FuzzJs: If the program successfully parsed, try running it

This should help us get a lot more coverage in LibJS.
Author: https://github.com/Lubrsi Commit: https://github.com/SerenityOS/serenity/commit/c49899b0b64 Pull-request: https://github.com/SerenityOS/serenity/pull/4769
2025-04-20 03:25:13 +00:00 · 2021-01-03 15:01:36 +00:00 · 2021-01-03 15:01:36 +00:00 · c49899b0b6 · 2024-07-19 00:10:04 +09:00
commit c49899b0b6
parent 7bb18215cb
1 changed files with 8 additions and 1 deletions
--- a/Meta/Lagom/Fuzzers/FuzzJs.cpp
+++ b/Meta/Lagom/Fuzzers/FuzzJs.cpp
@ -25,8 +25,10 @@
 */

 #include <AK/StringView.h>
+#include <LibJS/Interpreter.h>
 #include <LibJS/Lexer.h>
 #include <LibJS/Parser.h>
+#include <LibJS/Runtime/GlobalObject.h>
 #include <stddef.h>
 #include <stdint.h>

@ -35,6 +37,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
    auto js = AK::StringView(static_cast<const unsigned char*>(data), size);
    auto lexer = JS::Lexer(js);
    auto parser = JS::Parser(lexer);
-    parser.parse_program();
+    auto program = parser.parse_program();
+    if (!parser.has_errors()) {
+        auto vm = JS::VM::create();
+        auto interpreter = JS::Interpreter::create<JS::GlobalObject>(*vm);
+        interpreter->run(interpreter->global_object(), *program);
+    }
    return 0;
 }