Fuzzers: Use the LibJS bytecode VM
This commit is contained in:
Andreas Kling
parent
e2c8d5859e
commit
3bb06cc719
Notes:
sideshowbarker
2024-07-18 03:20:18 +09:00
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/3bb06cc719 Pull-request: https://github.com/SerenityOS/serenity/pull/20421
2 changed files with 10 additions and 8 deletions
|
|
@ -6,7 +6,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <AK/StringView.h>
|
#include <AK/StringView.h>
|
||||||
#include <LibJS/Interpreter.h>
|
#include <LibJS/Bytecode/Interpreter.h>
|
||||||
#include <LibJS/Runtime/GlobalObject.h>
|
#include <LibJS/Runtime/GlobalObject.h>
|
||||||
#include <LibJS/Script.h>
|
#include <LibJS/Script.h>
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
|
|
@ -19,10 +19,11 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
|
||||||
if (!Utf8View(js).validate())
|
if (!Utf8View(js).validate())
|
||||||
return 0;
|
return 0;
|
||||||
auto vm = MUST(JS::VM::create());
|
auto vm = MUST(JS::VM::create());
|
||||||
auto interpreter = JS::Interpreter::create<JS::GlobalObject>(*vm);
|
auto root_execution_context = JS::create_simple_execution_context<JS::GlobalObject>(*vm);
|
||||||
auto parse_result = JS::Script::parse(js, interpreter->realm());
|
auto& realm = *root_execution_context->realm;
|
||||||
|
auto parse_result = JS::Script::parse(js, realm);
|
||||||
if (!parse_result.is_error())
|
if (!parse_result.is_error())
|
||||||
(void)interpreter->run(parse_result.value());
|
(void)vm->bytecode_interpreter().run(parse_result.value());
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,8 +7,8 @@
|
||||||
#include <AK/Format.h>
|
#include <AK/Format.h>
|
||||||
#include <AK/Function.h>
|
#include <AK/Function.h>
|
||||||
#include <AK/StringView.h>
|
#include <AK/StringView.h>
|
||||||
|
#include <LibJS/Bytecode/Interpreter.h>
|
||||||
#include <LibJS/Forward.h>
|
#include <LibJS/Forward.h>
|
||||||
#include <LibJS/Interpreter.h>
|
|
||||||
#include <LibJS/Lexer.h>
|
#include <LibJS/Lexer.h>
|
||||||
#include <LibJS/Parser.h>
|
#include <LibJS/Parser.h>
|
||||||
#include <LibJS/Runtime/GlobalObject.h>
|
#include <LibJS/Runtime/GlobalObject.h>
|
||||||
|
|
@ -188,7 +188,8 @@ int main(int, char**)
|
||||||
VERIFY(reprl_input != MAP_FAILED);
|
VERIFY(reprl_input != MAP_FAILED);
|
||||||
|
|
||||||
auto vm = MUST(JS::VM::create());
|
auto vm = MUST(JS::VM::create());
|
||||||
auto interpreter = JS::Interpreter::create<TestRunnerGlobalObject>(*vm);
|
auto root_execution_context = JS::create_simple_execution_context<TestRunnerGlobalObject>(*vm);
|
||||||
|
auto& realm = *root_execution_context->realm;
|
||||||
|
|
||||||
while (true) {
|
while (true) {
|
||||||
unsigned action;
|
unsigned action;
|
||||||
|
|
@ -211,11 +212,11 @@ int main(int, char**)
|
||||||
if (!Utf8View(js).validate()) {
|
if (!Utf8View(js).validate()) {
|
||||||
result = 1;
|
result = 1;
|
||||||
} else {
|
} else {
|
||||||
auto parse_result = JS::Script::parse(js, interpreter->realm());
|
auto parse_result = JS::Script::parse(js, realm);
|
||||||
if (parse_result.is_error()) {
|
if (parse_result.is_error()) {
|
||||||
result = 1;
|
result = 1;
|
||||||
} else {
|
} else {
|
||||||
auto completion = interpreter->run(parse_result.value());
|
auto completion = vm->bytecode_interpreter().run(parse_result.value());
|
||||||
if (completion.is_error()) {
|
if (completion.is_error()) {
|
||||||
result = 1;
|
result = 1;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue