1 /* 2 * Copyright (c) 2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef CONTAINERSTREEMAPCOMMON_FUZZER_H 17 #define CONTAINERSTREEMAPCOMMON_FUZZER_H 18 19 #include "ecmascript/containers/containers_private.h" 20 #include "ecmascript/containers/containers_treemap.h" 21 #include "ecmascript/ecma_string-inl.h" 22 #include "ecmascript/ecma_vm.h" 23 #include "ecmascript/global_env.h" 24 #include "ecmascript/js_handle.h" 25 #include "ecmascript/napi/include/jsnapi.h" 26 27 namespace panda::ecmascript { 28 using namespace panda::ecmascript::containers; 29 class ContainersTreeMapFuzzTestHelper { 30 public: JSObjectCreate(JSThread *thread)31 static JSFunction *JSObjectCreate(JSThread *thread) 32 { 33 EcmaVM *ecmaVM = thread->GetEcmaVM(); 34 JSHandle<GlobalEnv> globalEnv = ecmaVM->GetGlobalEnv(); 35 return globalEnv->GetObjectFunction().GetObject<JSFunction>(); 36 } 37 CreateEcmaRuntimeCallInfo(JSThread *thread, uint32_t numArgs)38 static EcmaRuntimeCallInfo *CreateEcmaRuntimeCallInfo(JSThread *thread, uint32_t numArgs) 39 { 40 auto factory = thread->GetEcmaVM()->GetFactory(); 41 JSHandle<JSTaggedValue> hclass(thread, JSObjectCreate(thread)); 42 JSHandle<JSTaggedValue> callee( 43 factory->NewJSObjectByConstructor(JSHandle<JSFunction>::Cast(hclass), hclass)); 44 JSHandle<JSTaggedValue> undefined = thread->GlobalConstants()->GetHandledUndefined(); 45 EcmaRuntimeCallInfo *objCallInfo = 46 EcmaInterpreter::NewRuntimeCallInfo(thread, undefined, callee, undefined, numArgs); 47 return objCallInfo; 48 } 49 InitializeTreeMapConstructor(JSThread *thread)50 static JSTaggedValue InitializeTreeMapConstructor(JSThread *thread) 51 { 52 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 53 JSHandle<GlobalEnv> env = thread->GetEcmaVM()->GetGlobalEnv(); 54 55 JSHandle<JSTaggedValue> globalObject = env->GetJSGlobalObject(); 56 JSHandle<JSTaggedValue> key(factory->NewFromASCII("ArkPrivate")); 57 JSHandle<JSTaggedValue> value = 58 JSObject::GetProperty(thread, JSHandle<JSTaggedValue>(globalObject), key).GetValue(); 59 60 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 61 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 62 objCallInfo->SetThis(value.GetTaggedValue()); 63 objCallInfo->SetCallArg(0, JSTaggedValue(static_cast<int>(ContainerTag::TreeMap))); 64 JSTaggedValue result = ContainersPrivate::Load(objCallInfo); 65 return result; 66 } 67 CreateJSAPITreeMap(JSThread *thread)68 static JSHandle<JSAPITreeMap> CreateJSAPITreeMap(JSThread *thread) 69 { 70 JSHandle<JSFunction> newTarget(thread, InitializeTreeMapConstructor(thread)); 71 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 72 objCallInfo->SetFunction(newTarget.GetTaggedValue()); 73 objCallInfo->SetNewTarget(newTarget.GetTaggedValue()); 74 objCallInfo->SetThis(JSTaggedValue::Undefined()); 75 76 JSTaggedValue result = ContainersTreeMap::TreeMapConstructor(objCallInfo); 77 JSHandle<JSAPITreeMap> map(thread, result); 78 return map; 79 } 80 InitFuzzTest(const uint8_t *data, size_t &size, int32_t &key, EcmaVM *&vm, JSThread *&thread)81 static bool InitFuzzTest(const uint8_t *data, size_t &size, int32_t &key, EcmaVM *&vm, JSThread *&thread) 82 { 83 RuntimeOption option; 84 option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR); 85 vm = JSNApi::CreateJSVM(option); 86 thread = vm->GetJSThread(); 87 if (size <= 0) { 88 JSNApi::DestroyJSVM(vm); 89 return false; 90 } 91 size_t maxByteLen = 4; 92 if (size > maxByteLen) { 93 size = maxByteLen; 94 } 95 if (memcpy_s(&key, maxByteLen, data, size) != EOK) { 96 std::cout << "memcpy_s failed!"; 97 UNREACHABLE(); 98 } 99 return true; 100 } 101 ContainersTreeMapClearFuzzTest(const uint8_t *data, size_t size)102 static void ContainersTreeMapClearFuzzTest(const uint8_t *data, size_t size) 103 { 104 EcmaVM *vm = nullptr; 105 JSThread *thread = nullptr; 106 int32_t key = 0; 107 if (!InitFuzzTest(data, size, key, vm, thread)) { 108 return; 109 } 110 111 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 112 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 113 callInfo->SetFunction(JSTaggedValue::Undefined()); 114 callInfo->SetThis(tmap.GetTaggedValue()); 115 callInfo->SetCallArg(0, JSTaggedValue(0)); 116 callInfo->SetCallArg(1, JSTaggedValue(key)); 117 ContainersTreeMap::Set(callInfo); 118 119 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 120 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 121 objcallInfo->SetThis(tmap.GetTaggedValue()); 122 ContainersTreeMap::Clear(objcallInfo); 123 124 JSNApi::DestroyJSVM(vm); 125 } 126 ContainersTreeMapConstructorFuzzTest(const uint8_t *data, size_t size)127 static void ContainersTreeMapConstructorFuzzTest(const uint8_t *data, size_t size) 128 { 129 EcmaVM *vm = nullptr; 130 JSThread *thread = nullptr; 131 int32_t key = 0; 132 if (!InitFuzzTest(data, size, key, vm, thread)) { 133 return; 134 } 135 136 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 137 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 138 callInfo->SetFunction(JSTaggedValue::Undefined()); 139 callInfo->SetThis(tmap.GetTaggedValue()); 140 callInfo->SetCallArg(0, JSTaggedValue(key)); 141 ContainersTreeMap::TreeMapConstructor(callInfo); 142 JSNApi::DestroyJSVM(vm); 143 } 144 ContainersTreeMapEntriesFuzzTest(const uint8_t *data, size_t size)145 static void ContainersTreeMapEntriesFuzzTest(const uint8_t *data, size_t size) 146 { 147 EcmaVM *vm = nullptr; 148 JSThread *thread = nullptr; 149 int32_t key = 0; 150 if (!InitFuzzTest(data, size, key, vm, thread)) { 151 return; 152 } 153 154 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 155 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 156 callInfo->SetFunction(JSTaggedValue::Undefined()); 157 callInfo->SetThis(tmap.GetTaggedValue()); 158 callInfo->SetCallArg(0, JSTaggedValue(0)); 159 callInfo->SetCallArg(1, JSTaggedValue(key)); 160 ContainersTreeMap::Set(callInfo); 161 162 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 163 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 164 objCallInfo->SetThis(tmap.GetTaggedValue()); 165 ContainersTreeMap::Entries(objCallInfo); 166 167 JSNApi::DestroyJSVM(vm); 168 } 169 TestForEachFunc([[maybe_unused]] EcmaRuntimeCallInfo *argv)170 static JSTaggedValue TestForEachFunc([[maybe_unused]] EcmaRuntimeCallInfo *argv) 171 { 172 return JSTaggedValue::True(); 173 } 174 ContainersTreeMapForEachFuzzTest(const uint8_t *data, size_t size)175 static void ContainersTreeMapForEachFuzzTest(const uint8_t *data, size_t size) 176 { 177 EcmaVM *vm = nullptr; 178 JSThread *thread = nullptr; 179 int32_t key = 0; 180 if (!InitFuzzTest(data, size, key, vm, thread)) { 181 return; 182 } 183 184 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 185 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 186 callInfo->SetFunction(JSTaggedValue::Undefined()); 187 callInfo->SetThis(tmap.GetTaggedValue()); 188 callInfo->SetCallArg(0, JSTaggedValue(0)); 189 callInfo->SetCallArg(1, JSTaggedValue(key)); 190 ContainersTreeMap::Set(callInfo); 191 192 ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); 193 JSHandle<JSAPITreeMap> dmap = CreateJSAPITreeMap(thread); 194 JSHandle<GlobalEnv> env = thread->GetEcmaVM()->GetGlobalEnv(); 195 JSHandle<JSFunction> func = factory->NewJSFunction(env, reinterpret_cast<void *>(TestForEachFunc)); 196 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 8); 197 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 198 objCallInfo->SetThis(tmap.GetTaggedValue()); 199 objCallInfo->SetCallArg(0, func.GetTaggedValue()); 200 objCallInfo->SetCallArg(1, dmap.GetTaggedValue()); 201 ContainersTreeMap::ForEach(objCallInfo); 202 203 JSNApi::DestroyJSVM(vm); 204 } 205 ContainersTreeMapGetFuzzTest(const uint8_t *data, size_t size)206 static void ContainersTreeMapGetFuzzTest(const uint8_t *data, size_t size) 207 { 208 EcmaVM *vm = nullptr; 209 JSThread *thread = nullptr; 210 int32_t key = 0; 211 if (!InitFuzzTest(data, size, key, vm, thread)) { 212 return; 213 } 214 215 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 216 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 8); 217 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 218 objcallInfo->SetThis(tmap.GetTaggedValue()); 219 objcallInfo->SetCallArg(0, JSTaggedValue(0)); 220 objcallInfo->SetCallArg(1, JSTaggedValue(key)); 221 ContainersTreeMap::Get(objcallInfo); 222 JSNApi::DestroyJSVM(vm); 223 } 224 ContainersTreeMapGetFirstKeyFuzzTest(const uint8_t *data, size_t size)225 static void ContainersTreeMapGetFirstKeyFuzzTest(const uint8_t *data, size_t size) 226 { 227 EcmaVM *vm = nullptr; 228 JSThread *thread = nullptr; 229 int32_t key = 0; 230 if (!InitFuzzTest(data, size, key, vm, thread)) { 231 return; 232 } 233 234 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 235 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 236 callInfo->SetFunction(JSTaggedValue::Undefined()); 237 callInfo->SetThis(tmap.GetTaggedValue()); 238 callInfo->SetCallArg(0, JSTaggedValue(0)); 239 callInfo->SetCallArg(1, JSTaggedValue(key)); 240 ContainersTreeMap::Set(callInfo); 241 242 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 243 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 244 objCallInfo->SetThis(tmap.GetTaggedValue()); 245 ContainersTreeMap::GetFirstKey(objCallInfo); 246 247 JSNApi::DestroyJSVM(vm); 248 } 249 ContainersTreeMapGetHigherKeyFuzzTest(const uint8_t *data, size_t size)250 static void ContainersTreeMapGetHigherKeyFuzzTest(const uint8_t *data, size_t size) 251 { 252 EcmaVM *vm = nullptr; 253 JSThread *thread = nullptr; 254 int32_t key = 0; 255 if (!InitFuzzTest(data, size, key, vm, thread)) { 256 return; 257 } 258 259 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 260 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 261 callInfo->SetFunction(JSTaggedValue::Undefined()); 262 callInfo->SetThis(tmap.GetTaggedValue()); 263 callInfo->SetCallArg(0, JSTaggedValue(0)); 264 callInfo->SetCallArg(1, JSTaggedValue(key)); 265 ContainersTreeMap::Set(callInfo); 266 267 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 268 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 269 objcallInfo->SetThis(tmap.GetTaggedValue()); 270 objcallInfo->SetCallArg(0, JSTaggedValue(key)); 271 ContainersTreeMap::GetHigherKey(objcallInfo); 272 273 JSNApi::DestroyJSVM(vm); 274 } 275 ContainersTreeMapGetLastKeyFuzzTest(const uint8_t *data, size_t size)276 static void ContainersTreeMapGetLastKeyFuzzTest(const uint8_t *data, size_t size) 277 { 278 EcmaVM *vm = nullptr; 279 JSThread *thread = nullptr; 280 int32_t key = 0; 281 if (!InitFuzzTest(data, size, key, vm, thread)) { 282 return; 283 } 284 285 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 286 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 287 callInfo->SetFunction(JSTaggedValue::Undefined()); 288 callInfo->SetThis(tmap.GetTaggedValue()); 289 callInfo->SetCallArg(0, JSTaggedValue(0)); 290 callInfo->SetCallArg(1, JSTaggedValue(key)); 291 ContainersTreeMap::Set(callInfo); 292 293 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 294 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 295 objCallInfo->SetThis(tmap.GetTaggedValue()); 296 ContainersTreeMap::GetLastKey(objCallInfo); 297 298 JSNApi::DestroyJSVM(vm); 299 } 300 ContainersTreeMapGetLengthFuzzTest(const uint8_t *data, size_t size)301 static void ContainersTreeMapGetLengthFuzzTest(const uint8_t *data, size_t size) 302 { 303 EcmaVM *vm = nullptr; 304 JSThread *thread = nullptr; 305 int32_t key = 0; 306 if (!InitFuzzTest(data, size, key, vm, thread)) { 307 return; 308 } 309 310 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 311 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 312 callInfo->SetFunction(JSTaggedValue::Undefined()); 313 callInfo->SetThis(tmap.GetTaggedValue()); 314 callInfo->SetCallArg(0, JSTaggedValue(0)); 315 callInfo->SetCallArg(1, JSTaggedValue(key)); 316 ContainersTreeMap::Set(callInfo); 317 318 JSHandle<JSAPITreeMap> map = CreateJSAPITreeMap(thread); 319 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 320 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 321 objCallInfo->SetThis(map.GetTaggedValue()); 322 ContainersTreeMap::GetLength(objCallInfo); 323 324 JSNApi::DestroyJSVM(vm); 325 } 326 ContainersTreeMapGetLowerKeyFuzzTest(const uint8_t *data, size_t size)327 static void ContainersTreeMapGetLowerKeyFuzzTest(const uint8_t *data, size_t size) 328 { 329 EcmaVM *vm = nullptr; 330 JSThread *thread = nullptr; 331 int32_t key = 0; 332 if (!InitFuzzTest(data, size, key, vm, thread)) { 333 return; 334 } 335 336 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 337 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 338 callInfo->SetFunction(JSTaggedValue::Undefined()); 339 callInfo->SetThis(tmap.GetTaggedValue()); 340 callInfo->SetCallArg(0, JSTaggedValue(0)); 341 callInfo->SetCallArg(1, JSTaggedValue(key)); 342 ContainersTreeMap::Set(callInfo); 343 344 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 345 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 346 objcallInfo->SetThis(tmap.GetTaggedValue()); 347 objcallInfo->SetCallArg(0, JSTaggedValue(key)); 348 ContainersTreeMap::GetLowerKey(objcallInfo); 349 350 JSNApi::DestroyJSVM(vm); 351 } 352 ContainersTreeMapCheckKeyFuzzTest(const uint8_t *data, size_t size)353 static void ContainersTreeMapCheckKeyFuzzTest(const uint8_t *data, size_t size) 354 { 355 EcmaVM *vm = nullptr; 356 JSThread *thread = nullptr; 357 int32_t key = 0; 358 if (!InitFuzzTest(data, size, key, vm, thread)) { 359 return; 360 } 361 362 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 363 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 364 callInfo->SetFunction(JSTaggedValue::Undefined()); 365 callInfo->SetThis(tmap.GetTaggedValue()); 366 callInfo->SetCallArg(0, JSTaggedValue(key)); 367 368 ContainersTreeMap::HasKey(callInfo); 369 JSNApi::DestroyJSVM(vm); 370 } 371 ContainersTreeMapCheckValueFuzzTest(const uint8_t *data, size_t size)372 static void ContainersTreeMapCheckValueFuzzTest(const uint8_t *data, size_t size) 373 { 374 EcmaVM *vm = nullptr; 375 JSThread *thread = nullptr; 376 int32_t key = 0; 377 if (!InitFuzzTest(data, size, key, vm, thread)) { 378 return; 379 } 380 381 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 382 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 383 callInfo->SetFunction(JSTaggedValue::Undefined()); 384 callInfo->SetThis(tmap.GetTaggedValue()); 385 callInfo->SetCallArg(0, JSTaggedValue(key)); 386 387 ContainersTreeMap::HasValue(callInfo); 388 JSNApi::DestroyJSVM(vm); 389 } 390 ContainersTreeMapIsEmptyFuzzTest(const uint8_t *data, size_t size)391 static void ContainersTreeMapIsEmptyFuzzTest(const uint8_t *data, size_t size) 392 { 393 EcmaVM *vm = nullptr; 394 JSThread *thread = nullptr; 395 int32_t key = 0; 396 if (!InitFuzzTest(data, size, key, vm, thread)) { 397 return; 398 } 399 400 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 401 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 402 callInfo->SetFunction(JSTaggedValue::Undefined()); 403 callInfo->SetThis(tmap.GetTaggedValue()); 404 callInfo->SetCallArg(0, JSTaggedValue(0)); 405 callInfo->SetCallArg(1, JSTaggedValue(key)); 406 ContainersTreeMap::Set(callInfo); 407 ContainersTreeMap::IsEmpty(callInfo); 408 JSNApi::DestroyJSVM(vm); 409 } 410 ContainersTreeMapKeysFuzzTest(const uint8_t *data, size_t size)411 static void ContainersTreeMapKeysFuzzTest(const uint8_t *data, size_t size) 412 { 413 EcmaVM *vm = nullptr; 414 JSThread *thread = nullptr; 415 int32_t key = 0; 416 if (!InitFuzzTest(data, size, key, vm, thread)) { 417 return; 418 } 419 420 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 421 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 422 callInfo->SetFunction(JSTaggedValue::Undefined()); 423 callInfo->SetThis(tmap.GetTaggedValue()); 424 callInfo->SetCallArg(0, JSTaggedValue(0)); 425 callInfo->SetCallArg(1, JSTaggedValue(key)); 426 ContainersTreeMap::Set(callInfo); 427 428 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 429 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 430 objcallInfo->SetThis(tmap.GetTaggedValue()); 431 ContainersTreeMap::Keys(objcallInfo); 432 JSNApi::DestroyJSVM(vm); 433 } 434 ContainersTreeMapRemoveFuzzTest(const uint8_t *data, size_t size)435 static void ContainersTreeMapRemoveFuzzTest(const uint8_t *data, size_t size) 436 { 437 EcmaVM *vm = nullptr; 438 JSThread *thread = nullptr; 439 int32_t key = 0; 440 if (!InitFuzzTest(data, size, key, vm, thread)) { 441 return; 442 } 443 444 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 445 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 446 callInfo->SetFunction(JSTaggedValue::Undefined()); 447 callInfo->SetThis(tmap.GetTaggedValue()); 448 callInfo->SetCallArg(0, JSTaggedValue(0)); 449 callInfo->SetCallArg(1, JSTaggedValue(key)); 450 ContainersTreeMap::Set(callInfo); 451 452 JSHandle<JSAPITreeMap> map = CreateJSAPITreeMap(thread); 453 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 454 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 455 objcallInfo->SetThis(map.GetTaggedValue()); 456 objcallInfo->SetCallArg(0, JSTaggedValue(key)); 457 ContainersTreeMap::Remove(objcallInfo); 458 459 JSNApi::DestroyJSVM(vm); 460 } 461 ContainersTreeMapReplaceFuzzTest(const uint8_t *data, size_t size)462 static void ContainersTreeMapReplaceFuzzTest(const uint8_t *data, size_t size) 463 { 464 EcmaVM *vm = nullptr; 465 JSThread *thread = nullptr; 466 int32_t key = 0; 467 if (!InitFuzzTest(data, size, key, vm, thread)) { 468 return; 469 } 470 471 constexpr int nodeNumbers = 8; 472 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 473 for (int i = 0; i < nodeNumbers; i++) { 474 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 475 callInfo->SetFunction(JSTaggedValue::Undefined()); 476 callInfo->SetThis(tmap.GetTaggedValue()); 477 callInfo->SetCallArg(0, JSTaggedValue(key)); 478 callInfo->SetCallArg(1, JSTaggedValue(key)); 479 ContainersTreeMap::Set(callInfo); 480 481 auto objCallInfo = CreateEcmaRuntimeCallInfo(thread, 8); 482 objCallInfo->SetFunction(JSTaggedValue::Undefined()); 483 objCallInfo->SetThis(tmap.GetTaggedValue()); 484 objCallInfo->SetCallArg(0, JSTaggedValue(nodeNumbers / 2)); // 2 : half of nodeNumbers 485 objCallInfo->SetCallArg(1, JSTaggedValue(nodeNumbers)); 486 ContainersTreeMap::Replace(callInfo); 487 } 488 JSNApi::DestroyJSVM(vm); 489 } 490 ContainersTreeMapSetFuzzTest(const uint8_t *data, size_t size)491 static void ContainersTreeMapSetFuzzTest(const uint8_t *data, size_t size) 492 { 493 EcmaVM *vm = nullptr; 494 JSThread *thread = nullptr; 495 int32_t key = 0; 496 if (!InitFuzzTest(data, size, key, vm, thread)) { 497 return; 498 } 499 500 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 501 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 502 callInfo->SetFunction(JSTaggedValue::Undefined()); 503 callInfo->SetThis(tmap.GetTaggedValue()); 504 callInfo->SetCallArg(0, JSTaggedValue(0)); 505 callInfo->SetCallArg(1, JSTaggedValue(key)); 506 507 ContainersTreeMap::Set(callInfo); 508 JSNApi::DestroyJSVM(vm); 509 } 510 ContainersTreeMapSetAllFuzzTest(const uint8_t *data, size_t size)511 static void ContainersTreeMapSetAllFuzzTest(const uint8_t *data, size_t size) 512 { 513 EcmaVM *vm = nullptr; 514 JSThread *thread = nullptr; 515 int32_t key = 0; 516 if (!InitFuzzTest(data, size, key, vm, thread)) { 517 return; 518 } 519 520 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 521 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 522 callInfo->SetFunction(JSTaggedValue::Undefined()); 523 callInfo->SetThis(tmap.GetTaggedValue()); 524 callInfo->SetCallArg(0, JSTaggedValue(0)); 525 callInfo->SetCallArg(1, JSTaggedValue(key)); 526 ContainersTreeMap::Set(callInfo); 527 528 JSHandle<JSAPITreeMap> map = CreateJSAPITreeMap(thread); 529 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 6); 530 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 531 objcallInfo->SetThis(map.GetTaggedValue()); 532 objcallInfo->SetCallArg(0, tmap.GetTaggedValue()); 533 ContainersTreeMap::SetAll(objcallInfo); 534 535 JSNApi::DestroyJSVM(vm); 536 } 537 ContainersTreeMapValuesFuzzTest(const uint8_t *data, size_t size)538 static void ContainersTreeMapValuesFuzzTest(const uint8_t *data, size_t size) 539 { 540 EcmaVM *vm = nullptr; 541 JSThread *thread = nullptr; 542 int32_t key = 0; 543 if (!InitFuzzTest(data, size, key, vm, thread)) { 544 return; 545 } 546 547 JSHandle<JSAPITreeMap> tmap = CreateJSAPITreeMap(thread); 548 auto callInfo = CreateEcmaRuntimeCallInfo(thread, 8); 549 callInfo->SetFunction(JSTaggedValue::Undefined()); 550 callInfo->SetThis(tmap.GetTaggedValue()); 551 callInfo->SetCallArg(0, JSTaggedValue(0)); 552 callInfo->SetCallArg(1, JSTaggedValue(key)); 553 ContainersTreeMap::Set(callInfo); 554 555 auto objcallInfo = CreateEcmaRuntimeCallInfo(thread, 4); 556 objcallInfo->SetFunction(JSTaggedValue::Undefined()); 557 objcallInfo->SetThis(tmap.GetTaggedValue()); 558 ContainersTreeMap::Values(objcallInfo); 559 560 JSNApi::DestroyJSVM(vm); 561 } 562 }; 563 } // namespace panda::ecmascript 564 #endif