUninitialized(size_t length)36 virtual void* AllocateUninitialized(size_t length) { return malloc(length); }
Free(void * data,size_t)37 virtual void Free(void* data, size_t) { free(data); }
38 };
39
FuzzerSupport(int * argc,char *** argv)40 FuzzerSupport::FuzzerSupport(int* argc, char*** argv) {
41 v8::internal::FLAG_expose_gc = true;
42 v8::V8::SetFlagsFromCommandLine(argc, *argv, true);
43 v8::V8::InitializeICUDefaultLocation((*argv)[0]);
44 v8::V8::InitializeExternalStartupData((*argv)[0]);
45 platform_ = v8::platform::CreateDefaultPlatform();
46 v8::V8::InitializePlatform(platform_);
47 v8::V8::Initialize();
48
49 allocator_ = new ArrayBufferAllocator;
50 v8::Isolate::CreateParams create_params;
51 create_params.array_buffer_allocator = allocator_;
52 isolate_ = v8::Isolate::New(create_params);
53
54 {
55 v8::Isolate::Scope isolate_scope(isolate_);
56 v8::HandleScope handle_scope(isolate_);
57 context_.Reset(isolate_, v8::Context::New(isolate_));
58 }
59 }
60
~FuzzerSupport()61 FuzzerSupport::~FuzzerSupport() {
62 {
63 v8::Isolate::Scope isolate_scope(isolate_);
64 while (v8::platform::PumpMessageLoop(platform_, isolate_)) /* empty */
65 ;
66
67 v8::HandleScope handle_scope(isolate_);
68 context_.Reset();
69 }
70
71 isolate_->LowMemoryNotification();
72 isolate_->Dispose();
73 isolate_ = nullptr;
74
75 delete allocator_;
76 allocator_ = nullptr;
77
78 v8::V8::Dispose();
79 v8::V8::ShutdownPlatform();
80
81 delete platform_;
82 platform_ = nullptr;
83 }
84
85 // static
Get()86 FuzzerSupport* FuzzerSupport::Get() { return g_fuzzer_support; }
87
GetIsolate()88 v8::Isolate* FuzzerSupport::GetIsolate() { return isolate_; }
89
GetContext()90 v8::Local<v8::Context> FuzzerSupport::GetContext() {
91 v8::Isolate::Scope isolate_scope(isolate_);
92 v8::EscapableHandleScope handle_scope(isolate_);
93 v8::Local<v8::Context> context =
94 v8::Local<v8::Context>::New(isolate_, context_);
95 return handle_scope.Escape(context);
96 }
97
98 } // namespace v8_fuzzer
99
LLVMFuzzerInitialize(int * argc,char *** argv)100 extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
101 v8_fuzzer::g_fuzzer_support = new v8_fuzzer::FuzzerSupport(argc, argv);
102 atexit(&v8_fuzzer::DeleteFuzzerSupport);
103 return 0;
104 }
105