[Note] How to build v8 for AFL

I built v8 to run fuzzing in AFL. First, install depot_tools using the link below. And then download the v8 source code.

https://v8.dev/docs/source-code

Next, create an afl directory in the v8/third_party directory and download the contents of the following link.

https://chromium.googlesource.com/chromium/src/+/refs/heads/master/third_party/afl/

Next, go to the v8 directory and execute the following command.

gn gen out/libfuzzer '--args=use_afl=true is_asan=true optimize_for_fuzzing = true ' --check
ninja -C out/libfuzzer d8
afl-fuzz -D -i third_party/afl/src/testcases/others/js/ -o fuzzout -M fuzz1 ./out/libfuzzer/d8

This was a afl-g++ based fuzzing method. You can probably use clang for faster fuzzing. You can also use fuzzilli or Dharma for fuzzing.

Regards