<p>I built v8 to run fuzzing in AFL.<br>
First, install <code>depot_tools</code> using the link below.<br>
And then download the <code>v8</code> source code.</p>
<p><span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__36ef893afd157" src="https://embed.zenn.studio/card#zenn-embedded__36ef893afd157" data-content="https%3A%2F%2Fv8.dev%2Fdocs%2Fsource-code" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://v8.dev/docs/source-code" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://v8.dev/docs/source-code</a></p>
<p>Next, create an <code>afl</code> directory in the <code>v8/third_party</code> directory and download the contents of the following link.</p>
<p><span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__cc6ba617766e" src="https://embed.zenn.studio/card#zenn-embedded__cc6ba617766e" data-content="https%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%2F%2B%2Frefs%2Fheads%2Fmaster%2Fthird_party%2Fafl%2F" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://chromium.googlesource.com/chromium/src/+/refs/heads/master/third_party/afl/" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://chromium.googlesource.com/chromium/src/+/refs/heads/master/third_party/afl/</a></p>
<p>Next, go to the <code>v8</code> directory and execute the following command.</p>
<div class="code-block-container"><pre><code>gn gen out/libfuzzer '--args=use_afl=true is_asan=true optimize_for_fuzzing = true ' --check
ninja -C out/libfuzzer d8
afl-fuzz -D -i third_party/afl/src/testcases/others/js/ -o fuzzout -M fuzz1 ./out/libfuzzer/d8
</code></pre></div><p>This was a <code>afl-g++</code> based fuzzing method.<br>
You can probably use <code>clang</code> for faster fuzzing.<br>
You can also use <code>fuzzilli</code> or <code>Dharma</code> for fuzzing.</p>
<p>Regards</p>


[Note] How to build v8 for AFL

Discussion