Google Git
Sign in
chromium / v8 / v8.git / 808c766d70faa8f3b22f6d83405fb094991e0908 / . / test / fuzzer / inspector-fuzzer.cc
blob: a48e42a657304212a667268f3d1601c17eaf830a [file] [log] [blame]
// Copyright 2020 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#if !defined(_WIN32) && !defined(_WIN64)
#include <unistd.h>
#endif // !defined(_WIN32) && !defined(_WIN64)
#include <locale.h>
#include <string>
#include <vector>
#include "include/v8-isolate.h"
#include "include/v8-local-handle.h"
#include "include/v8-object.h"
#include "include/v8-primitive.h"
#include "include/v8-template.h"
#include "src/api/api.h"
#include "src/base/platform/platform.h"
#include "src/base/platform/time.h"
#include "src/base/small-vector.h"
#include "src/base/vector.h"
#include "test/inspector/frontend-channel.h"
#include "test/inspector/isolate-data.h"
#include "test/inspector/task-runner.h"
#include "test/inspector/tasks.h"
namespace v8 {
namespace internal {
namespace {
base::SmallVector<TaskRunner*, 2> task_runners;
class UtilsExtension : public InspectorIsolateData::SetupGlobalTask {
public:
~UtilsExtension() override = default;
void Run(v8::Isolate* isolate,
v8::Local<v8::ObjectTemplate> global) override {
v8::Local<v8::ObjectTemplate> utils = v8::ObjectTemplate::New(isolate);
auto Set = [isolate](v8::Local<v8::ObjectTemplate> tmpl, const char* str,
v8::Local<v8::Data> value) {
// Do not set {ReadOnly}, because fuzzer inputs might overwrite individual
// methods, or the whole "utils" global. See the
// `testing/libfuzzer/fuzzers/generate_v8_inspector_fuzzer_corpus.py` file
// in chromium.
tmpl->Set(ToV8String(isolate, str), value,
static_cast<v8::PropertyAttribute>(
v8::PropertyAttribute::DontDelete));
};
Set(utils, "quit",
v8::FunctionTemplate::New(isolate, &UtilsExtension::Quit));
Set(utils, "compileAndRunWithOrigin",
v8::FunctionTemplate::New(isolate,
&UtilsExtension::CompileAndRunWithOrigin));
Set(utils, "schedulePauseOnNextStatement",
v8::FunctionTemplate::New(
isolate, &UtilsExtension::SchedulePauseOnNextStatement));
Set(utils, "cancelPauseOnNextStatement",
v8::FunctionTemplate::New(isolate,
&UtilsExtension::CancelPauseOnNextStatement));
Set(utils, "createContextGroup",
v8::FunctionTemplate::New(isolate,
&UtilsExtension::CreateContextGroup));
Set(utils, "resetContextGroup",
v8::FunctionTemplate::New(isolate, &UtilsExtension::ResetContextGroup));
Set(utils, "connectSession",
v8::FunctionTemplate::New(isolate, &UtilsExtension::ConnectSession));
Set(utils, "disconnectSession",
v8::FunctionTemplate::New(isolate, &UtilsExtension::DisconnectSession));
Set(utils, "sendMessageToBackend",
v8::FunctionTemplate::New(isolate,
&UtilsExtension::SendMessageToBackend));
Set(global, "utils", utils);
}
static void set_backend_task_runner(TaskRunner* runner) {
backend_runner_ = runner;
}
private:
static TaskRunner* backend_runner_;
static void Quit(const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
// Only terminate, so not join the threads here, since joining concurrently
// from multiple threads can be undefined behaviour (see pthread_join).
for (TaskRunner* task_runner : task_runners) task_runner->Terminate();
}
static void CompileAndRunWithOrigin(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 6 || !info[0]->IsInt32() || !info[1]->IsString() ||
!info[2]->IsString() || !info[3]->IsInt32() || !info[4]->IsInt32() ||
!info[5]->IsBoolean()) {
return;
}
backend_runner_->Append(std::make_unique<ExecuteStringTask>(
info.GetIsolate(), info[0].As<v8::Int32>()->Value(),
ToVector(info.GetIsolate(), info[1].As<v8::String>()),
info[2].As<v8::String>(), info[3].As<v8::Int32>(),
info[4].As<v8::Int32>(), info[5].As<v8::Boolean>()));
}
static void SchedulePauseOnNextStatement(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 3 || !info[0]->IsInt32() || !info[1]->IsString() ||
!info[2]->IsString()) {
return;
}
std::vector<uint16_t> reason =
ToVector(info.GetIsolate(), info[1].As<v8::String>());
std::vector<uint16_t> details =
ToVector(info.GetIsolate(), info[2].As<v8::String>());
int context_group_id = info[0].As<v8::Int32>()->Value();
RunSyncTask(backend_runner_,
[&context_group_id, &reason,
&details](InspectorIsolateData* data) {
data->SchedulePauseOnNextStatement(
context_group_id,
v8_inspector::StringView(reason.data(), reason.size()),
v8_inspector::StringView(details.data(), details.size()));
});
}
static void CancelPauseOnNextStatement(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsInt32()) {
return;
}
int context_group_id = info[0].As<v8::Int32>()->Value();
RunSyncTask(backend_runner_,
[&context_group_id](InspectorIsolateData* data) {
data->CancelPauseOnNextStatement(context_group_id);
});
}
static void CreateContextGroup(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 0) {
return;
}
int context_group_id = 0;
RunSyncTask(backend_runner_,
[&context_group_id](InspectorIsolateData* data) {
context_group_id = data->CreateContextGroup();
});
info.GetReturnValue().Set(
v8::Int32::New(info.GetIsolate(), context_group_id));
}
static void ResetContextGroup(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsInt32()) {
return;
}
int context_group_id = info[0].As<v8::Int32>()->Value();
RunSyncTask(backend_runner_,
[&context_group_id](InspectorIsolateData* data) {
data->ResetContextGroup(context_group_id);
});
}
static void ConnectSession(const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 3 || !info[0]->IsInt32() || !info[1]->IsString() ||
!info[2]->IsFunction()) {
return;
}
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
std::unique_ptr<FrontendChannelImpl> channel =
std::make_unique<FrontendChannelImpl>(
InspectorIsolateData::FromContext(context)->task_runner(),
InspectorIsolateData::FromContext(context)->GetContextGroupId(
context),
info.GetIsolate(), info[2].As<v8::Function>());
std::vector<uint8_t> state =
ToBytes(info.GetIsolate(), info[1].As<v8::String>());
int context_group_id = info[0].As<v8::Int32>()->Value();
base::Optional<int> session_id;
RunSyncTask(backend_runner_, [&context_group_id, &session_id, &channel,
&state](InspectorIsolateData* data) {
session_id = data->ConnectSession(
context_group_id,
v8_inspector::StringView(state.data(), state.size()),
std::move(channel));
});
if (session_id.has_value()) {
info.GetReturnValue().Set(v8::Int32::New(info.GetIsolate(), *session_id));
} else {
info.GetIsolate()->ThrowError("Unable to connect to context group");
}
}
static void DisconnectSession(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsInt32()) {
return;
}
int session_id = info[0].As<v8::Int32>()->Value();
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
TaskRunner* context_task_runner =
InspectorIsolateData::FromContext(context)->task_runner();
std::vector<uint8_t> state;
RunSyncTask(backend_runner_, [&session_id, &context_task_runner,
&state](InspectorIsolateData* data) {
state = data->DisconnectSession(session_id, context_task_runner);
});
info.GetReturnValue().Set(ToV8String(info.GetIsolate(), state));
}
static void SendMessageToBackend(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 2 || !info[0]->IsInt32() || !info[1]->IsString()) {
return;
}
backend_runner_->Append(std::make_unique<SendMessageToBackendTask>(
info[0].As<v8::Int32>()->Value(),
ToVector(info.GetIsolate(), info[1].As<v8::String>())));
}
};
TaskRunner* UtilsExtension::backend_runner_ = nullptr;
bool StrictAccessCheck(v8::Local<v8::Context> accessing_context,
v8::Local<v8::Object> accessed_object,
v8::Local<v8::Value> data) {
CHECK(accessing_context.IsEmpty());
return accessing_context.IsEmpty();
}
class InspectorExtension : public InspectorIsolateData::SetupGlobalTask {
public:
~InspectorExtension() override = default;
void Run(v8::Isolate* isolate,
v8::Local<v8::ObjectTemplate> global) override {
v8::Local<v8::ObjectTemplate> inspector = v8::ObjectTemplate::New(isolate);
inspector->Set(ToV8String(isolate, "fireContextCreated"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::FireContextCreated));
inspector->Set(ToV8String(isolate, "fireContextDestroyed"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::FireContextDestroyed));
inspector->Set(
ToV8String(isolate, "freeContext"),
v8::FunctionTemplate::New(isolate, &InspectorExtension::FreeContext));
inspector->Set(ToV8String(isolate, "addInspectedObject"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::AddInspectedObject));
inspector->Set(ToV8String(isolate, "setMaxAsyncTaskStacks"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::SetMaxAsyncTaskStacks));
inspector->Set(
ToV8String(isolate, "breakProgram"),
v8::FunctionTemplate::New(isolate, &InspectorExtension::BreakProgram));
inspector->Set(
ToV8String(isolate, "createObjectWithStrictCheck"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::CreateObjectWithStrictCheck));
inspector->Set(ToV8String(isolate, "callWithScheduledBreak"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::CallWithScheduledBreak));
inspector->Set(
ToV8String(isolate, "markObjectAsNotInspectable"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::MarkObjectAsNotInspectable));
inspector->Set(ToV8String(isolate, "createObjectWithAccessor"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::CreateObjectWithAccessor));
inspector->Set(ToV8String(isolate, "storeCurrentStackTrace"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::StoreCurrentStackTrace));
inspector->Set(ToV8String(isolate, "externalAsyncTaskStarted"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::ExternalAsyncTaskStarted));
inspector->Set(
ToV8String(isolate, "externalAsyncTaskFinished"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::ExternalAsyncTaskFinished));
inspector->Set(ToV8String(isolate, "scheduleWithAsyncStack"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::ScheduleWithAsyncStack));
inspector->Set(
ToV8String(isolate, "setAllowCodeGenerationFromStrings"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::SetAllowCodeGenerationFromStrings));
inspector->Set(ToV8String(isolate, "setResourceNamePrefix"),
v8::FunctionTemplate::New(
isolate, &InspectorExtension::SetResourceNamePrefix));
global->Set(ToV8String(isolate, "inspector"), inspector);
}
private:
static void FireContextCreated(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
data->FireContextCreated(context, data->GetContextGroupId(context),
v8_inspector::StringView());
}
static void FireContextDestroyed(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
data->FireContextDestroyed(context);
}
static void FreeContext(const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
data->FreeContext(context);
}
static void AddInspectedObject(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 2 || !info[0]->IsInt32()) {
return;
}
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
data->AddInspectedObject(info[0].As<v8::Int32>()->Value(), info[1]);
}
static void SetMaxAsyncTaskStacks(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsInt32()) {
return;
}
InspectorIsolateData::FromContext(info.GetIsolate()->GetCurrentContext())
->SetMaxAsyncTaskStacksForTest(info[0].As<v8::Int32>()->Value());
}
static void DumpAsyncTaskStacksStateForTest(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 0) {
return;
}
InspectorIsolateData::FromContext(info.GetIsolate()->GetCurrentContext())
->DumpAsyncTaskStacksStateForTest();
}
static void BreakProgram(const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 2 || !info[0]->IsString() || !info[1]->IsString()) {
return;
}
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
std::vector<uint16_t> reason =
ToVector(info.GetIsolate(), info[0].As<v8::String>());
v8_inspector::StringView reason_view(reason.data(), reason.size());
std::vector<uint16_t> details =
ToVector(info.GetIsolate(), info[1].As<v8::String>());
v8_inspector::StringView details_view(details.data(), details.size());
data->BreakProgram(data->GetContextGroupId(context), reason_view,
details_view);
}
static void CreateObjectWithStrictCheck(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 0) {
return;
}
v8::Local<v8::ObjectTemplate> templ =
v8::ObjectTemplate::New(info.GetIsolate());
templ->SetAccessCheckCallback(&StrictAccessCheck);
info.GetReturnValue().Set(
templ->NewInstance(info.GetIsolate()->GetCurrentContext())
.ToLocalChecked());
}
static void CallWithScheduledBreak(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 3 || !info[0]->IsFunction() || !info[1]->IsString() ||
!info[2]->IsString()) {
return;
}
std::vector<uint16_t> reason =
ToVector(info.GetIsolate(), info[1].As<v8::String>());
v8_inspector::StringView reason_view(reason.data(), reason.size());
std::vector<uint16_t> details =
ToVector(info.GetIsolate(), info[2].As<v8::String>());
v8_inspector::StringView details_view(details.data(), details.size());
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
int context_group_id = data->GetContextGroupId(context);
data->SchedulePauseOnNextStatement(context_group_id, reason_view,
details_view);
v8::MaybeLocal<v8::Value> result;
result = info[0].As<v8::Function>()->Call(context, context->Global(), 0,
nullptr);
data->CancelPauseOnNextStatement(context_group_id);
}
static void MarkObjectAsNotInspectable(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsObject()) {
return;
}
v8::Local<v8::Object> object = info[0].As<v8::Object>();
v8::Isolate* isolate = info.GetIsolate();
v8::Local<v8::Private> notInspectablePrivate =
v8::Private::ForApi(isolate, ToV8String(isolate, "notInspectable"));
object
->SetPrivate(isolate->GetCurrentContext(), notInspectablePrivate,
v8::True(isolate))
.ToChecked();
}
static void CreateObjectWithAccessor(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 2 || !info[0]->IsString() || !info[1]->IsBoolean()) {
return;
}
v8::Isolate* isolate = info.GetIsolate();
v8::Local<v8::ObjectTemplate> templ = v8::ObjectTemplate::New(isolate);
if (info[1].As<v8::Boolean>()->Value()) {
templ->SetAccessor(v8::Local<v8::String>::Cast(info[0]), AccessorGetter,
AccessorSetter);
} else {
templ->SetAccessor(v8::Local<v8::String>::Cast(info[0]), AccessorGetter);
}
info.GetReturnValue().Set(
templ->NewInstance(isolate->GetCurrentContext()).ToLocalChecked());
}
static void AccessorGetter(v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& info) {
v8::Isolate* isolate = info.GetIsolate();
isolate->ThrowError("Getter is called");
}
static void AccessorSetter(v8::Local<v8::String> property,
v8::Local<v8::Value> value,
const v8::PropertyCallbackInfo<void>& info) {
v8::Isolate* isolate = info.GetIsolate();
isolate->ThrowError("Setter is called");
}
static void StoreCurrentStackTrace(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsString()) {
return;
}
v8::Isolate* isolate = info.GetIsolate();
v8::Local<v8::Context> context = isolate->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
std::vector<uint16_t> description =
ToVector(isolate, info[0].As<v8::String>());
v8_inspector::StringView description_view(description.data(),
description.size());
v8_inspector::V8StackTraceId id =
data->StoreCurrentStackTrace(description_view);
v8::Local<v8::ArrayBuffer> buffer =
v8::ArrayBuffer::New(isolate, sizeof(id));
*static_cast<v8_inspector::V8StackTraceId*>(
buffer->GetBackingStore()->Data()) = id;
info.GetReturnValue().Set(buffer);
}
static void ExternalAsyncTaskStarted(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsArrayBuffer()) {
return;
}
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
v8_inspector::V8StackTraceId* id =
static_cast<v8_inspector::V8StackTraceId*>(
info[0].As<v8::ArrayBuffer>()->GetBackingStore()->Data());
data->ExternalAsyncTaskStarted(*id);
}
static void ExternalAsyncTaskFinished(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsArrayBuffer()) {
return;
}
v8::Local<v8::Context> context = info.GetIsolate()->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
v8_inspector::V8StackTraceId* id =
static_cast<v8_inspector::V8StackTraceId*>(
info[0].As<v8::ArrayBuffer>()->GetBackingStore()->Data());
data->ExternalAsyncTaskFinished(*id);
}
static void ScheduleWithAsyncStack(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 3 || !info[0]->IsFunction() || !info[1]->IsString() ||
!info[2]->IsBoolean()) {
return;
}
v8::Isolate* isolate = info.GetIsolate();
v8::Local<v8::Context> context = isolate->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
int context_group_id = data->GetContextGroupId(context);
bool with_empty_stack = info[2].As<v8::Boolean>()->Value();
if (with_empty_stack) context->Exit();
std::vector<uint16_t> task_name =
ToVector(isolate, info[1].As<v8::String>());
v8_inspector::StringView task_name_view(task_name.data(), task_name.size());
RunAsyncTask(
data->task_runner(), task_name_view,
std::make_unique<SetTimeoutTask>(
context_group_id, isolate, v8::Local<v8::Function>::Cast(info[0])));
if (with_empty_stack) context->Enter();
}
static void SetAllowCodeGenerationFromStrings(
const v8::FunctionCallbackInfo<v8::Value>& info) {
if (info.Length() != 1 || !info[0]->IsBoolean()) {
return;
}
info.GetIsolate()->GetCurrentContext()->AllowCodeGenerationFromStrings(
info[0].As<v8::Boolean>()->Value());
}
static void SetResourceNamePrefix(
const v8::FunctionCallbackInfo<v8::Value>& info) {
DCHECK(ValidateCallbackInfo(info));
if (info.Length() != 1 || !info[0]->IsString()) {
return;
}
v8::Isolate* isolate = info.GetIsolate();
v8::Local<v8::Context> context = isolate->GetCurrentContext();
InspectorIsolateData* data = InspectorIsolateData::FromContext(context);
data->SetResourceNamePrefix(v8::Local<v8::String>::Cast(info[0]));
}
};
using CharVector = v8::base::Vector<const char>;
constexpr auto kMaxExecutionSeconds = v8::base::TimeDelta::FromSeconds(2);
class Watchdog final : public base::Thread {
public:
explicit Watchdog(base::Semaphore* semaphore)
: base::Thread(base::Thread::Options("InspectorFuzzerWatchdog")),
semaphore_(semaphore) {
CHECK(Start());
}
private:
void Run() override {
if (semaphore_->WaitFor(kMaxExecutionSeconds)) return;
for (TaskRunner* task_runner : task_runners) task_runner->Terminate();
}
base::Semaphore* const semaphore_;
};
void FuzzInspector(const uint8_t* data, size_t size) {
base::Semaphore ready_semaphore(0);
InspectorIsolateData::SetupGlobalTasks frontend_extensions;
frontend_extensions.emplace_back(new UtilsExtension());
TaskRunner frontend_runner(std::move(frontend_extensions),
kSuppressUncaughtExceptions, &ready_semaphore,
nullptr, kNoInspector);
ready_semaphore.Wait();
int frontend_context_group_id = 0;
RunSyncTask(&frontend_runner,
[&frontend_context_group_id](InspectorIsolateData* data) {
frontend_context_group_id = data->CreateContextGroup();
});
InspectorIsolateData::SetupGlobalTasks backend_extensions;
backend_extensions.emplace_back(new SetTimeoutExtension());
backend_extensions.emplace_back(new InspectorExtension());
TaskRunner backend_runner(std::move(backend_extensions),
kSuppressUncaughtExceptions, &ready_semaphore,
nullptr, kWithInspector);
ready_semaphore.Wait();
UtilsExtension::set_backend_task_runner(&backend_runner);
task_runners = {&frontend_runner, &backend_runner};
Watchdog watchdog(&ready_semaphore);
frontend_runner.Append(std::make_unique<ExecuteStringTask>(
std::string{reinterpret_cast<const char*>(data), size},
frontend_context_group_id));
frontend_runner.Join();
backend_runner.Join();
ready_semaphore.Signal();
watchdog.Join();
// TaskRunners go out of scope here, which causes Isolate teardown and all
// running background tasks to be properly joined.
}
} // namespace
} // namespace internal
} // namespace v8
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
v8::internal::FuzzInspector(data, size);
return 0;
}