1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef CONTAINERSVECTORCOMMON_FUZZER_H 17 #define CONTAINERSVECTORCOMMON_FUZZER_H 18 19 #include "ecmascript/containers/containers_vector.h" 20 #include "ecmascript/containers/containers_private.h" 21 #include "ecmascript/ecma_string-inl.h" 22 #include "ecmascript/ecma_vm.h" 23 #include "ecmascript/global_env.h" 24 #include "ecmascript/js_api/js_api_vector.h" 25 #include "ecmascript/js_api/js_api_vector_iterator.h" 26 #include "ecmascript/js_handle.h" 27 #include "ecmascript/napi/include/jsnapi.h" 28 #include "ecmascript/ecma_runtime_call_info.h" 29 #include "ecmascript/js_thread.h" 30 #include "ecmascript/object_factory.h" 31 32 #define MAXBYTELEN sizeof(unsigned int) 33 34 namespace panda::ecmascript { 35 using namespace panda::ecmascript::containers; 36 class ContainersVectorFuzzTestHelper { 37 public: JSObjectCreate(JSThread * thread)38 static JSFunction *JSObjectCreate(JSThread *thread) 39 { 40 EcmaVM *ecmaVM = thread->GetEcmaVM(); 41 JSHandle<GlobalEnv> globalEnv = ecmaVM->GetGlobalEnv(); 42 return globalEnv->GetObjectFunction().GetObject<JSFunction>(); 43 } 44 CreateEcmaRuntimeCallInfo(JSThread * thread,uint32_t numArgs)45 static EcmaRuntimeCallInfo *CreateEcmaRuntimeCallInfo(JSThread *thread, uint32_t numArgs) 46 { 47 auto factory = thread->GetEcmaVM()->GetFactory(); 48 JSHandle<JSTaggedValue> hclass(thread, JSObjectCreate(thread)); 49 JSHandle<JSTaggedValue> callee(factory->NewJSObjectByConstructor(JSHandle<JSFunction>::Cast(hclass), hclass)); 50 JSHandle<JSTaggedValue> undefined = thread->GlobalConstants()->GetHandledUndefined(); 51 EcmaRuntimeCallInfo *objCallInfo = 52 EcmaInterpreter::NewRuntimeCallInfo(thread, undefined, callee, undefined, numArgs); 53 return objCallInfo; 54 } 55 CreateJSAPIVector(JSThread * thread)56 static JSHandle<JSAPIVector> CreateJSAPIVector(JSThread *thread) 57 { 58 auto factory = thread->GetEcmaVM()->GetFactory(); 59 JSHandle<GlobalEnv> env = thread->GetEcmaVM()->GetGlobalEnv(); 60 JSHandle<JSTaggedValue> globalObject = env->GetJSGlobalObject(); 61 JSHandle<JSTaggedValue> key(factory->NewFromASCII("ArkPrivate")); 62 JSHandle<JSTaggedValue> value = 63 JSObject::GetProperty(thread, JSHandle<JSTaggedValue>(globalObject), key).GetValue(); 64 65 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 66 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 67 objCallInfo->SetThis(value.GetTaggedValue()); 68 objCallInfo->SetCallArg(0, 69 JSTaggedValue(static_cast<int>(containers::ContainerTag::Vector))); // 0 means the argument 70 JSTaggedValue result = containers::ContainersPrivate::Load(objCallInfo); 71 72 JSHandle<JSFunction> newTarget(thread, result); 73 auto objCallInfo2 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 74 objCallInfo2->SetFunction(newTarget.GetTaggedValue()); 75 objCallInfo2->SetNewTarget(newTarget.GetTaggedValue()); 76 objCallInfo2->SetThis(JSTaggedValue::Undefined()); 77 objCallInfo2->SetCallArg(0, JSTaggedValue::Undefined()); 78 79 JSTaggedValue list = containers::ContainersVector::VectorConstructor(objCallInfo2); 80 JSHandle<JSAPIVector> vector(thread, list); 81 return vector; 82 } 83 GetVectorWithData(JSThread * thread,const uint8_t * data,size_t size)84 static JSHandle<JSAPIVector> GetVectorWithData(JSThread *thread, const uint8_t* data, size_t size) 85 { 86 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 87 88 constexpr int32_t ELEMENT_NUMS = 8; 89 90 uint32_t input = 0; 91 if (size > MAXBYTELEN) { 92 size = MAXBYTELEN; 93 } 94 if (memcpy_s(&input, MAXBYTELEN, data, size) != 0) { 95 std::cout << "memcpy_s failed!"; 96 UNREACHABLE(); 97 } 98 99 for (int32_t i = 0; i < ELEMENT_NUMS; i++) { 100 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 101 callInfo->SetFunction(JSTaggedValue::Undefined()); 102 callInfo->SetThis(vector.GetTaggedValue()); 103 callInfo->SetCallArg(0, JSTaggedValue(i + input)); 104 105 ContainersVector::Add(callInfo); 106 } 107 108 return vector; 109 } 110 ContainersVectorAddFuzzTest(const uint8_t * data,size_t size)111 static void ContainersVectorAddFuzzTest(const uint8_t* data, size_t size) 112 { 113 RuntimeOption option; 114 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 115 EcmaVM *vm = JSNApi::CreateJSVM(option); 116 auto thread = vm->GetAssociatedJSThread(); 117 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 118 119 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 120 callInfo->SetFunction(JSTaggedValue::Undefined()); 121 callInfo->SetThis(vector.GetTaggedValue()); 122 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 123 std::string str(data, data + size); 124 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 125 callInfo->SetCallArg(0, value); 126 127 ContainersVector::Add(callInfo); 128 129 JSNApi::DestroyJSVM(vm); 130 } 131 ContainersVectorGetFirstElementFuzzTest(const uint8_t * data,size_t size)132 static void ContainersVectorGetFirstElementFuzzTest(const uint8_t* data, size_t size) 133 { 134 RuntimeOption option; 135 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 136 EcmaVM *vm = JSNApi::CreateJSVM(option); 137 auto thread = vm->GetAssociatedJSThread(); 138 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 139 140 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 141 callInfo->SetFunction(JSTaggedValue::Undefined()); 142 callInfo->SetThis(vector.GetTaggedValue()); 143 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 144 std::string str(data, data + size); 145 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 146 callInfo->SetCallArg(0, value); 147 148 ContainersVector::Add(callInfo); 149 150 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 151 callInfo1->SetFunction(JSTaggedValue::Undefined()); 152 callInfo1->SetThis(vector.GetTaggedValue()); 153 154 ContainersVector::GetFirstElement(callInfo1); 155 156 JSNApi::DestroyJSVM(vm); 157 } 158 ContainersVectorGetIndexOfFuzzTest(const uint8_t * data,size_t size)159 static void ContainersVectorGetIndexOfFuzzTest(const uint8_t* data, size_t size) 160 { 161 RuntimeOption option; 162 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 163 EcmaVM *vm = JSNApi::CreateJSVM(option); 164 auto thread = vm->GetAssociatedJSThread(); 165 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 166 167 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 168 callInfo->SetFunction(JSTaggedValue::Undefined()); 169 callInfo->SetThis(vector.GetTaggedValue()); 170 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 171 std::string str(data, data + size); 172 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 173 callInfo->SetCallArg(0, value); 174 175 ContainersVector::Add(callInfo); 176 177 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 178 callInfo1->SetFunction(JSTaggedValue::Undefined()); 179 callInfo1->SetThis(vector.GetTaggedValue()); 180 callInfo1->SetCallArg(0, value); 181 182 ContainersVector::GetIndexOf(callInfo1); 183 184 JSNApi::DestroyJSVM(vm); 185 } 186 ContainersVectorGetLastElementFuzzTest(const uint8_t * data,size_t size)187 static void ContainersVectorGetLastElementFuzzTest(const uint8_t* data, size_t size) 188 { 189 RuntimeOption option; 190 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 191 EcmaVM *vm = JSNApi::CreateJSVM(option); 192 auto thread = vm->GetAssociatedJSThread(); 193 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 194 195 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 196 callInfo->SetFunction(JSTaggedValue::Undefined()); 197 callInfo->SetThis(vector.GetTaggedValue()); 198 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 199 std::string str(data, data + size); 200 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 201 callInfo->SetCallArg(0, value); 202 203 ContainersVector::Add(callInfo); 204 205 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 206 callInfo1->SetFunction(JSTaggedValue::Undefined()); 207 callInfo1->SetThis(vector.GetTaggedValue()); 208 209 ContainersVector::GetLastElement(callInfo1); 210 211 JSNApi::DestroyJSVM(vm); 212 } 213 ContainersVectorHasFuzzTest(const uint8_t * data,size_t size)214 static void ContainersVectorHasFuzzTest(const uint8_t* data, size_t size) 215 { 216 RuntimeOption option; 217 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 218 EcmaVM *vm = JSNApi::CreateJSVM(option); 219 auto thread = vm->GetAssociatedJSThread(); 220 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 221 222 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 223 callInfo->SetFunction(JSTaggedValue::Undefined()); 224 callInfo->SetThis(vector.GetTaggedValue()); 225 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 226 std::string str(data, data + size); 227 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 228 callInfo->SetCallArg(0, value); 229 230 ContainersVector::Add(callInfo); 231 232 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 233 callInfo1->SetFunction(JSTaggedValue::Undefined()); 234 callInfo1->SetThis(vector.GetTaggedValue()); 235 callInfo1->SetCallArg(0, value); 236 237 ContainersVector::Has(callInfo1); 238 239 JSNApi::DestroyJSVM(vm); 240 } 241 ContainersVectorInsertFuzzTest(const uint8_t * data,size_t size)242 static void ContainersVectorInsertFuzzTest(const uint8_t* data, size_t size) 243 { 244 RuntimeOption option; 245 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 246 EcmaVM *vm = JSNApi::CreateJSVM(option); 247 auto thread = vm->GetAssociatedJSThread(); 248 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 249 250 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 251 callInfo->SetFunction(JSTaggedValue::Undefined()); 252 callInfo->SetThis(vector.GetTaggedValue()); 253 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 254 std::string str(data, data + size); 255 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 256 callInfo->SetCallArg(0, value); 257 callInfo->SetCallArg(1, JSTaggedValue(0)); 258 259 ContainersVector::Insert(callInfo); 260 261 JSNApi::DestroyJSVM(vm); 262 } 263 ContainersVectorRemoveFuzzTest(const uint8_t * data,size_t size)264 static void ContainersVectorRemoveFuzzTest(const uint8_t* data, size_t size) 265 { 266 RuntimeOption option; 267 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 268 EcmaVM *vm = JSNApi::CreateJSVM(option); 269 auto thread = vm->GetAssociatedJSThread(); 270 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 271 272 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 273 callInfo->SetFunction(JSTaggedValue::Undefined()); 274 callInfo->SetThis(vector.GetTaggedValue()); 275 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 276 std::string str(data, data + size); 277 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 278 callInfo->SetCallArg(0, value); 279 callInfo->SetCallArg(1, JSTaggedValue(0)); 280 281 ContainersVector::Insert(callInfo); 282 283 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 284 callInfo1->SetFunction(JSTaggedValue::Undefined()); 285 callInfo1->SetThis(vector.GetTaggedValue()); 286 callInfo1->SetCallArg(0, value); 287 288 ContainersVector::Remove(callInfo1); 289 290 JSNApi::DestroyJSVM(vm); 291 } 292 ContainersVectorSetFuzzTest(const uint8_t * data,size_t size)293 static void ContainersVectorSetFuzzTest(const uint8_t* data, size_t size) 294 { 295 RuntimeOption option; 296 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 297 EcmaVM *vm = JSNApi::CreateJSVM(option); 298 auto thread = vm->GetAssociatedJSThread(); 299 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 300 301 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 302 callInfo->SetFunction(JSTaggedValue::Undefined()); 303 callInfo->SetThis(vector.GetTaggedValue()); 304 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 305 std::string str(data, data + size); 306 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 307 callInfo->SetCallArg(0, value); 308 callInfo->SetCallArg(1, JSTaggedValue(0)); 309 310 ContainersVector::Insert(callInfo); 311 312 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 313 callInfo1->SetFunction(JSTaggedValue::Undefined()); 314 callInfo1->SetThis(vector.GetTaggedValue()); 315 callInfo1->SetCallArg(0, JSTaggedValue(0)); 316 callInfo1->SetCallArg(1, value); 317 318 ContainersVector::Set(callInfo1); 319 320 JSNApi::DestroyJSVM(vm); 321 } 322 ContainersVectorGetLastIndexOfFuzzTest(const uint8_t * data,size_t size)323 static void ContainersVectorGetLastIndexOfFuzzTest(const uint8_t* data, size_t size) 324 { 325 RuntimeOption option; 326 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 327 EcmaVM *vm = JSNApi::CreateJSVM(option); 328 auto thread = vm->GetAssociatedJSThread(); 329 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 330 331 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 332 callInfo->SetFunction(JSTaggedValue::Undefined()); 333 callInfo->SetThis(vector.GetTaggedValue()); 334 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 335 std::string str(data, data + size); 336 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 337 callInfo->SetCallArg(0, value); 338 339 ContainersVector::Add(callInfo); 340 341 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 342 callInfo1->SetFunction(JSTaggedValue::Undefined()); 343 callInfo1->SetThis(vector.GetTaggedValue()); 344 callInfo1->SetCallArg(0, value); 345 346 ContainersVector::GetLastIndexOf(callInfo1); 347 348 JSNApi::DestroyJSVM(vm); 349 } 350 ContainersVectorGetLastIndexFromFuzzTest(const uint8_t * data,size_t size)351 static void ContainersVectorGetLastIndexFromFuzzTest(const uint8_t* data, size_t size) 352 { 353 RuntimeOption option; 354 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 355 EcmaVM *vm = JSNApi::CreateJSVM(option); 356 auto thread = vm->GetAssociatedJSThread(); 357 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 358 359 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 360 callInfo->SetFunction(JSTaggedValue::Undefined()); 361 callInfo->SetThis(vector.GetTaggedValue()); 362 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 363 std::string str(data, data + size); 364 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 365 callInfo->SetCallArg(0, value); 366 367 ContainersVector::Add(callInfo); 368 369 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 370 callInfo1->SetFunction(JSTaggedValue::Undefined()); 371 callInfo1->SetThis(vector.GetTaggedValue()); 372 callInfo1->SetCallArg(0, value); 373 callInfo1->SetCallArg(1, JSTaggedValue(0)); 374 375 ContainersVector::GetLastIndexFrom(callInfo1); 376 377 JSNApi::DestroyJSVM(vm); 378 } 379 ContainersVectorGetIndexFromFuzzTest(const uint8_t * data,size_t size)380 static void ContainersVectorGetIndexFromFuzzTest(const uint8_t* data, size_t size) 381 { 382 RuntimeOption option; 383 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 384 EcmaVM *vm = JSNApi::CreateJSVM(option); 385 auto thread = vm->GetAssociatedJSThread(); 386 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 387 388 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 389 callInfo->SetFunction(JSTaggedValue::Undefined()); 390 callInfo->SetThis(vector.GetTaggedValue()); 391 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 392 std::string str(data, data + size); 393 JSTaggedValue value = factory->NewFromStdString(str).GetTaggedValue(); 394 callInfo->SetCallArg(0, value); 395 396 ContainersVector::Add(callInfo); 397 398 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 399 callInfo1->SetFunction(JSTaggedValue::Undefined()); 400 callInfo1->SetThis(vector.GetTaggedValue()); 401 callInfo1->SetCallArg(0, value); 402 callInfo1->SetCallArg(1, JSTaggedValue(0)); 403 404 ContainersVector::GetIndexFrom(callInfo1); 405 406 JSNApi::DestroyJSVM(vm); 407 } 408 ContainersVectorRemoveByRangeFuzzTest(const uint8_t * data,size_t size)409 static void ContainersVectorRemoveByRangeFuzzTest(const uint8_t* data, size_t size) 410 { 411 if (size <= 0) { 412 return; 413 } 414 RuntimeOption option; 415 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 416 EcmaVM *vm = JSNApi::CreateJSVM(option); 417 auto thread = vm->GetAssociatedJSThread(); 418 419 JSHandle<JSAPIVector> vector = CreateJSAPIVector(thread); 420 421 constexpr int32_t ELEMENT_NUMS = 8; 422 423 uint32_t input = 0; 424 if (size > MAXBYTELEN) { 425 size = MAXBYTELEN; 426 } 427 if (memcpy_s(&input, MAXBYTELEN, data, size) != 0) { 428 std::cout << "memcpy_s failed!"; 429 UNREACHABLE(); 430 } 431 432 for (int32_t i = 0; i < ELEMENT_NUMS; i++) { 433 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 434 callInfo->SetFunction(JSTaggedValue::Undefined()); 435 callInfo->SetThis(vector.GetTaggedValue()); 436 callInfo->SetCallArg(0, JSTaggedValue(i + input)); 437 438 ContainersVector::Add(callInfo); 439 } 440 441 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 442 callInfo1->SetFunction(JSTaggedValue::Undefined()); 443 callInfo1->SetThis(vector.GetTaggedValue()); 444 callInfo1->SetCallArg(0, JSTaggedValue(input % ELEMENT_NUMS)); 445 callInfo1->SetCallArg(1, JSTaggedValue((input + 1) % ELEMENT_NUMS)); 446 447 ContainersVector::RemoveByRange(callInfo1); 448 449 JSNApi::DestroyJSVM(vm); 450 } 451 452 class TestClass : public base::BuiltinsBase { 453 public: TestForEachFunc(EcmaRuntimeCallInfo * argv)454 static JSTaggedValue TestForEachFunc(EcmaRuntimeCallInfo *argv) 455 { 456 JSHandle<JSTaggedValue> value = GetCallArg(argv, 0); 457 JSHandle<JSTaggedValue> key = GetCallArg(argv, 1); 458 JSHandle<JSTaggedValue> vector = GetCallArg(argv, 2); // 2 means the secode arg 459 if (!vector->IsUndefined()) { 460 if (value->IsNumber()) { 461 TaggedArray *elements = TaggedArray::Cast(JSAPIVector::Cast(vector.GetTaggedValue(). 462 GetTaggedObject())->GetElements().GetTaggedObject()); 463 elements->Get(key->GetInt()); 464 } 465 } 466 return JSTaggedValue::Undefined(); 467 } 468 TestReplaceAllElementsFunc(EcmaRuntimeCallInfo * argv)469 static JSTaggedValue TestReplaceAllElementsFunc(EcmaRuntimeCallInfo *argv) 470 { 471 JSThread *thread = argv->GetThread(); 472 JSHandle<JSTaggedValue> value = GetCallArg(argv, 0); 473 JSHandle<JSTaggedValue> index = GetCallArg(argv, 1); 474 JSHandle<JSTaggedValue> vector = GetCallArg(argv, 2); // 2 means the secode arg 475 if (!vector->IsUndefined()) { 476 if (value->IsNumber()) { 477 JSHandle<JSTaggedValue> newValue(thread, JSTaggedValue(value->GetInt() * 2)); // 2 means mul by 2 478 JSHandle<JSAPIVector>::Cast(vector)->Set(thread, index->GetNumber(), newValue.GetTaggedValue()); 479 return newValue.GetTaggedValue(); 480 } 481 } 482 return JSTaggedValue::Undefined(); 483 } 484 }; 485 ContainersVectorReplaceAllElementsFuzzTest(const uint8_t * data,size_t size)486 static void ContainersVectorReplaceAllElementsFuzzTest(const uint8_t* data, size_t size) 487 { 488 if (size <= 0) { 489 return; 490 } 491 RuntimeOption option; 492 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 493 EcmaVM *vm = JSNApi::CreateJSVM(option); 494 auto thread = vm->GetAssociatedJSThread(); 495 496 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 497 498 JSHandle<GlobalEnv> env = thread->GetEcmaVM()->GetGlobalEnv(); 499 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 500 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 501 JSHandle<JSFunction> func = 502 factory->NewJSFunction(env, reinterpret_cast<void *>(TestClass::TestReplaceAllElementsFunc)); 503 callInfo1->SetFunction(JSTaggedValue::Undefined()); 504 callInfo1->SetThis(vector.GetTaggedValue()); 505 callInfo1->SetCallArg(0, func.GetTaggedValue()); 506 507 ContainersVector::ReplaceAllElements(callInfo1); 508 509 JSNApi::DestroyJSVM(vm); 510 } 511 ContainersVectorForEachFuzzTest(const uint8_t * data,size_t size)512 static void ContainersVectorForEachFuzzTest(const uint8_t* data, size_t size) 513 { 514 if (size <= 0) { 515 return; 516 } 517 RuntimeOption option; 518 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 519 EcmaVM *vm = JSNApi::CreateJSVM(option); 520 auto thread = vm->GetAssociatedJSThread(); 521 522 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 523 524 JSHandle<JSAPIVector> vec = CreateJSAPIVector(thread); 525 JSHandle<GlobalEnv> env = thread->GetEcmaVM()->GetGlobalEnv(); 526 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 527 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 528 JSHandle<JSFunction> func = 529 factory->NewJSFunction(env, reinterpret_cast<void *>(TestClass::TestForEachFunc)); 530 callInfo1->SetFunction(JSTaggedValue::Undefined()); 531 callInfo1->SetThis(vector.GetTaggedValue()); 532 callInfo1->SetCallArg(0, func.GetTaggedValue()); 533 callInfo1->SetCallArg(1, vec.GetTaggedValue()); 534 535 ContainersVector::ForEach(callInfo1); 536 537 JSNApi::DestroyJSVM(vm); 538 } 539 ContainersVectorSortFuzzTest(const uint8_t * data,size_t size)540 static void ContainersVectorSortFuzzTest(const uint8_t* data, size_t size) 541 { 542 if (size <= 0) { 543 return; 544 } 545 RuntimeOption option; 546 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 547 EcmaVM *vm = JSNApi::CreateJSVM(option); 548 auto thread = vm->GetAssociatedJSThread(); 549 550 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 551 552 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 553 callInfo1->SetFunction(JSTaggedValue::Undefined()); 554 callInfo1->SetThis(vector.GetTaggedValue()); 555 callInfo1->SetCallArg(0, JSTaggedValue::Undefined()); 556 557 ContainersVector::Sort(callInfo1); 558 559 JSNApi::DestroyJSVM(vm); 560 } 561 ContainersVectorSubVectorFuzzTest(const uint8_t * data,size_t size)562 static void ContainersVectorSubVectorFuzzTest(const uint8_t* data, size_t size) 563 { 564 if (size <= 0) { 565 return; 566 } 567 RuntimeOption option; 568 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 569 EcmaVM *vm = JSNApi::CreateJSVM(option); 570 auto thread = vm->GetAssociatedJSThread(); 571 572 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 573 574 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); // 8 : means the argv length 575 callInfo->SetFunction(JSTaggedValue::Undefined()); 576 callInfo->SetThis(vector.GetTaggedValue()); 577 callInfo->SetCallArg(0, JSTaggedValue(0)); 578 callInfo->SetCallArg(1, JSTaggedValue(2)); // 2 : means the third value 579 580 ContainersVector::SubVector(callInfo); 581 582 JSNApi::DestroyJSVM(vm); 583 } 584 ContainersVectorClearFuzzTest(const uint8_t * data,size_t size)585 static void ContainersVectorClearFuzzTest(const uint8_t* data, size_t size) 586 { 587 if (size <= 0) { 588 return; 589 } 590 RuntimeOption option; 591 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 592 EcmaVM *vm = JSNApi::CreateJSVM(option); 593 auto thread = vm->GetAssociatedJSThread(); 594 595 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 596 597 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 598 callInfo->SetFunction(JSTaggedValue::Undefined()); 599 callInfo->SetThis(vector.GetTaggedValue()); 600 601 ContainersVector::Clear(callInfo); 602 603 JSNApi::DestroyJSVM(vm); 604 } 605 ContainersVectorCloneFuzzTest(const uint8_t * data,size_t size)606 static void ContainersVectorCloneFuzzTest(const uint8_t* data, size_t size) 607 { 608 if (size <= 0) { 609 return; 610 } 611 RuntimeOption option; 612 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 613 EcmaVM *vm = JSNApi::CreateJSVM(option); 614 auto thread = vm->GetAssociatedJSThread(); 615 616 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 617 618 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 619 callInfo->SetFunction(JSTaggedValue::Undefined()); 620 callInfo->SetThis(vector.GetTaggedValue()); 621 622 ContainersVector::Clone(callInfo); 623 624 JSNApi::DestroyJSVM(vm); 625 } 626 ContainersVectorSetLengthFuzzTest(const uint8_t * data,size_t size)627 static void ContainersVectorSetLengthFuzzTest(const uint8_t* data, size_t size) 628 { 629 if (size <= 0) { 630 return; 631 } 632 RuntimeOption option; 633 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 634 EcmaVM *vm = JSNApi::CreateJSVM(option); 635 auto thread = vm->GetAssociatedJSThread(); 636 637 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 638 639 uint32_t length = 0; 640 if (size > MAXBYTELEN) { 641 size = MAXBYTELEN; 642 } 643 if (memcpy_s(&length, MAXBYTELEN, data, size) != 0) { 644 std::cout << "memcpy_s failed!"; 645 UNREACHABLE(); 646 } 647 648 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 649 callInfo->SetFunction(JSTaggedValue::Undefined()); 650 callInfo->SetThis(vector.GetTaggedValue()); 651 callInfo->SetCallArg(0, JSTaggedValue(length)); 652 653 ContainersVector::SetLength(callInfo); 654 655 JSNApi::DestroyJSVM(vm); 656 } 657 ContainersVectorGetCapacityFuzzTest(const uint8_t * data,size_t size)658 static void ContainersVectorGetCapacityFuzzTest(const uint8_t* data, size_t size) 659 { 660 if (size <= 0) { 661 return; 662 } 663 RuntimeOption option; 664 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 665 EcmaVM *vm = JSNApi::CreateJSVM(option); 666 auto thread = vm->GetAssociatedJSThread(); 667 668 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 669 670 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 671 callInfo->SetFunction(JSTaggedValue::Undefined()); 672 callInfo->SetThis(vector.GetTaggedValue()); 673 674 ContainersVector::GetCapacity(callInfo); 675 676 JSNApi::DestroyJSVM(vm); 677 } 678 ContainersVectorConvertToArrayFuzzTest(const uint8_t * data,size_t size)679 static void ContainersVectorConvertToArrayFuzzTest(const uint8_t* data, size_t size) 680 { 681 if (size <= 0) { 682 return; 683 } 684 RuntimeOption option; 685 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 686 EcmaVM *vm = JSNApi::CreateJSVM(option); 687 auto thread = vm->GetAssociatedJSThread(); 688 689 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 690 691 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 692 callInfo->SetFunction(JSTaggedValue::Undefined()); 693 callInfo->SetThis(vector.GetTaggedValue()); 694 695 ContainersVector::ConvertToArray(callInfo); 696 697 JSNApi::DestroyJSVM(vm); 698 } 699 ContainersVectorIsEmptyFuzzTest(const uint8_t * data,size_t size)700 static void ContainersVectorIsEmptyFuzzTest(const uint8_t* data, size_t size) 701 { 702 if (size <= 0) { 703 return; 704 } 705 RuntimeOption option; 706 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 707 EcmaVM *vm = JSNApi::CreateJSVM(option); 708 auto thread = vm->GetAssociatedJSThread(); 709 710 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 711 712 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 713 callInfo->SetFunction(JSTaggedValue::Undefined()); 714 callInfo->SetThis(vector.GetTaggedValue()); 715 716 ContainersVector::IsEmpty(callInfo); 717 718 JSNApi::DestroyJSVM(vm); 719 } 720 ContainersVectorIncreaseCapacityToFuzzTest(const uint8_t * data,size_t size)721 static void ContainersVectorIncreaseCapacityToFuzzTest(const uint8_t* data, size_t size) 722 { 723 if (size <= 0) { 724 return; 725 } 726 RuntimeOption option; 727 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 728 EcmaVM *vm = JSNApi::CreateJSVM(option); 729 auto thread = vm->GetAssociatedJSThread(); 730 731 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 732 733 uint32_t capacity = 0; 734 if (size > MAXBYTELEN) { 735 size = MAXBYTELEN; 736 } 737 if (memcpy_s(&capacity, MAXBYTELEN, data, size) != 0) { 738 std::cout << "memcpy_s failed!"; 739 UNREACHABLE(); 740 } 741 742 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 743 callInfo->SetFunction(JSTaggedValue::Undefined()); 744 callInfo->SetThis(vector.GetTaggedValue()); 745 callInfo->SetCallArg(0, JSTaggedValue(capacity)); 746 747 ContainersVector::IncreaseCapacityTo(callInfo); 748 749 JSNApi::DestroyJSVM(vm); 750 } 751 ContainersVectorToStringFuzzTest(const uint8_t * data,size_t size)752 static void ContainersVectorToStringFuzzTest(const uint8_t* data, size_t size) 753 { 754 if (size <= 0) { 755 return; 756 } 757 RuntimeOption option; 758 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 759 EcmaVM *vm = JSNApi::CreateJSVM(option); 760 auto thread = vm->GetAssociatedJSThread(); 761 762 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 763 764 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 765 callInfo->SetFunction(JSTaggedValue::Undefined()); 766 callInfo->SetThis(vector.GetTaggedValue()); 767 768 ContainersVector::ToString(callInfo); 769 770 JSNApi::DestroyJSVM(vm); 771 } 772 ContainersVectorTrimToCurrentLengthFuzzTest(const uint8_t * data,size_t size)773 static void ContainersVectorTrimToCurrentLengthFuzzTest(const uint8_t* data, size_t size) 774 { 775 if (size <= 0) { 776 return; 777 } 778 RuntimeOption option; 779 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 780 EcmaVM *vm = JSNApi::CreateJSVM(option); 781 auto thread = vm->GetAssociatedJSThread(); 782 783 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 784 785 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 786 callInfo->SetFunction(JSTaggedValue::Undefined()); 787 callInfo->SetThis(vector.GetTaggedValue()); 788 789 ContainersVector::TrimToCurrentLength(callInfo); 790 791 JSNApi::DestroyJSVM(vm); 792 } 793 ContainersVectorCopyToArrayFuzzTest(const uint8_t * data,size_t size)794 static void ContainersVectorCopyToArrayFuzzTest(const uint8_t* data, size_t size) 795 { 796 if (size <= 0) { 797 return; 798 } 799 RuntimeOption option; 800 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 801 EcmaVM *vm = JSNApi::CreateJSVM(option); 802 auto thread = vm->GetAssociatedJSThread(); 803 804 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 805 806 constexpr int32_t ELEMENT_NUMS = 8; 807 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 808 JSHandle<JSArray> array = factory->NewJSArray(); 809 JSHandle<TaggedArray> arrayElement = factory->NewTaggedArray(ELEMENT_NUMS, JSTaggedValue::Hole()); 810 array->SetElements(thread, arrayElement); 811 array->SetArrayLength(thread, static_cast<uint32_t>(ELEMENT_NUMS)); 812 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 6); // 6 : means the argv length 813 callInfo->SetFunction(JSTaggedValue::Undefined()); 814 callInfo->SetThis(vector.GetTaggedValue()); 815 callInfo->SetCallArg(0, array.GetTaggedValue()); 816 817 ContainersVector::CopyToArray(callInfo); 818 819 JSNApi::DestroyJSVM(vm); 820 } 821 ContainersVectorIteratorFuzzTest(const uint8_t * data,size_t size)822 static void ContainersVectorIteratorFuzzTest(const uint8_t* data, size_t size) 823 { 824 if (size <= 0) { 825 return; 826 } 827 RuntimeOption option; 828 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 829 EcmaVM *vm = JSNApi::CreateJSVM(option); 830 auto thread = vm->GetAssociatedJSThread(); 831 832 JSHandle<JSAPIVector> vector = GetVectorWithData(thread, data, size); 833 834 auto callInfo1 = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 835 callInfo1->SetFunction(JSTaggedValue::Undefined()); 836 callInfo1->SetThis(vector.GetTaggedValue()); 837 JSHandle<JSTaggedValue> iterValues(thread, ContainersVector::GetIteratorObj(callInfo1)); 838 839 JSMutableHandle<JSTaggedValue> result(thread, JSTaggedValue::Undefined()); 840 constexpr int32_t ELEMENT_NUMS = 8; 841 for (uint32_t i = 0; i < ELEMENT_NUMS; i++) { 842 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 4); // 4 : means the argv length 843 callInfo->SetFunction(JSTaggedValue::Undefined()); 844 callInfo->SetThis(iterValues.GetTaggedValue()); 845 846 result.Update(JSAPIVectorIterator::Next(callInfo)); 847 } 848 JSNApi::DestroyJSVM(vm); 849 } 850 }; 851 } 852 #endif