diff --git a/Sources/Fuzzilli/Base/ProgramBuilder.swift b/Sources/Fuzzilli/Base/ProgramBuilder.swift index ccb5f7147..c4031cc4a 100644 --- a/Sources/Fuzzilli/Base/ProgramBuilder.swift +++ b/Sources/Fuzzilli/Base/ProgramBuilder.swift @@ -517,7 +517,7 @@ public class ProgramBuilder { // We can be sure that we have such a builtin with a signature because the Environment checks this during initialization. let signature = fuzzer.environment.type(ofBuiltin: group).signature! - let constructor = loadBuiltin(group) + let constructor = createNamedVariable(forBuiltin: group) let arguments = findOrGenerateArgumentsInternal(forSignature: signature) let constructed = construct(constructor, withArgs: arguments) @@ -1939,11 +1939,6 @@ public class ProgramBuilder { return emit(CreateTemplateString(parts: parts), withInputs: interpolatedValues).output } - @discardableResult - public func loadBuiltin(_ name: String) -> Variable { - return emit(LoadBuiltin(builtinName: name)).output - } - @discardableResult public func getProperty(_ name: String, of object: Variable, guard isGuarded: Bool = false) -> Variable { return emit(GetProperty(propertyName: name, isGuarded: isGuarded), withInputs: [object]).output @@ -2325,16 +2320,15 @@ public class ProgramBuilder { } @discardableResult - public func loadNamedVariable(_ name: String) -> Variable { - return emit(LoadNamedVariable(name)).output + public func createNamedVariable(_ name: String, declarationMode: NamedVariableDeclarationMode, initialValue: Variable? = nil) -> Variable { + assert((declarationMode == .none) == (initialValue == nil)) + let inputs = initialValue != nil ? [initialValue!] : [] + return emit(CreateNamedVariable(name, declarationMode: declarationMode), withInputs: inputs).output } - - public func storeNamedVariable(_ name: String, _ value: Variable) { - emit(StoreNamedVariable(name), withInputs: [value]) - } - - public func defineNamedVariable(_ name: String, _ value: Variable) { - emit(DefineNamedVariable(name), withInputs: [value]) + + @discardableResult + public func createNamedVariable(forBuiltin builtinName: String) -> Variable { + return createNamedVariable(builtinName, declarationMode: .none) } @discardableResult diff --git a/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift b/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift index f66cde620..0ded74759 100644 --- a/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift +++ b/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift @@ -25,6 +25,7 @@ public let codeGeneratorWeights = [ "BooleanGenerator": 2, "UndefinedGenerator": 1, "NullGenerator": 1, + "NamedVariableGenerator": 10, "ArrayGenerator": 10, "FloatArrayGenerator": 10, "IntArrayGenerator": 10, @@ -133,9 +134,6 @@ public let codeGeneratorWeights = [ "DestructObjectAndReassignGenerator": 5, "WithStatementGenerator": 3, "ComparisonGenerator": 10, - "NamedVariableLoadGenerator": 3, - "NamedVariableStoreGenerator": 3, - "NamedVariableDefinitionGenerator": 3, "SuperMethodCallGenerator": 20, // These will only be used inside class methods, and only if private properties were previously declared in that class. diff --git a/Sources/Fuzzilli/CodeGen/CodeGenerators.swift b/Sources/Fuzzilli/CodeGen/CodeGenerators.swift index 0be26abe9..62403082c 100644 --- a/Sources/Fuzzilli/CodeGen/CodeGenerators.swift +++ b/Sources/Fuzzilli/CodeGen/CodeGenerators.swift @@ -100,7 +100,7 @@ public let CodeGenerators: [CodeGenerator] = [ ValueGenerator("BuiltinObjectInstanceGenerator") { b, n in let builtin = chooseUniform(from: ["Array", "Map", "WeakMap", "Set", "WeakSet", "Date"]) - let constructor = b.loadBuiltin(builtin) + let constructor = b.createNamedVariable(forBuiltin: builtin) if builtin == "Array" { let size = b.loadInt(b.randomSize(upTo: 0x1000)) b.construct(constructor, withArgs: [size]) @@ -113,8 +113,8 @@ public let CodeGenerators: [CodeGenerator] = [ ValueGenerator("TypedArrayGenerator") { b, n in for _ in 0.. Void in - let propertyName = b.type(of: obj).randomProperty() ?? b.randomCustomPropertyName() - b.loadNamedVariable(propertyName) - }, else: { () -> Void in + for i in 1...3 { let propertyName = b.type(of: obj).randomProperty() ?? b.randomCustomPropertyName() - let value = b.randomVariable() - b.storeNamedVariable(propertyName, value) - }) + b.createNamedVariable(propertyName, declarationMode: .none) + } b.buildRecursive() } }, - CodeGenerator("NamedVariableLoadGenerator") { b in - // We're using the custom property names set from the environment for named variables. - // It's not clear if there's something better since that set should be relatively small - // (increasing the probability that named variables will be reused), and it also makes - // sense to use property names if we're inside a `with` statement. - b.loadNamedVariable(b.randomCustomPropertyName()) - }, - - CodeGenerator("NamedVariableStoreGenerator") { b in - let value = b.randomVariable() - b.storeNamedVariable(b.randomCustomPropertyName(), value) - }, - - CodeGenerator("NamedVariableDefinitionGenerator") { b in - let value = b.randomVariable() - b.defineNamedVariable(b.randomCustomPropertyName(), value) - }, - RecursiveCodeGenerator("EvalGenerator") { b in let code = b.buildCodeString() { b.buildRecursive() } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code]) }, @@ -1629,7 +1622,7 @@ public let CodeGenerators: [CodeGenerator] = [ let numComputations = Int.random(in: 3...7) // Common mathematical operations are exposed through the Math builtin in JavaScript. - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") b.hide(Math) // Following code generators should use the numbers generated below, not the Math object. var values = b.randomVariables(upTo: Int.random(in: 1...3)) @@ -1676,7 +1669,7 @@ public let CodeGenerators: [CodeGenerator] = [ } } } else { - let toPrimitive = b.getProperty("toPrimitive", of: b.loadBuiltin("Symbol")) + let toPrimitive = b.getProperty("toPrimitive", of: b.createNamedVariable(forBuiltin: "Symbol")) imitation = b.buildObjectLiteral { obj in obj.addComputedMethod(toPrimitive, with: .parameters(n: 0)) { _ in b.buildRecursive(n: 3) @@ -1689,7 +1682,7 @@ public let CodeGenerators: [CodeGenerator] = [ // A lot of functions are also objects, so we could handle them either way. However, it probably makes more sense to handle // them as a function since they would otherwise no longer be callable. let handler = b.createObject(with: [:]) - let Proxy = b.loadBuiltin("Proxy") + let Proxy = b.createNamedVariable(forBuiltin: "Proxy") imitation = b.construct(Proxy, withArgs: [orig, handler]) } else if b.type(of: orig).Is(.object()) { // Either make a class that extends that object's constructor or make a new object with the original object as prototype. @@ -1724,13 +1717,13 @@ public let CodeGenerators: [CodeGenerator] = [ if maxSize < size { maxSize = size } - let ArrayBuffer = b.loadBuiltin("ArrayBuffer") + let ArrayBuffer = b.createNamedVariable(forBuiltin: "ArrayBuffer") b.hide(ArrayBuffer) let options = b.createObject(with: ["maxByteLength": b.loadInt(maxSize)]) let ab = b.construct(ArrayBuffer, withArgs: [b.loadInt(size), options]) - let View = b.loadBuiltin( - chooseUniform( + let View = b.createNamedVariable( + forBuiltin: chooseUniform( from: ["Uint8Array", "Int8Array", "Uint16Array", "Int16Array", "Uint32Array", "Int32Array", "Float32Array", "Float64Array", "Uint8ClampedArray", "BigInt64Array", "BigUint64Array", "DataView"] ) ) @@ -1743,13 +1736,13 @@ public let CodeGenerators: [CodeGenerator] = [ if maxSize < size { maxSize = size } - let ArrayBuffer = b.loadBuiltin("SharedArrayBuffer") + let ArrayBuffer = b.createNamedVariable(forBuiltin: "SharedArrayBuffer") b.hide(ArrayBuffer) let options = b.createObject(with: ["maxByteLength": b.loadInt(maxSize)]) let ab = b.construct(ArrayBuffer, withArgs: [b.loadInt(size), options]) - let View = b.loadBuiltin( - chooseUniform( + let View = b.createNamedVariable( + forBuiltin: chooseUniform( from: ["Uint8Array", "Int8Array", "Uint16Array", "Int16Array", "Uint32Array", "Int32Array", "Float32Array", "Float64Array", "Uint8ClampedArray", "BigInt64Array", "BigUint64Array", "DataView"] ) ) @@ -1802,7 +1795,7 @@ public let CodeGenerators: [CodeGenerator] = [ }, CodeGenerator("IteratorGenerator") { b in - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") b.hide(Symbol) let iteratorSymbol = b.getProperty("iterator", of: Symbol) b.hide(iteratorSymbol) diff --git a/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift b/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift index 04854911a..042513580 100644 --- a/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift +++ b/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift @@ -228,7 +228,7 @@ public let ProgramTemplates = [ b.build(n: 25) // Generate random JSON payloads by stringifying random values - let JSON = b.loadBuiltin("JSON") + let JSON = b.createNamedVariable(forBuiltin: "JSON") var jsonPayloads = [Variable]() for _ in 0..() - /// List of all named variables. - /// TODO instead of a global list, this should be per (var) scope. - private var namedVariables = Set() - /// The next free FuzzIL variable. private var nextVariable = 0 @@ -95,14 +91,26 @@ public class JavaScriptCompiler { if decl.hasValue { initialValue = try compileExpression(decl.value) } else { + // TODO(saelo): consider caching the `undefined` value for future uses initialValue = emit(LoadUndefined()).output } - if variableDeclaration.kind == .var && namedVariables.contains(decl.name) { - emit(DefineNamedVariable(decl.name), withInputs: [initialValue]) - } else { - map(decl.name, to: initialValue) + let declarationMode: NamedVariableDeclarationMode + switch variableDeclaration.kind { + case .var: + declarationMode = .var + case .let: + declarationMode = .let + case .const: + declarationMode = .const + case .UNRECOGNIZED(let type): + throw CompilerError.invalidNodeError("invalid variable declaration type \(type)") } + + let v = emit(CreateNamedVariable(decl.name, declarationMode: declarationMode), withInputs: [initialValue]).output + // Variables declared with .var are allowed to overwrite each other. + assert(!currentScope.keys.contains(decl.name) || declarationMode == .var) + mapOrRemap(decl.name, to: v) } case .functionDeclaration(let functionDeclaration): @@ -126,7 +134,9 @@ public class JavaScriptCompiler { } let instr = emit(functionBegin) - map(functionDeclaration.name, to: instr.output) + // The function may have been accessed before it was defined due to function hoisting, so + // here we may overwrite an existing variable mapping. + mapOrRemap(functionDeclaration.name, to: instr.output) try enterNewScope { mapParameters(functionDeclaration.parameters, to: instr.innerOutputs) for statement in functionDeclaration.body { @@ -352,12 +362,12 @@ public class JavaScriptCompiler { emit(EndDoWhileLoop(), withInputs: [cond]) case .forLoop(let forLoop): - try enterNewScope { - var loopVariables = [String]() + var loopVariables = [String]() - // Process initializer. - var initialLoopVariableValues = [Variable]() - emit(BeginForLoopInitializer()) + // Process initializer. + var initialLoopVariableValues = [Variable]() + emit(BeginForLoopInitializer()) + try enterNewScope { if let initializer = forLoop.initializer { switch initializer { case .declaration(let declaration): @@ -369,32 +379,38 @@ public class JavaScriptCompiler { try compileExpression(expression) } } + } - // Process condition. - var outputs = emit(BeginForLoopCondition(numLoopVariables: loopVariables.count), withInputs: initialLoopVariableValues).innerOutputs + // Process condition. + var outputs = emit(BeginForLoopCondition(numLoopVariables: loopVariables.count), withInputs: initialLoopVariableValues).innerOutputs + var cond: Variable? = nil + try enterNewScope { zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) - let cond: Variable if forLoop.hasCondition { cond = try compileExpression(forLoop.condition) } else { cond = emit(LoadBoolean(value: true)).output } + } - // Process afterthought. - outputs = emit(BeginForLoopAfterthought(numLoopVariables: loopVariables.count), withInputs: [cond]).innerOutputs - zip(loopVariables, outputs).forEach({ remap($0, to: $1 )}) + // Process afterthought. + outputs = emit(BeginForLoopAfterthought(numLoopVariables: loopVariables.count), withInputs: [cond!]).innerOutputs + try enterNewScope { + zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) if forLoop.hasAfterthought { try compileExpression(forLoop.afterthought) } + } - // Process body - outputs = emit(BeginForLoopBody(numLoopVariables: loopVariables.count)).innerOutputs - zip(loopVariables, outputs).forEach({ remap($0, to: $1 )}) + // Process body + outputs = emit(BeginForLoopBody(numLoopVariables: loopVariables.count)).innerOutputs + try enterNewScope { + zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) try compileBody(forLoop.body) - - emit(EndForLoop()) } + emit(EndForLoop()) + case .forInLoop(let forInLoop): let initializer = forInLoop.left; guard !initializer.hasValue else { @@ -545,9 +561,8 @@ public class JavaScriptCompiler { case .identifier(let identifier): // Identifiers can generally turn into one of three things: // 1. A FuzzIL variable that has previously been associated with the identifier - // 2. A LoadBuiltin operation if the identifier belongs to a builtin object (as defined by the environment) - // 3. A LoadUndefined or LoadArguments operations if the identifier is "undefined" or "arguments" respectively - // 4. A LoadNamedVariable operation in all other cases (typically global or hoisted variables, but could also be properties in a with statement) + // 2. A LoadUndefined or LoadArguments operations if the identifier is "undefined" or "arguments" respectively + // 3. A CreateNamedVariable operation in all other cases (typically global or hoisted variables, but could also be properties in a with statement) // We currently fall-back to case 3 if none of the other works. However, this isn't quite correct as it would incorrectly deal with e.g. // @@ -567,11 +582,6 @@ public class JavaScriptCompiler { } // Case 2 - if environment.builtins.contains(identifier.name) { - return emit(LoadBuiltin(builtinName: identifier.name)).output - } - - // Case 3 assert(identifier.name != "this") // This is handled via ThisExpression if identifier.name == "undefined" { return emit(LoadUndefined()).output @@ -579,12 +589,12 @@ public class JavaScriptCompiler { return emit(LoadArguments()).output } - // Case 4 - // In this case, we need to remember that this variable was accessed in the current scope. - // If the variable access is hoisted, and the variable is defined later, then this allows - // the variable definition to turn into a DefineNamedVariable operation. - namedVariables.insert(identifier.name) - return emit(LoadNamedVariable(identifier.name)).output + // Case 3 + let v = emit(CreateNamedVariable(identifier.name, declarationMode: .none)).output + // Cache the variable in case it is reused again to avoid emitting multiple + // CreateNamedVariable operations for the same variable. + map(identifier.name, to: v) + return v case .numberLiteral(let literal): if let intValue = Int64(exactly: literal.value) { @@ -599,7 +609,7 @@ public class JavaScriptCompiler { } else { // TODO should LoadBigInt support larger integer values (represented as string)? let stringValue = emit(LoadString(value: literal.value)).output - let BigInt = emit(LoadBuiltin(builtinName: "BigInt")).output + let BigInt = emit(CreateNamedVariable("BigInt", declarationMode: .none)).output return emit(CallFunction(numArguments: 1, isGuarded: false), withInputs: [BigInt, stringValue]).output } @@ -652,7 +662,6 @@ public class JavaScriptCompiler { } switch lhs { - case .memberExpression(let memberExpression): // Compile to a Set- or Update{Property/Element/ComputedProperty} operation let object = try compileExpression(memberExpression.object) @@ -680,6 +689,7 @@ public class JavaScriptCompiler { } } } + case .superMemberExpression(let superMemberExpression): guard superMemberExpression.isOptional == false else { throw CompilerError.unsupportedFeatureError("Optional chaining is not supported in super member expressions") @@ -705,36 +715,24 @@ public class JavaScriptCompiler { emit(SetComputedSuperProperty(), withInputs: [property, rhs]) } - case .identifier(let identifier): - if let lhs = lookupIdentifier(identifier.name) { - // Compile to a Reassign or Update operation - switch assignmentExpression.operator { - case "=": - emit(Reassign(), withInputs: [lhs, rhs]) - default: - // It's something like "+=", "-=", etc. - let binaryOperator = String(assignmentExpression.operator.dropLast()) - guard let op = BinaryOperator(rawValue: binaryOperator) else { - throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") - } - emit(Update(op), withInputs: [lhs, rhs]) - } - } else { - // It's (probably) a hoisted or a global variable access. Compile as a named variable. - switch assignmentExpression.operator { - case "=": - emit(StoreNamedVariable(identifier.name), withInputs: [rhs]) - default: - // It's something like "+=", "-=", etc. - let binaryOperator = String(assignmentExpression.operator.dropLast()) - guard let op = BinaryOperator(rawValue: binaryOperator) else { - throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") - } - let oldVal = emit(LoadNamedVariable(identifier.name)).output - let newVal = emit(BinaryOperation(op), withInputs: [oldVal, rhs]).output - emit(StoreNamedVariable(identifier.name), withInputs: [newVal]) + // Try to lookup the variable belonging to the identifier. If there is none, we're (probably) dealing with + // an access to a global variable/builtin or a hoisted variable access. In the case, create a named variable. + let lhs = lookupIdentifier(identifier.name) ?? emit(CreateNamedVariable(identifier.name, declarationMode: .none)).output + + // Compile to a Reassign or Update operation + switch assignmentExpression.operator { + case "=": + // TODO(saelo): if we're assigning to a named variable, we could also generate a declaration + // of a global variable here instead. Probably it doeesn't matter in practice though. + emit(Reassign(), withInputs: [lhs, rhs]) + default: + // It's something like "+=", "-=", etc. + let binaryOperator = String(assignmentExpression.operator.dropLast()) + guard let op = BinaryOperator(rawValue: binaryOperator) else { + throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") } + emit(Update(op), withInputs: [lhs, rhs]) } default: @@ -1178,6 +1176,10 @@ public class JavaScriptCompiler { assert(scopes.top[identifier] != nil) scopes.top[identifier] = v } + + private func mapOrRemap(_ identifier: String, to v: Variable) { + scopes.top[identifier] = v + } private func mapParameters(_ parameters: [Compiler_Protobuf_Parameter], to variables: ArraySlice) { assert(parameters.count == variables.count) diff --git a/Sources/Fuzzilli/FuzzIL/Instruction.swift b/Sources/Fuzzilli/FuzzIL/Instruction.swift index d25ef29b2..da5cfcb56 100644 --- a/Sources/Fuzzilli/FuzzIL/Instruction.swift +++ b/Sources/Fuzzilli/FuzzIL/Instruction.swift @@ -500,8 +500,6 @@ extension Instruction: ProtobufConvertible { $0.createArrayWithSpread = Fuzzilli_Protobuf_CreateArrayWithSpread.with { $0.spreads = op.spreads } case .createTemplateString(let op): $0.createTemplateString = Fuzzilli_Protobuf_CreateTemplateString.with { $0.parts = op.parts } - case .loadBuiltin(let op): - $0.loadBuiltin = Fuzzilli_Protobuf_LoadBuiltin.with { $0.builtinName = op.builtinName } case .getProperty(let op): $0.getProperty = Fuzzilli_Protobuf_GetProperty.with { $0.propertyName = op.propertyName @@ -697,12 +695,11 @@ extension Instruction: ProtobufConvertible { } case .compare(let op): $0.compare = Fuzzilli_Protobuf_Compare.with { $0.op = convertEnum(op.op, Comparator.allCases) } - case .loadNamedVariable(let op): - $0.loadNamedVariable = Fuzzilli_Protobuf_LoadNamedVariable.with { $0.variableName = op.variableName } - case .storeNamedVariable(let op): - $0.storeNamedVariable = Fuzzilli_Protobuf_StoreNamedVariable.with { $0.variableName = op.variableName } - case .defineNamedVariable(let op): - $0.defineNamedVariable = Fuzzilli_Protobuf_DefineNamedVariable.with { $0.variableName = op.variableName } + case .createNamedVariable(let op): + $0.createNamedVariable = Fuzzilli_Protobuf_CreateNamedVariable.with { + $0.variableName = op.variableName + $0.declarationMode = convertEnum(op.declarationMode, NamedVariableDeclarationMode.allCases) + } case .eval(let op): $0.eval = Fuzzilli_Protobuf_Eval.with { $0.code = op.code @@ -1006,8 +1003,6 @@ extension Instruction: ProtobufConvertible { op = CreateArrayWithSpread(spreads: p.spreads) case .createTemplateString(let p): op = CreateTemplateString(parts: p.parts) - case .loadBuiltin(let p): - op = LoadBuiltin(builtinName: p.builtinName) case .getProperty(let p): op = GetProperty(propertyName: p.propertyName, isGuarded: p.isGuarded) case .setProperty(let p): @@ -1141,12 +1136,8 @@ extension Instruction: ProtobufConvertible { op = DestructObjectAndReassign(properties: p.properties, hasRestElement: p.hasRestElement_p) case .compare(let p): op = Compare(try convertEnum(p.op, Comparator.allCases)) - case .loadNamedVariable(let p): - op = LoadNamedVariable(p.variableName) - case .storeNamedVariable(let p): - op = StoreNamedVariable(p.variableName) - case .defineNamedVariable(let p): - op = DefineNamedVariable(p.variableName) + case .createNamedVariable(let p): + op = CreateNamedVariable(p.variableName, declarationMode: try convertEnum(p.declarationMode, NamedVariableDeclarationMode.allCases)) case .eval(let p): let numArguments = inouts.count - (p.hasOutput_p ? 1 : 0) op = Eval(p.code, numArguments: numArguments, hasOutput: p.hasOutput_p) diff --git a/Sources/Fuzzilli/FuzzIL/JSTyper.swift b/Sources/Fuzzilli/FuzzIL/JSTyper.swift index c2b0b2910..a83690159 100644 --- a/Sources/Fuzzilli/FuzzIL/JSTyper.swift +++ b/Sources/Fuzzilli/FuzzIL/JSTyper.swift @@ -451,9 +451,6 @@ public struct JSTyper: Analyzer { } switch instr.op.opcode { - case .loadBuiltin(let op): - set(instr.output, environment.type(ofBuiltin: op.builtinName)) - case .loadInteger: set(instr.output, environment.intType) @@ -480,6 +477,15 @@ public struct JSTyper: Analyzer { case .loadArguments: set(instr.output, environment.argumentsType) + + case .createNamedVariable(let op): + if op.hasInitialValue { + set(instr.output, type(ofInput: 0)) + } else if (environment.hasBuiltin(op.variableName)) { + set(instr.output, environment.type(ofBuiltin: op.variableName)) + } else { + set(instr.output, .anything) + } case .loadDisposableVariable: set(instr.output, type(ofInput: 0)) @@ -734,10 +740,6 @@ public struct JSTyper: Analyzer { case .compare: set(instr.output, .boolean) - case .loadNamedVariable: - // We don't currently track these. - set(instr.output, .anything) - case .await: // TODO if input type is known, set to input type and possibly unwrap the Promise set(instr.output, .anything) diff --git a/Sources/Fuzzilli/FuzzIL/JsOperations.swift b/Sources/Fuzzilli/FuzzIL/JsOperations.swift index 62b7a4497..1dac83d0d 100644 --- a/Sources/Fuzzilli/FuzzIL/JsOperations.swift +++ b/Sources/Fuzzilli/FuzzIL/JsOperations.swift @@ -229,6 +229,79 @@ final class LoadArguments: JsOperation { } } +// Named Variables. +// +// Named variables are variables with a specific name. They are created through the +// CreateNamedVariable operation and are useful whenever the name of a variable is +// (potentially) important. In particular they are used frequenty when compiling +// existing JavaScript code to FuzzIL. Furthermore, named variables are also used to +// access builtins as these are effectively just global/pre-existing named variables. +// +// When declaring a new named variable (i.e. when the declarationMode is not .none), +// then an initial value must be provided (as first and only input to the operation). +// "Uninitialized" named variables can be created by using `undefined` as initial value. +// +// The following code is a simple demonstration of named variables: +// +// // Make an existing named variable (e.g. a builtin) available +// v0 <- CreateNamedVariable 'print', declarationMode: .none +// +// // Overwrite an existing named variable +// v1 <- CreateNamedVariable 'foo', declarationMode: .none +// v2 <- CallFunction v0, v1 +// v3 <- LoadString 'bar' +// Reassign v1, v3 +// +// // Declare a new named variable +// v4 <- CreateNamedVariable 'baz', declarationMode: .var, v1 +// v5 <- LoadString 'bla' +// Update v4 '+' v5 +// v5 <- CallFunction v0, v4 +// +// This will lift to JavaScript code similar to the following: +// +// print(foo); +// foo = "bar"; +// var baz = foo; +// baz += "bla"; +// print(baz); +// +public enum NamedVariableDeclarationMode : CaseIterable { + // The variable is assumed to already exist and therefore is not declared again. + // This is for example used for global variables and builtins, but also to support + // variable and function hoisting where an identifier is used before it is defined. + case none + // Declare the variable as global variable without any declaration keyword. + case global + // Declare the variable using the 'var' keyword. + case `var` + // Declare the variable using the 'let' keyword. + case `let` + // Declare the variable using the 'const' keyword. + case const +} + +final class CreateNamedVariable: JsOperation { + override var opcode: Opcode { .createNamedVariable(self) } + + let variableName: String + let declarationMode: NamedVariableDeclarationMode + + // Currently, all named variable declarations need an initial value. "undefined" can be + // used when no initial value is available, in which case the lifter will not emit an assignment. + // We could also consider allowing variable declarations without an initial value, however for + // both .global and .const declarations, we always need an initial value to produce valid code. + var hasInitialValue: Bool { + return declarationMode != .none + } + + init(_ name: String, declarationMode: NamedVariableDeclarationMode) { + self.variableName = name + self.declarationMode = declarationMode + super.init(numInputs: declarationMode == .none ? 0 : 1, numOutputs: 1, attributes: .isMutable) + } +} + final class LoadDisposableVariable: JsOperation { override var opcode: Opcode { .loadDisposableVariable(self) } @@ -926,17 +999,6 @@ final class CreateTemplateString: JsOperation { } } -final class LoadBuiltin: JsOperation { - override var opcode: Opcode { .loadBuiltin(self) } - - let builtinName: String - - init(builtinName: String) { - self.builtinName = builtinName - super.init(numOutputs: 1, attributes: .isMutable) - } -} - final class GetProperty: GuardableOperation { override var opcode: Opcode { .getProperty(self) } @@ -1667,48 +1729,6 @@ final class Compare: JsOperation { } } -// Named Variables. -// -// Named variables are used to cover global and `var` variables in JavaScript -// as well as to support variable hoisting. -// -// When a named variable is defined, it becomes a `var` variable in JavaScript. -// However, it is allowed to access (load/store) a named variable without -// defining it first, in which case the access becomes either a global variable -// access (if the variable isn't later defined) or a hoisted variable access. -final class LoadNamedVariable: JsOperation { - override var opcode: Opcode { .loadNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numOutputs: 1, attributes: .isMutable) - } -} - -final class StoreNamedVariable: JsOperation { - override var opcode: Opcode { .storeNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numInputs: 1, attributes: .isMutable) - } -} - -final class DefineNamedVariable: JsOperation { - override var opcode: Opcode { .defineNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numInputs: 1, attributes: .isMutable) - } -} - /// An operation that will be lifted to a given string. The string can use %@ placeholders which /// will be replaced by the expressions for the input variables during lifting. final class Eval: JsOperation { diff --git a/Sources/Fuzzilli/FuzzIL/Opcodes.swift b/Sources/Fuzzilli/FuzzIL/Opcodes.swift index 6728c943e..dff60c9e2 100644 --- a/Sources/Fuzzilli/FuzzIL/Opcodes.swift +++ b/Sources/Fuzzilli/FuzzIL/Opcodes.swift @@ -38,6 +38,7 @@ enum Opcode { case loadNull(LoadNull) case loadThis(LoadThis) case loadArguments(LoadArguments) + case createNamedVariable(CreateNamedVariable) case loadDisposableVariable(LoadDisposableVariable) case loadAsyncDisposableVariable(LoadAsyncDisposableVariable) case loadRegExp(LoadRegExp) @@ -91,7 +92,6 @@ enum Opcode { case createFloatArray(CreateFloatArray) case createArrayWithSpread(CreateArrayWithSpread) case createTemplateString(CreateTemplateString) - case loadBuiltin(LoadBuiltin) case getProperty(GetProperty) case setProperty(SetProperty) case updateProperty(UpdateProperty) @@ -148,9 +148,6 @@ enum Opcode { case destructObject(DestructObject) case destructObjectAndReassign(DestructObjectAndReassign) case compare(Compare) - case loadNamedVariable(LoadNamedVariable) - case storeNamedVariable(StoreNamedVariable) - case defineNamedVariable(DefineNamedVariable) case eval(Eval) case beginWith(BeginWith) case endWith(EndWith) diff --git a/Sources/Fuzzilli/FuzzIL/Semantics.swift b/Sources/Fuzzilli/FuzzIL/Semantics.swift index e8110e02c..c687289f1 100644 --- a/Sources/Fuzzilli/FuzzIL/Semantics.swift +++ b/Sources/Fuzzilli/FuzzIL/Semantics.swift @@ -118,8 +118,6 @@ extension Instruction { canFold = true case (.loadRegExp(let op1), .loadRegExp(let op2)): canFold = op1.pattern == op2.pattern && op1.flags == op2.flags - case (.loadBuiltin(let op1), .loadBuiltin(let op2)): - canFold = op1.builtinName == op2.builtinName default: assert(self.op.name != other.op.name || !isPure) } diff --git a/Sources/Fuzzilli/Fuzzer.swift b/Sources/Fuzzilli/Fuzzer.swift index d94a28e40..141cc088f 100644 --- a/Sources/Fuzzilli/Fuzzer.swift +++ b/Sources/Fuzzilli/Fuzzer.swift @@ -474,14 +474,11 @@ public class Fuzzer { for instr in program.code { var removeInstruction = false switch instr.op.opcode { - case .loadNamedVariable(let op): - if shouldRemoveUsesOf(op.variableName) { + case .createNamedVariable(let op): + if op.declarationMode == .none && shouldRemoveUsesOf(op.variableName) { removeInstruction = true variablesToReplaceWithDummy.insert(instr.output) } - case .loadBuiltin(let op): - // We expect builtins to always be available and don't want to filter them out. - assert(!shouldRemoveUsesOf(op.builtinName)) default: break } diff --git a/Sources/Fuzzilli/Lifting/FuzzILLifter.swift b/Sources/Fuzzilli/Lifting/FuzzILLifter.swift index 6410a79f4..f1b53c4a6 100644 --- a/Sources/Fuzzilli/Lifting/FuzzILLifter.swift +++ b/Sources/Fuzzilli/Lifting/FuzzILLifter.swift @@ -67,6 +67,9 @@ public class FuzzILLifter: Lifter { case .loadArguments: w.emit("\(output()) <- LoadArguments") + case .createNamedVariable(let op): + w.emit("\(output()) <- CreateNamedVariable '\(op.variableName)' declarationMode: \(op.declarationMode)") + case .loadDisposableVariable: w.emit("\(output()) <- LoadDisposableVariable \(input(0))") @@ -315,9 +318,6 @@ public class FuzzILLifter: Lifter { let values = instr.inputs.map(lift).joined(separator: ", ") w.emit("\(output()) <- CreateTemplateString [\(parts)], [\(values)]") - case .loadBuiltin(let op): - w.emit("\(output()) <- LoadBuiltin '\(op.builtinName)'") - case .getProperty(let op): let opcode = op.isGuarded ? "GetProperty (guarded)" : "GetProperty" w.emit("\(output()) <- \(opcode) \(input(0)), '\(op.propertyName)'") @@ -502,15 +502,6 @@ public class FuzzILLifter: Lifter { case .compare(let op): w.emit("\(output()) <- Compare \(input(0)), '\(op.op.token)', \(input(1))") - case .loadNamedVariable(let op): - w.emit("\(output()) <- LoadNamedVariable '\(op.variableName)'") - - case .storeNamedVariable(let op): - w.emit("StoreNamedVariable '\(op.variableName)' <- \(input(0))") - - case .defineNamedVariable(let op): - w.emit("DefineNamedVariable '\(op.variableName)' <- \(input(0))") - case .eval(let op): let args = instr.inputs.map(lift).joined(separator: ", ") if op.hasOutput { diff --git a/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift b/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift index 5b3beb509..160c53ecd 100644 --- a/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift +++ b/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift @@ -219,6 +219,36 @@ public class JavaScriptLifter: Lifter { case .loadArguments: w.assign(Identifier.new("arguments"), to: instr.output) + case .createNamedVariable(let op): + assert(op.declarationMode == .none || op.hasInitialValue) + if op.hasInitialValue { + switch op.declarationMode { + case .none: + fatalError("This declaration mode doesn't have an initial value") + case .global: + w.emit("\(op.variableName) = \(input(0));") + case .var: + // Small optimization: turn `var x = undefined;` into just `var x;` + let initialValue = input(0).text + if initialValue == "undefined" { + w.emit("var \(op.variableName);") + } else { + w.emit("var \(op.variableName) = \(initialValue);") + } + case .let: + // Small optimization: turn `let x = undefined;` into just `var x;` + let initialValue = input(0).text + if initialValue == "undefined" { + w.emit("let \(op.variableName);") + } else { + w.emit("let \(op.variableName) = \(initialValue);") + } + case .const: + w.emit("const \(op.variableName) = \(input(0));") + } + } + w.declare(instr.output, as: op.variableName) + case .loadDisposableVariable: let V = w.declare(instr.output); w.emit("using \(V) = \(input(0));"); @@ -541,9 +571,6 @@ public class JavaScriptLifter: Lifter { let expr = TemplateLiteral.new("\(escapeSequence)`" + parts.joined() + "\(escapeSequence)`") w.assign(expr, to: instr.output) - case .loadBuiltin(let op): - w.assign(Identifier.new(op.builtinName), to: instr.output) - case .getProperty(let op): let obj = input(0) let accessOperator = op.isGuarded ? "?." : "." @@ -893,19 +920,6 @@ public class JavaScriptLifter: Lifter { let expr = BinaryExpression.new() + lhs + " " + op.op.token + " " + rhs w.assign(expr, to: instr.output) - case .loadNamedVariable(let op): - w.assign(Identifier.new(op.variableName), to: instr.output) - - case .storeNamedVariable(let op): - let NAME = op.variableName - let VALUE = input(0) - w.emit("\(NAME) = \(VALUE);") - - case .defineNamedVariable(let op): - let NAME = op.variableName - let VALUE = input(0) - w.emit("var \(NAME) = \(VALUE);") - case .eval(let op): // Woraround until Strings implement the CVarArg protocol in the linux Foundation library... // TODO can make this permanent, but then use different placeholder pattern diff --git a/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift b/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift index c9effe3cd..2e5746a39 100644 --- a/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift +++ b/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift @@ -15,7 +15,7 @@ // Attempts deduplicate variables containing the same values. struct DeduplicatingReducer: Reducer { func reduce(with helper: MinimizationHelper) { - // Currently we only handle LoadBuiltin, but the code could easily be + // Currently we only handle CreateNamedVariable, but the code could easily be // extended to cover other types of values as well. // It's not obvious however which other values would benefit from this. // For example, for identical integer values it may be interesting to @@ -30,7 +30,7 @@ struct DeduplicatingReducer: Reducer { var deduplicatedVariables = VariableMap() var visibleBuiltins = Stack<[String]>([[]]) - var variableForBuiltin = [String: Variable]() + var variableForName = [String: Variable]() for instr in helper.code { // Instruction replacement. let oldInouts = Array(instr.inouts) @@ -42,7 +42,7 @@ struct DeduplicatingReducer: Reducer { // Scope management. if instr.isBlockEnd { for builtin in visibleBuiltins.pop() { - variableForBuiltin.removeValue(forKey: builtin) + variableForName.removeValue(forKey: builtin) } } if instr.isBlockStart { @@ -50,14 +50,17 @@ struct DeduplicatingReducer: Reducer { } // Value deduplication. - if let op = instr.op as? LoadBuiltin { - if let replacement = variableForBuiltin[op.builtinName] { - deduplicatedVariables[instr.output] = replacement - } else { - // Each builtin must only be present once (all other instances are replaced with the first one). - assert(visibleBuiltins.elementsStartingAtBottom().allSatisfy({ !$0.contains(op.builtinName) })) - visibleBuiltins.top.append(op.builtinName) - variableForBuiltin[op.builtinName] = instr.output + if case .createNamedVariable(let op) = instr.op.opcode { + // Only deduplicate accesses to existing variables, not newly declared variables (that would not be correct). + if op.declarationMode == .none { + if let replacement = variableForName[op.variableName] { + deduplicatedVariables[instr.output] = replacement + } else { + // Each builtin must only be present once (all other instances are replaced with the first one). + assert(visibleBuiltins.elementsStartingAtBottom().allSatisfy({ !$0.contains(op.variableName) })) + visibleBuiltins.top.append(op.variableName) + variableForName[op.variableName] = instr.output + } } } } diff --git a/Sources/Fuzzilli/Mutators/OperationMutator.swift b/Sources/Fuzzilli/Mutators/OperationMutator.swift index 0550b4cf4..5ded20806 100644 --- a/Sources/Fuzzilli/Mutators/OperationMutator.swift +++ b/Sources/Fuzzilli/Mutators/OperationMutator.swift @@ -67,8 +67,6 @@ public class OperationMutator: BaseInstructionMutator { var newParts = op.parts replaceRandomElement(in: &newParts, generatingRandomValuesWith: { return b.randomString() }) newOp = CreateTemplateString(parts: newParts) - case .loadBuiltin(_): - newOp = LoadBuiltin(builtinName: b.randomBuiltin()) case .objectLiteralAddProperty: newOp = ObjectLiteralAddProperty(propertyName: b.randomPropertyName()) case .objectLiteralAddElement: @@ -209,13 +207,9 @@ public class OperationMutator: BaseInstructionMutator { newOp = DestructObjectAndReassign(properties: newProperties.sorted(), hasRestElement: !op.hasRestElement) case .compare(_): newOp = Compare(chooseUniform(from: Comparator.allCases)) - case .loadNamedVariable: + case .createNamedVariable(let op): // We just use property names as variable names here. It's not clear if there's a better alternative and this also works well with `with` statements. - newOp = LoadNamedVariable(b.randomPropertyName()) - case .storeNamedVariable: - newOp = StoreNamedVariable(b.randomPropertyName()) - case .defineNamedVariable: - newOp = DefineNamedVariable(b.randomPropertyName()) + newOp = CreateNamedVariable(b.randomPropertyName(), declarationMode: op.declarationMode) case .callSuperMethod(let op): let methodName = b.currentSuperType().randomMethod() ?? b.randomMethodName() newOp = CallSuperMethod(methodName: methodName, numArguments: op.numArguments) diff --git a/Sources/Fuzzilli/Mutators/ProbingMutator.swift b/Sources/Fuzzilli/Mutators/ProbingMutator.swift index 09fbccc2d..05ca58667 100644 --- a/Sources/Fuzzilli/Mutators/ProbingMutator.swift +++ b/Sources/Fuzzilli/Mutators/ProbingMutator.swift @@ -213,7 +213,7 @@ public class ProbingMutator: RuntimeAssistedMutator { case .element(let index): b.setElement(index, of: obj, to: value) case .symbol(let desc): - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let symbol = b.getProperty(extractSymbolNameFromDescription(desc), of: Symbol) b.setComputedProperty(symbol, of: obj, to: value) } @@ -258,7 +258,7 @@ public class ProbingMutator: RuntimeAssistedMutator { case .element(let index): b.configureElement(index, of: obj, usingFlags: PropertyFlags.random(), as: config) case .symbol(let desc): - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let symbol = b.getProperty(extractSymbolNameFromDescription(desc), of: Symbol) b.configureComputedProperty(symbol, of: obj, usingFlags: PropertyFlags.random(), as: config) } diff --git a/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift b/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift index b0f6422a6..7f323b01c 100644 --- a/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift +++ b/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift @@ -250,7 +250,7 @@ extension RuntimeAssistedMutator.Action.Input { } else { // TODO consider changing loadBigInt to use a string instead let s = b.loadString(value) - let BigInt = b.loadBuiltin("BigInt") + let BigInt = b.createNamedVariable(forBuiltin: "BigInt") return b.callFunction(BigInt, withArgs: [s]) } case .string(let value): @@ -415,17 +415,17 @@ extension RuntimeAssistedMutator.Action { case .TestIsNaN: assert(!isGuarded) let v = try translateInput(0) - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") b.callMethod("isNaN", on: Number, withArgs: [v]) case .TestIsFinite: assert(!isGuarded) let v = try translateInput(0) - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") b.callMethod("isFinite", on: Number, withArgs: [v]) case .SymbolRegistration: assert(!isGuarded) let s = try translateInput(0) - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let description = b.getProperty("description", of: s) b.callMethod("for", on: Symbol, withArgs: [description]) } diff --git a/Sources/Fuzzilli/Protobuf/operations.pb.swift b/Sources/Fuzzilli/Protobuf/operations.pb.swift index 6bba74b5e..55f4fa448 100644 --- a/Sources/Fuzzilli/Protobuf/operations.pb.swift +++ b/Sources/Fuzzilli/Protobuf/operations.pb.swift @@ -274,6 +274,48 @@ public enum Fuzzilli_Protobuf_Comparator: SwiftProtobuf.Enum, Swift.CaseIterable } +public enum Fuzzilli_Protobuf_NamedVariableDeclarationMode: SwiftProtobuf.Enum, Swift.CaseIterable { + public typealias RawValue = Int + case none // = 0 + case global // = 1 + case `var` // = 2 + case `let` // = 3 + case UNRECOGNIZED(Int) + + public init() { + self = .none + } + + public init?(rawValue: Int) { + switch rawValue { + case 0: self = .none + case 1: self = .global + case 2: self = .var + case 3: self = .let + default: self = .UNRECOGNIZED(rawValue) + } + } + + public var rawValue: Int { + switch self { + case .none: return 0 + case .global: return 1 + case .var: return 2 + case .let: return 3 + case .UNRECOGNIZED(let i): return i + } + } + + // The compiler won't synthesize support with the UNRECOGNIZED case. + public static let allCases: [Fuzzilli_Protobuf_NamedVariableDeclarationMode] = [ + .none, + .global, + .var, + .let, + ] + +} + /// Parameters used by function definitions, not an operation by itself. public struct Fuzzilli_Protobuf_Parameters: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the @@ -1064,18 +1106,6 @@ public struct Fuzzilli_Protobuf_CreateArrayWithSpread: Sendable { public init() {} } -public struct Fuzzilli_Protobuf_LoadBuiltin: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var builtinName: String = String() - - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - public struct Fuzzilli_Protobuf_GetProperty: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for @@ -1839,36 +1869,14 @@ public struct Fuzzilli_Protobuf_Compare: Sendable { public init() {} } -public struct Fuzzilli_Protobuf_LoadNamedVariable: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var variableName: String = String() - - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - -public struct Fuzzilli_Protobuf_StoreNamedVariable: Sendable { +public struct Fuzzilli_Protobuf_CreateNamedVariable: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var variableName: String = String() - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - -public struct Fuzzilli_Protobuf_DefineNamedVariable: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var variableName: String = String() + public var declarationMode: Fuzzilli_Protobuf_NamedVariableDeclarationMode = .none public var unknownFields = SwiftProtobuf.UnknownStorage() @@ -2575,6 +2583,15 @@ extension Fuzzilli_Protobuf_Comparator: SwiftProtobuf._ProtoNameProviding { ] } +extension Fuzzilli_Protobuf_NamedVariableDeclarationMode: SwiftProtobuf._ProtoNameProviding { + public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ + 0: .same(proto: "NONE"), + 1: .same(proto: "GLOBAL"), + 2: .same(proto: "VAR"), + 3: .same(proto: "LET"), + ] +} + extension Fuzzilli_Protobuf_Parameters: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".Parameters" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ @@ -4333,38 +4350,6 @@ extension Fuzzilli_Protobuf_CreateArrayWithSpread: SwiftProtobuf.Message, SwiftP } } -extension Fuzzilli_Protobuf_LoadBuiltin: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".LoadBuiltin" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "builtinName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.builtinName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.builtinName.isEmpty { - try visitor.visitSingularStringField(value: self.builtinName, fieldNumber: 1) - } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_LoadBuiltin, rhs: Fuzzilli_Protobuf_LoadBuiltin) -> Bool { - if lhs.builtinName != rhs.builtinName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - extension Fuzzilli_Protobuf_GetProperty: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".GetProperty" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ @@ -6136,10 +6121,11 @@ extension Fuzzilli_Protobuf_Compare: SwiftProtobuf.Message, SwiftProtobuf._Messa } } -extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".LoadNamedVariable" +extension Fuzzilli_Protobuf_CreateNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { + public static let protoMessageName: String = _protobuf_package + ".CreateNamedVariable" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "variableName"), + 2: .same(proto: "declarationMode"), ] public mutating func decodeMessage(decoder: inout D) throws { @@ -6149,6 +6135,7 @@ extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProto // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() + case 2: try { try decoder.decodeSingularEnumField(value: &self.declarationMode) }() default: break } } @@ -6158,75 +6145,15 @@ extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProto if !self.variableName.isEmpty { try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_LoadNamedVariable, rhs: Fuzzilli_Protobuf_LoadNamedVariable) -> Bool { - if lhs.variableName != rhs.variableName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - -extension Fuzzilli_Protobuf_StoreNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".StoreNamedVariable" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "variableName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.variableName.isEmpty { - try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) - } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_StoreNamedVariable, rhs: Fuzzilli_Protobuf_StoreNamedVariable) -> Bool { - if lhs.variableName != rhs.variableName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - -extension Fuzzilli_Protobuf_DefineNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".DefineNamedVariable" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "variableName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.variableName.isEmpty { - try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) + if self.declarationMode != .none { + try visitor.visitSingularEnumField(value: self.declarationMode, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } - public static func ==(lhs: Fuzzilli_Protobuf_DefineNamedVariable, rhs: Fuzzilli_Protobuf_DefineNamedVariable) -> Bool { + public static func ==(lhs: Fuzzilli_Protobuf_CreateNamedVariable, rhs: Fuzzilli_Protobuf_CreateNamedVariable) -> Bool { if lhs.variableName != rhs.variableName {return false} + if lhs.declarationMode != rhs.declarationMode {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } diff --git a/Sources/Fuzzilli/Protobuf/operations.proto b/Sources/Fuzzilli/Protobuf/operations.proto index 770d5b3aa..e92429e41 100644 --- a/Sources/Fuzzilli/Protobuf/operations.proto +++ b/Sources/Fuzzilli/Protobuf/operations.proto @@ -253,10 +253,6 @@ message CreateArrayWithSpread { repeated bool spreads = 1; } -message LoadBuiltin { - string builtinName = 1; -} - message GetProperty { string propertyName = 1; bool isGuarded = 2; @@ -541,16 +537,16 @@ message Compare { Comparator op = 1; } -message LoadNamedVariable { - string variableName = 1; -} - -message StoreNamedVariable { - string variableName = 1; +enum NamedVariableDeclarationMode { + NONE = 0; + GLOBAL = 1; + VAR = 2; + LET = 3; } -message DefineNamedVariable { +message CreateNamedVariable { string variableName = 1; + NamedVariableDeclarationMode declarationMode = 2; } message Eval { diff --git a/Sources/Fuzzilli/Protobuf/program.pb.swift b/Sources/Fuzzilli/Protobuf/program.pb.swift index 0220d3f9c..030535f48 100644 --- a/Sources/Fuzzilli/Protobuf/program.pb.swift +++ b/Sources/Fuzzilli/Protobuf/program.pb.swift @@ -137,6 +137,14 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .loadArguments(newValue)} } + public var createNamedVariable: Fuzzilli_Protobuf_CreateNamedVariable { + get { + if case .createNamedVariable(let v)? = operation {return v} + return Fuzzilli_Protobuf_CreateNamedVariable() + } + set {operation = .createNamedVariable(newValue)} + } + public var loadDisposableVariable: Fuzzilli_Protobuf_LoadDisposableVariable { get { if case .loadDisposableVariable(let v)? = operation {return v} @@ -561,14 +569,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .createTemplateString(newValue)} } - public var loadBuiltin: Fuzzilli_Protobuf_LoadBuiltin { - get { - if case .loadBuiltin(let v)? = operation {return v} - return Fuzzilli_Protobuf_LoadBuiltin() - } - set {operation = .loadBuiltin(newValue)} - } - public var getProperty: Fuzzilli_Protobuf_GetProperty { get { if case .getProperty(let v)? = operation {return v} @@ -1017,30 +1017,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .compare(newValue)} } - public var loadNamedVariable: Fuzzilli_Protobuf_LoadNamedVariable { - get { - if case .loadNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_LoadNamedVariable() - } - set {operation = .loadNamedVariable(newValue)} - } - - public var storeNamedVariable: Fuzzilli_Protobuf_StoreNamedVariable { - get { - if case .storeNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_StoreNamedVariable() - } - set {operation = .storeNamedVariable(newValue)} - } - - public var defineNamedVariable: Fuzzilli_Protobuf_DefineNamedVariable { - get { - if case .defineNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_DefineNamedVariable() - } - set {operation = .defineNamedVariable(newValue)} - } - public var eval: Fuzzilli_Protobuf_Eval { get { if case .eval(let v)? = operation {return v} @@ -1511,6 +1487,7 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case loadNull(Fuzzilli_Protobuf_LoadNull) case loadThis(Fuzzilli_Protobuf_LoadThis) case loadArguments(Fuzzilli_Protobuf_LoadArguments) + case createNamedVariable(Fuzzilli_Protobuf_CreateNamedVariable) case loadDisposableVariable(Fuzzilli_Protobuf_LoadDisposableVariable) case loadAsyncDisposableVariable(Fuzzilli_Protobuf_LoadAsyncDisposableVariable) case loadRegExp(Fuzzilli_Protobuf_LoadRegExp) @@ -1564,7 +1541,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case createFloatArray(Fuzzilli_Protobuf_CreateFloatArray) case createArrayWithSpread(Fuzzilli_Protobuf_CreateArrayWithSpread) case createTemplateString(Fuzzilli_Protobuf_CreateTemplateString) - case loadBuiltin(Fuzzilli_Protobuf_LoadBuiltin) case getProperty(Fuzzilli_Protobuf_GetProperty) case setProperty(Fuzzilli_Protobuf_SetProperty) case updateProperty(Fuzzilli_Protobuf_UpdateProperty) @@ -1621,9 +1597,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case destructObject(Fuzzilli_Protobuf_DestructObject) case destructObjectAndReassign(Fuzzilli_Protobuf_DestructObjectAndReassign) case compare(Fuzzilli_Protobuf_Compare) - case loadNamedVariable(Fuzzilli_Protobuf_LoadNamedVariable) - case storeNamedVariable(Fuzzilli_Protobuf_StoreNamedVariable) - case defineNamedVariable(Fuzzilli_Protobuf_DefineNamedVariable) case eval(Fuzzilli_Protobuf_Eval) case beginWith(Fuzzilli_Protobuf_BeginWith) case endWith(Fuzzilli_Protobuf_EndWith) @@ -1742,60 +1715,60 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M 10: .same(proto: "loadNull"), 11: .same(proto: "loadThis"), 12: .same(proto: "loadArguments"), - 13: .same(proto: "loadDisposableVariable"), - 14: .same(proto: "loadAsyncDisposableVariable"), - 15: .same(proto: "loadRegExp"), - 16: .same(proto: "beginObjectLiteral"), - 17: .same(proto: "objectLiteralAddProperty"), - 18: .same(proto: "objectLiteralAddElement"), - 19: .same(proto: "objectLiteralAddComputedProperty"), - 20: .same(proto: "objectLiteralCopyProperties"), - 21: .same(proto: "objectLiteralSetPrototype"), - 22: .same(proto: "beginObjectLiteralMethod"), - 23: .same(proto: "endObjectLiteralMethod"), - 24: .same(proto: "beginObjectLiteralComputedMethod"), - 25: .same(proto: "endObjectLiteralComputedMethod"), - 26: .same(proto: "beginObjectLiteralGetter"), - 27: .same(proto: "endObjectLiteralGetter"), - 28: .same(proto: "beginObjectLiteralSetter"), - 29: .same(proto: "endObjectLiteralSetter"), - 30: .same(proto: "endObjectLiteral"), - 31: .same(proto: "beginClassDefinition"), - 32: .same(proto: "beginClassConstructor"), - 33: .same(proto: "endClassConstructor"), - 34: .same(proto: "classAddInstanceProperty"), - 35: .same(proto: "classAddInstanceElement"), - 36: .same(proto: "classAddInstanceComputedProperty"), - 37: .same(proto: "beginClassInstanceMethod"), - 38: .same(proto: "endClassInstanceMethod"), - 39: .same(proto: "beginClassInstanceGetter"), - 40: .same(proto: "endClassInstanceGetter"), - 41: .same(proto: "beginClassInstanceSetter"), - 42: .same(proto: "endClassInstanceSetter"), - 43: .same(proto: "classAddStaticProperty"), - 44: .same(proto: "classAddStaticElement"), - 45: .same(proto: "classAddStaticComputedProperty"), - 46: .same(proto: "beginClassStaticInitializer"), - 47: .same(proto: "endClassStaticInitializer"), - 48: .same(proto: "beginClassStaticMethod"), - 49: .same(proto: "endClassStaticMethod"), - 50: .same(proto: "beginClassStaticGetter"), - 51: .same(proto: "endClassStaticGetter"), - 52: .same(proto: "beginClassStaticSetter"), - 53: .same(proto: "endClassStaticSetter"), - 54: .same(proto: "classAddPrivateInstanceProperty"), - 55: .same(proto: "beginClassPrivateInstanceMethod"), - 56: .same(proto: "endClassPrivateInstanceMethod"), - 57: .same(proto: "classAddPrivateStaticProperty"), - 58: .same(proto: "beginClassPrivateStaticMethod"), - 59: .same(proto: "endClassPrivateStaticMethod"), - 60: .same(proto: "endClassDefinition"), - 61: .same(proto: "createArray"), - 62: .same(proto: "createIntArray"), - 63: .same(proto: "createFloatArray"), - 64: .same(proto: "createArrayWithSpread"), - 65: .same(proto: "createTemplateString"), - 66: .same(proto: "loadBuiltin"), + 13: .same(proto: "createNamedVariable"), + 14: .same(proto: "loadDisposableVariable"), + 15: .same(proto: "loadAsyncDisposableVariable"), + 16: .same(proto: "loadRegExp"), + 17: .same(proto: "beginObjectLiteral"), + 18: .same(proto: "objectLiteralAddProperty"), + 19: .same(proto: "objectLiteralAddElement"), + 20: .same(proto: "objectLiteralAddComputedProperty"), + 21: .same(proto: "objectLiteralCopyProperties"), + 22: .same(proto: "objectLiteralSetPrototype"), + 23: .same(proto: "beginObjectLiteralMethod"), + 24: .same(proto: "endObjectLiteralMethod"), + 25: .same(proto: "beginObjectLiteralComputedMethod"), + 26: .same(proto: "endObjectLiteralComputedMethod"), + 27: .same(proto: "beginObjectLiteralGetter"), + 28: .same(proto: "endObjectLiteralGetter"), + 29: .same(proto: "beginObjectLiteralSetter"), + 30: .same(proto: "endObjectLiteralSetter"), + 31: .same(proto: "endObjectLiteral"), + 32: .same(proto: "beginClassDefinition"), + 33: .same(proto: "beginClassConstructor"), + 34: .same(proto: "endClassConstructor"), + 35: .same(proto: "classAddInstanceProperty"), + 36: .same(proto: "classAddInstanceElement"), + 37: .same(proto: "classAddInstanceComputedProperty"), + 38: .same(proto: "beginClassInstanceMethod"), + 39: .same(proto: "endClassInstanceMethod"), + 40: .same(proto: "beginClassInstanceGetter"), + 41: .same(proto: "endClassInstanceGetter"), + 42: .same(proto: "beginClassInstanceSetter"), + 43: .same(proto: "endClassInstanceSetter"), + 44: .same(proto: "classAddStaticProperty"), + 45: .same(proto: "classAddStaticElement"), + 46: .same(proto: "classAddStaticComputedProperty"), + 47: .same(proto: "beginClassStaticInitializer"), + 48: .same(proto: "endClassStaticInitializer"), + 49: .same(proto: "beginClassStaticMethod"), + 50: .same(proto: "endClassStaticMethod"), + 51: .same(proto: "beginClassStaticGetter"), + 52: .same(proto: "endClassStaticGetter"), + 53: .same(proto: "beginClassStaticSetter"), + 54: .same(proto: "endClassStaticSetter"), + 55: .same(proto: "classAddPrivateInstanceProperty"), + 56: .same(proto: "beginClassPrivateInstanceMethod"), + 57: .same(proto: "endClassPrivateInstanceMethod"), + 58: .same(proto: "classAddPrivateStaticProperty"), + 59: .same(proto: "beginClassPrivateStaticMethod"), + 60: .same(proto: "endClassPrivateStaticMethod"), + 61: .same(proto: "endClassDefinition"), + 62: .same(proto: "createArray"), + 63: .same(proto: "createIntArray"), + 64: .same(proto: "createFloatArray"), + 65: .same(proto: "createArrayWithSpread"), + 66: .same(proto: "createTemplateString"), 67: .same(proto: "getProperty"), 68: .same(proto: "setProperty"), 69: .same(proto: "updateProperty"), @@ -1852,66 +1825,63 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M 120: .same(proto: "destructObject"), 121: .same(proto: "destructObjectAndReassign"), 122: .same(proto: "compare"), - 123: .same(proto: "loadNamedVariable"), - 124: .same(proto: "storeNamedVariable"), - 125: .same(proto: "defineNamedVariable"), - 126: .same(proto: "eval"), - 127: .same(proto: "beginWith"), - 128: .same(proto: "endWith"), - 129: .same(proto: "callSuperConstructor"), - 130: .same(proto: "callSuperMethod"), - 131: .same(proto: "getPrivateProperty"), - 132: .same(proto: "setPrivateProperty"), - 133: .same(proto: "updatePrivateProperty"), - 134: .same(proto: "callPrivateMethod"), - 135: .same(proto: "getSuperProperty"), - 136: .same(proto: "setSuperProperty"), - 137: .same(proto: "getComputedSuperProperty"), - 138: .same(proto: "setComputedSuperProperty"), - 139: .same(proto: "updateSuperProperty"), - 140: .same(proto: "beginIf"), - 141: .same(proto: "beginElse"), - 142: .same(proto: "endIf"), - 143: .same(proto: "beginWhileLoopHeader"), - 144: .same(proto: "beginWhileLoopBody"), - 145: .same(proto: "endWhileLoop"), - 146: .same(proto: "beginDoWhileLoopBody"), - 147: .same(proto: "beginDoWhileLoopHeader"), - 148: .same(proto: "endDoWhileLoop"), - 149: .same(proto: "beginForLoopInitializer"), - 150: .same(proto: "beginForLoopCondition"), - 151: .same(proto: "beginForLoopAfterthought"), - 152: .same(proto: "beginForLoopBody"), - 153: .same(proto: "endForLoop"), - 154: .same(proto: "beginForInLoop"), - 155: .same(proto: "endForInLoop"), - 156: .same(proto: "beginForOfLoop"), - 157: .same(proto: "beginForOfLoopWithDestruct"), - 158: .same(proto: "endForOfLoop"), - 159: .same(proto: "beginRepeatLoop"), - 160: .same(proto: "endRepeatLoop"), - 161: .same(proto: "loopBreak"), - 162: .same(proto: "loopContinue"), - 163: .same(proto: "beginTry"), - 164: .same(proto: "beginCatch"), - 165: .same(proto: "beginFinally"), - 166: .same(proto: "endTryCatchFinally"), - 167: .same(proto: "throwException"), - 168: .same(proto: "beginCodeString"), - 169: .same(proto: "endCodeString"), - 170: .same(proto: "beginBlockStatement"), - 171: .same(proto: "endBlockStatement"), - 172: .same(proto: "beginSwitch"), - 173: .same(proto: "beginSwitchCase"), - 174: .same(proto: "beginSwitchDefaultCase"), - 175: .same(proto: "endSwitchCase"), - 176: .same(proto: "endSwitch"), - 177: .same(proto: "switchBreak"), - 178: .same(proto: "loadNewTarget"), - 179: .same(proto: "print"), - 180: .same(proto: "explore"), - 181: .same(proto: "probe"), - 182: .same(proto: "fixup"), + 123: .same(proto: "eval"), + 124: .same(proto: "beginWith"), + 125: .same(proto: "endWith"), + 126: .same(proto: "callSuperConstructor"), + 127: .same(proto: "callSuperMethod"), + 128: .same(proto: "getPrivateProperty"), + 129: .same(proto: "setPrivateProperty"), + 130: .same(proto: "updatePrivateProperty"), + 131: .same(proto: "callPrivateMethod"), + 132: .same(proto: "getSuperProperty"), + 133: .same(proto: "setSuperProperty"), + 134: .same(proto: "getComputedSuperProperty"), + 135: .same(proto: "setComputedSuperProperty"), + 136: .same(proto: "updateSuperProperty"), + 137: .same(proto: "beginIf"), + 138: .same(proto: "beginElse"), + 139: .same(proto: "endIf"), + 140: .same(proto: "beginWhileLoopHeader"), + 141: .same(proto: "beginWhileLoopBody"), + 142: .same(proto: "endWhileLoop"), + 143: .same(proto: "beginDoWhileLoopBody"), + 144: .same(proto: "beginDoWhileLoopHeader"), + 145: .same(proto: "endDoWhileLoop"), + 146: .same(proto: "beginForLoopInitializer"), + 147: .same(proto: "beginForLoopCondition"), + 148: .same(proto: "beginForLoopAfterthought"), + 149: .same(proto: "beginForLoopBody"), + 150: .same(proto: "endForLoop"), + 151: .same(proto: "beginForInLoop"), + 152: .same(proto: "endForInLoop"), + 153: .same(proto: "beginForOfLoop"), + 154: .same(proto: "beginForOfLoopWithDestruct"), + 155: .same(proto: "endForOfLoop"), + 156: .same(proto: "beginRepeatLoop"), + 157: .same(proto: "endRepeatLoop"), + 158: .same(proto: "loopBreak"), + 159: .same(proto: "loopContinue"), + 160: .same(proto: "beginTry"), + 161: .same(proto: "beginCatch"), + 162: .same(proto: "beginFinally"), + 163: .same(proto: "endTryCatchFinally"), + 164: .same(proto: "throwException"), + 165: .same(proto: "beginCodeString"), + 166: .same(proto: "endCodeString"), + 167: .same(proto: "beginBlockStatement"), + 168: .same(proto: "endBlockStatement"), + 169: .same(proto: "beginSwitch"), + 170: .same(proto: "beginSwitchCase"), + 171: .same(proto: "beginSwitchDefaultCase"), + 172: .same(proto: "endSwitchCase"), + 173: .same(proto: "endSwitch"), + 174: .same(proto: "switchBreak"), + 175: .same(proto: "loadNewTarget"), + 176: .same(proto: "print"), + 177: .same(proto: "explore"), + 178: .same(proto: "probe"), + 179: .same(proto: "fixup"), ] public mutating func decodeMessage(decoder: inout D) throws { @@ -2060,6 +2030,19 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M } }() case 13: try { + var v: Fuzzilli_Protobuf_CreateNamedVariable? + var hadOneofValue = false + if let current = self.operation { + hadOneofValue = true + if case .createNamedVariable(let m) = current {v = m} + } + try decoder.decodeSingularMessageField(value: &v) + if let v = v { + if hadOneofValue {try decoder.handleConflictingOneOf()} + self.operation = .createNamedVariable(v) + } + }() + case 14: try { var v: Fuzzilli_Protobuf_LoadDisposableVariable? var hadOneofValue = false if let current = self.operation { @@ -2072,7 +2055,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadDisposableVariable(v) } }() - case 14: try { + case 15: try { var v: Fuzzilli_Protobuf_LoadAsyncDisposableVariable? var hadOneofValue = false if let current = self.operation { @@ -2085,7 +2068,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadAsyncDisposableVariable(v) } }() - case 15: try { + case 16: try { var v: Fuzzilli_Protobuf_LoadRegExp? var hadOneofValue = false if let current = self.operation { @@ -2098,7 +2081,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadRegExp(v) } }() - case 16: try { + case 17: try { var v: Fuzzilli_Protobuf_BeginObjectLiteral? var hadOneofValue = false if let current = self.operation { @@ -2111,7 +2094,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteral(v) } }() - case 17: try { + case 18: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddProperty? var hadOneofValue = false if let current = self.operation { @@ -2124,7 +2107,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddProperty(v) } }() - case 18: try { + case 19: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddElement? var hadOneofValue = false if let current = self.operation { @@ -2137,7 +2120,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddElement(v) } }() - case 19: try { + case 20: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2150,7 +2133,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddComputedProperty(v) } }() - case 20: try { + case 21: try { var v: Fuzzilli_Protobuf_ObjectLiteralCopyProperties? var hadOneofValue = false if let current = self.operation { @@ -2163,7 +2146,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralCopyProperties(v) } }() - case 21: try { + case 22: try { var v: Fuzzilli_Protobuf_ObjectLiteralSetPrototype? var hadOneofValue = false if let current = self.operation { @@ -2176,7 +2159,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralSetPrototype(v) } }() - case 22: try { + case 23: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralMethod? var hadOneofValue = false if let current = self.operation { @@ -2189,7 +2172,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralMethod(v) } }() - case 23: try { + case 24: try { var v: Fuzzilli_Protobuf_EndObjectLiteralMethod? var hadOneofValue = false if let current = self.operation { @@ -2202,7 +2185,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralMethod(v) } }() - case 24: try { + case 25: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralComputedMethod? var hadOneofValue = false if let current = self.operation { @@ -2215,7 +2198,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralComputedMethod(v) } }() - case 25: try { + case 26: try { var v: Fuzzilli_Protobuf_EndObjectLiteralComputedMethod? var hadOneofValue = false if let current = self.operation { @@ -2228,7 +2211,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralComputedMethod(v) } }() - case 26: try { + case 27: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralGetter? var hadOneofValue = false if let current = self.operation { @@ -2241,7 +2224,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralGetter(v) } }() - case 27: try { + case 28: try { var v: Fuzzilli_Protobuf_EndObjectLiteralGetter? var hadOneofValue = false if let current = self.operation { @@ -2254,7 +2237,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralGetter(v) } }() - case 28: try { + case 29: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralSetter? var hadOneofValue = false if let current = self.operation { @@ -2267,7 +2250,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralSetter(v) } }() - case 29: try { + case 30: try { var v: Fuzzilli_Protobuf_EndObjectLiteralSetter? var hadOneofValue = false if let current = self.operation { @@ -2280,7 +2263,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralSetter(v) } }() - case 30: try { + case 31: try { var v: Fuzzilli_Protobuf_EndObjectLiteral? var hadOneofValue = false if let current = self.operation { @@ -2293,7 +2276,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteral(v) } }() - case 31: try { + case 32: try { var v: Fuzzilli_Protobuf_BeginClassDefinition? var hadOneofValue = false if let current = self.operation { @@ -2306,7 +2289,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassDefinition(v) } }() - case 32: try { + case 33: try { var v: Fuzzilli_Protobuf_BeginClassConstructor? var hadOneofValue = false if let current = self.operation { @@ -2319,7 +2302,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassConstructor(v) } }() - case 33: try { + case 34: try { var v: Fuzzilli_Protobuf_EndClassConstructor? var hadOneofValue = false if let current = self.operation { @@ -2332,7 +2315,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassConstructor(v) } }() - case 34: try { + case 35: try { var v: Fuzzilli_Protobuf_ClassAddInstanceProperty? var hadOneofValue = false if let current = self.operation { @@ -2345,7 +2328,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceProperty(v) } }() - case 35: try { + case 36: try { var v: Fuzzilli_Protobuf_ClassAddInstanceElement? var hadOneofValue = false if let current = self.operation { @@ -2358,7 +2341,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceElement(v) } }() - case 36: try { + case 37: try { var v: Fuzzilli_Protobuf_ClassAddInstanceComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2371,7 +2354,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceComputedProperty(v) } }() - case 37: try { + case 38: try { var v: Fuzzilli_Protobuf_BeginClassInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2384,7 +2367,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceMethod(v) } }() - case 38: try { + case 39: try { var v: Fuzzilli_Protobuf_EndClassInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2397,7 +2380,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceMethod(v) } }() - case 39: try { + case 40: try { var v: Fuzzilli_Protobuf_BeginClassInstanceGetter? var hadOneofValue = false if let current = self.operation { @@ -2410,7 +2393,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceGetter(v) } }() - case 40: try { + case 41: try { var v: Fuzzilli_Protobuf_EndClassInstanceGetter? var hadOneofValue = false if let current = self.operation { @@ -2423,7 +2406,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceGetter(v) } }() - case 41: try { + case 42: try { var v: Fuzzilli_Protobuf_BeginClassInstanceSetter? var hadOneofValue = false if let current = self.operation { @@ -2436,7 +2419,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceSetter(v) } }() - case 42: try { + case 43: try { var v: Fuzzilli_Protobuf_EndClassInstanceSetter? var hadOneofValue = false if let current = self.operation { @@ -2449,7 +2432,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceSetter(v) } }() - case 43: try { + case 44: try { var v: Fuzzilli_Protobuf_ClassAddStaticProperty? var hadOneofValue = false if let current = self.operation { @@ -2462,7 +2445,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticProperty(v) } }() - case 44: try { + case 45: try { var v: Fuzzilli_Protobuf_ClassAddStaticElement? var hadOneofValue = false if let current = self.operation { @@ -2475,7 +2458,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticElement(v) } }() - case 45: try { + case 46: try { var v: Fuzzilli_Protobuf_ClassAddStaticComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2488,7 +2471,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticComputedProperty(v) } }() - case 46: try { + case 47: try { var v: Fuzzilli_Protobuf_BeginClassStaticInitializer? var hadOneofValue = false if let current = self.operation { @@ -2501,7 +2484,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticInitializer(v) } }() - case 47: try { + case 48: try { var v: Fuzzilli_Protobuf_EndClassStaticInitializer? var hadOneofValue = false if let current = self.operation { @@ -2514,7 +2497,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticInitializer(v) } }() - case 48: try { + case 49: try { var v: Fuzzilli_Protobuf_BeginClassStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2527,7 +2510,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticMethod(v) } }() - case 49: try { + case 50: try { var v: Fuzzilli_Protobuf_EndClassStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2540,7 +2523,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticMethod(v) } }() - case 50: try { + case 51: try { var v: Fuzzilli_Protobuf_BeginClassStaticGetter? var hadOneofValue = false if let current = self.operation { @@ -2553,7 +2536,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticGetter(v) } }() - case 51: try { + case 52: try { var v: Fuzzilli_Protobuf_EndClassStaticGetter? var hadOneofValue = false if let current = self.operation { @@ -2566,7 +2549,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticGetter(v) } }() - case 52: try { + case 53: try { var v: Fuzzilli_Protobuf_BeginClassStaticSetter? var hadOneofValue = false if let current = self.operation { @@ -2579,7 +2562,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticSetter(v) } }() - case 53: try { + case 54: try { var v: Fuzzilli_Protobuf_EndClassStaticSetter? var hadOneofValue = false if let current = self.operation { @@ -2592,7 +2575,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticSetter(v) } }() - case 54: try { + case 55: try { var v: Fuzzilli_Protobuf_ClassAddPrivateInstanceProperty? var hadOneofValue = false if let current = self.operation { @@ -2605,7 +2588,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddPrivateInstanceProperty(v) } }() - case 55: try { + case 56: try { var v: Fuzzilli_Protobuf_BeginClassPrivateInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2618,7 +2601,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassPrivateInstanceMethod(v) } }() - case 56: try { + case 57: try { var v: Fuzzilli_Protobuf_EndClassPrivateInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2631,7 +2614,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassPrivateInstanceMethod(v) } }() - case 57: try { + case 58: try { var v: Fuzzilli_Protobuf_ClassAddPrivateStaticProperty? var hadOneofValue = false if let current = self.operation { @@ -2644,7 +2627,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddPrivateStaticProperty(v) } }() - case 58: try { + case 59: try { var v: Fuzzilli_Protobuf_BeginClassPrivateStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2657,7 +2640,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassPrivateStaticMethod(v) } }() - case 59: try { + case 60: try { var v: Fuzzilli_Protobuf_EndClassPrivateStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2670,7 +2653,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassPrivateStaticMethod(v) } }() - case 60: try { + case 61: try { var v: Fuzzilli_Protobuf_EndClassDefinition? var hadOneofValue = false if let current = self.operation { @@ -2683,7 +2666,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassDefinition(v) } }() - case 61: try { + case 62: try { var v: Fuzzilli_Protobuf_CreateArray? var hadOneofValue = false if let current = self.operation { @@ -2696,7 +2679,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createArray(v) } }() - case 62: try { + case 63: try { var v: Fuzzilli_Protobuf_CreateIntArray? var hadOneofValue = false if let current = self.operation { @@ -2709,7 +2692,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createIntArray(v) } }() - case 63: try { + case 64: try { var v: Fuzzilli_Protobuf_CreateFloatArray? var hadOneofValue = false if let current = self.operation { @@ -2722,7 +2705,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createFloatArray(v) } }() - case 64: try { + case 65: try { var v: Fuzzilli_Protobuf_CreateArrayWithSpread? var hadOneofValue = false if let current = self.operation { @@ -2735,7 +2718,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createArrayWithSpread(v) } }() - case 65: try { + case 66: try { var v: Fuzzilli_Protobuf_CreateTemplateString? var hadOneofValue = false if let current = self.operation { @@ -2748,19 +2731,6 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createTemplateString(v) } }() - case 66: try { - var v: Fuzzilli_Protobuf_LoadBuiltin? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .loadBuiltin(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .loadBuiltin(v) - } - }() case 67: try { var v: Fuzzilli_Protobuf_GetProperty? var hadOneofValue = false @@ -3490,45 +3460,6 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M } }() case 123: try { - var v: Fuzzilli_Protobuf_LoadNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .loadNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .loadNamedVariable(v) - } - }() - case 124: try { - var v: Fuzzilli_Protobuf_StoreNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .storeNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .storeNamedVariable(v) - } - }() - case 125: try { - var v: Fuzzilli_Protobuf_DefineNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .defineNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .defineNamedVariable(v) - } - }() - case 126: try { var v: Fuzzilli_Protobuf_Eval? var hadOneofValue = false if let current = self.operation { @@ -3541,7 +3472,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .eval(v) } }() - case 127: try { + case 124: try { var v: Fuzzilli_Protobuf_BeginWith? var hadOneofValue = false if let current = self.operation { @@ -3554,7 +3485,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWith(v) } }() - case 128: try { + case 125: try { var v: Fuzzilli_Protobuf_EndWith? var hadOneofValue = false if let current = self.operation { @@ -3567,7 +3498,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endWith(v) } }() - case 129: try { + case 126: try { var v: Fuzzilli_Protobuf_CallSuperConstructor? var hadOneofValue = false if let current = self.operation { @@ -3580,7 +3511,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callSuperConstructor(v) } }() - case 130: try { + case 127: try { var v: Fuzzilli_Protobuf_CallSuperMethod? var hadOneofValue = false if let current = self.operation { @@ -3593,7 +3524,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callSuperMethod(v) } }() - case 131: try { + case 128: try { var v: Fuzzilli_Protobuf_GetPrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3606,7 +3537,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getPrivateProperty(v) } }() - case 132: try { + case 129: try { var v: Fuzzilli_Protobuf_SetPrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3619,7 +3550,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setPrivateProperty(v) } }() - case 133: try { + case 130: try { var v: Fuzzilli_Protobuf_UpdatePrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3632,7 +3563,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .updatePrivateProperty(v) } }() - case 134: try { + case 131: try { var v: Fuzzilli_Protobuf_CallPrivateMethod? var hadOneofValue = false if let current = self.operation { @@ -3645,7 +3576,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callPrivateMethod(v) } }() - case 135: try { + case 132: try { var v: Fuzzilli_Protobuf_GetSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3658,7 +3589,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getSuperProperty(v) } }() - case 136: try { + case 133: try { var v: Fuzzilli_Protobuf_SetSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3671,7 +3602,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setSuperProperty(v) } }() - case 137: try { + case 134: try { var v: Fuzzilli_Protobuf_GetComputedSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3684,7 +3615,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getComputedSuperProperty(v) } }() - case 138: try { + case 135: try { var v: Fuzzilli_Protobuf_SetComputedSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3697,7 +3628,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setComputedSuperProperty(v) } }() - case 139: try { + case 136: try { var v: Fuzzilli_Protobuf_UpdateSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3710,7 +3641,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .updateSuperProperty(v) } }() - case 140: try { + case 137: try { var v: Fuzzilli_Protobuf_BeginIf? var hadOneofValue = false if let current = self.operation { @@ -3723,7 +3654,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginIf(v) } }() - case 141: try { + case 138: try { var v: Fuzzilli_Protobuf_BeginElse? var hadOneofValue = false if let current = self.operation { @@ -3736,7 +3667,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginElse(v) } }() - case 142: try { + case 139: try { var v: Fuzzilli_Protobuf_EndIf? var hadOneofValue = false if let current = self.operation { @@ -3749,7 +3680,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endIf(v) } }() - case 143: try { + case 140: try { var v: Fuzzilli_Protobuf_BeginWhileLoopHeader? var hadOneofValue = false if let current = self.operation { @@ -3762,7 +3693,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWhileLoopHeader(v) } }() - case 144: try { + case 141: try { var v: Fuzzilli_Protobuf_BeginWhileLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3775,7 +3706,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWhileLoopBody(v) } }() - case 145: try { + case 142: try { var v: Fuzzilli_Protobuf_EndWhileLoop? var hadOneofValue = false if let current = self.operation { @@ -3788,7 +3719,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endWhileLoop(v) } }() - case 146: try { + case 143: try { var v: Fuzzilli_Protobuf_BeginDoWhileLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3801,7 +3732,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginDoWhileLoopBody(v) } }() - case 147: try { + case 144: try { var v: Fuzzilli_Protobuf_BeginDoWhileLoopHeader? var hadOneofValue = false if let current = self.operation { @@ -3814,7 +3745,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginDoWhileLoopHeader(v) } }() - case 148: try { + case 145: try { var v: Fuzzilli_Protobuf_EndDoWhileLoop? var hadOneofValue = false if let current = self.operation { @@ -3827,7 +3758,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endDoWhileLoop(v) } }() - case 149: try { + case 146: try { var v: Fuzzilli_Protobuf_BeginForLoopInitializer? var hadOneofValue = false if let current = self.operation { @@ -3840,7 +3771,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopInitializer(v) } }() - case 150: try { + case 147: try { var v: Fuzzilli_Protobuf_BeginForLoopCondition? var hadOneofValue = false if let current = self.operation { @@ -3853,7 +3784,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopCondition(v) } }() - case 151: try { + case 148: try { var v: Fuzzilli_Protobuf_BeginForLoopAfterthought? var hadOneofValue = false if let current = self.operation { @@ -3866,7 +3797,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopAfterthought(v) } }() - case 152: try { + case 149: try { var v: Fuzzilli_Protobuf_BeginForLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3879,7 +3810,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopBody(v) } }() - case 153: try { + case 150: try { var v: Fuzzilli_Protobuf_EndForLoop? var hadOneofValue = false if let current = self.operation { @@ -3892,7 +3823,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForLoop(v) } }() - case 154: try { + case 151: try { var v: Fuzzilli_Protobuf_BeginForInLoop? var hadOneofValue = false if let current = self.operation { @@ -3905,7 +3836,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForInLoop(v) } }() - case 155: try { + case 152: try { var v: Fuzzilli_Protobuf_EndForInLoop? var hadOneofValue = false if let current = self.operation { @@ -3918,7 +3849,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForInLoop(v) } }() - case 156: try { + case 153: try { var v: Fuzzilli_Protobuf_BeginForOfLoop? var hadOneofValue = false if let current = self.operation { @@ -3931,7 +3862,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForOfLoop(v) } }() - case 157: try { + case 154: try { var v: Fuzzilli_Protobuf_BeginForOfLoopWithDestruct? var hadOneofValue = false if let current = self.operation { @@ -3944,7 +3875,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForOfLoopWithDestruct(v) } }() - case 158: try { + case 155: try { var v: Fuzzilli_Protobuf_EndForOfLoop? var hadOneofValue = false if let current = self.operation { @@ -3957,7 +3888,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForOfLoop(v) } }() - case 159: try { + case 156: try { var v: Fuzzilli_Protobuf_BeginRepeatLoop? var hadOneofValue = false if let current = self.operation { @@ -3970,7 +3901,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginRepeatLoop(v) } }() - case 160: try { + case 157: try { var v: Fuzzilli_Protobuf_EndRepeatLoop? var hadOneofValue = false if let current = self.operation { @@ -3983,7 +3914,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endRepeatLoop(v) } }() - case 161: try { + case 158: try { var v: Fuzzilli_Protobuf_LoopBreak? var hadOneofValue = false if let current = self.operation { @@ -3996,7 +3927,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loopBreak(v) } }() - case 162: try { + case 159: try { var v: Fuzzilli_Protobuf_LoopContinue? var hadOneofValue = false if let current = self.operation { @@ -4009,7 +3940,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loopContinue(v) } }() - case 163: try { + case 160: try { var v: Fuzzilli_Protobuf_BeginTry? var hadOneofValue = false if let current = self.operation { @@ -4022,7 +3953,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginTry(v) } }() - case 164: try { + case 161: try { var v: Fuzzilli_Protobuf_BeginCatch? var hadOneofValue = false if let current = self.operation { @@ -4035,7 +3966,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginCatch(v) } }() - case 165: try { + case 162: try { var v: Fuzzilli_Protobuf_BeginFinally? var hadOneofValue = false if let current = self.operation { @@ -4048,7 +3979,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginFinally(v) } }() - case 166: try { + case 163: try { var v: Fuzzilli_Protobuf_EndTryCatchFinally? var hadOneofValue = false if let current = self.operation { @@ -4061,7 +3992,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endTryCatchFinally(v) } }() - case 167: try { + case 164: try { var v: Fuzzilli_Protobuf_ThrowException? var hadOneofValue = false if let current = self.operation { @@ -4074,7 +4005,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .throwException(v) } }() - case 168: try { + case 165: try { var v: Fuzzilli_Protobuf_BeginCodeString? var hadOneofValue = false if let current = self.operation { @@ -4087,7 +4018,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginCodeString(v) } }() - case 169: try { + case 166: try { var v: Fuzzilli_Protobuf_EndCodeString? var hadOneofValue = false if let current = self.operation { @@ -4100,7 +4031,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endCodeString(v) } }() - case 170: try { + case 167: try { var v: Fuzzilli_Protobuf_BeginBlockStatement? var hadOneofValue = false if let current = self.operation { @@ -4113,7 +4044,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginBlockStatement(v) } }() - case 171: try { + case 168: try { var v: Fuzzilli_Protobuf_EndBlockStatement? var hadOneofValue = false if let current = self.operation { @@ -4126,7 +4057,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endBlockStatement(v) } }() - case 172: try { + case 169: try { var v: Fuzzilli_Protobuf_BeginSwitch? var hadOneofValue = false if let current = self.operation { @@ -4139,7 +4070,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitch(v) } }() - case 173: try { + case 170: try { var v: Fuzzilli_Protobuf_BeginSwitchCase? var hadOneofValue = false if let current = self.operation { @@ -4152,7 +4083,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitchCase(v) } }() - case 174: try { + case 171: try { var v: Fuzzilli_Protobuf_BeginSwitchDefaultCase? var hadOneofValue = false if let current = self.operation { @@ -4165,7 +4096,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitchDefaultCase(v) } }() - case 175: try { + case 172: try { var v: Fuzzilli_Protobuf_EndSwitchCase? var hadOneofValue = false if let current = self.operation { @@ -4178,7 +4109,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endSwitchCase(v) } }() - case 176: try { + case 173: try { var v: Fuzzilli_Protobuf_EndSwitch? var hadOneofValue = false if let current = self.operation { @@ -4191,7 +4122,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endSwitch(v) } }() - case 177: try { + case 174: try { var v: Fuzzilli_Protobuf_SwitchBreak? var hadOneofValue = false if let current = self.operation { @@ -4204,7 +4135,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .switchBreak(v) } }() - case 178: try { + case 175: try { var v: Fuzzilli_Protobuf_LoadNewTarget? var hadOneofValue = false if let current = self.operation { @@ -4217,7 +4148,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadNewTarget(v) } }() - case 179: try { + case 176: try { var v: Fuzzilli_Protobuf_Print? var hadOneofValue = false if let current = self.operation { @@ -4230,7 +4161,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .print(v) } }() - case 180: try { + case 177: try { var v: Fuzzilli_Protobuf_Explore? var hadOneofValue = false if let current = self.operation { @@ -4243,7 +4174,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .explore(v) } }() - case 181: try { + case 178: try { var v: Fuzzilli_Protobuf_Probe? var hadOneofValue = false if let current = self.operation { @@ -4256,7 +4187,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .probe(v) } }() - case 182: try { + case 179: try { var v: Fuzzilli_Protobuf_Fixup? var hadOneofValue = false if let current = self.operation { @@ -4327,220 +4258,220 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M guard case .loadArguments(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 12) }() + case .createNamedVariable?: try { + guard case .createNamedVariable(let v)? = self.operation else { preconditionFailure() } + try visitor.visitSingularMessageField(value: v, fieldNumber: 13) + }() case .loadDisposableVariable?: try { guard case .loadDisposableVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 13) + try visitor.visitSingularMessageField(value: v, fieldNumber: 14) }() case .loadAsyncDisposableVariable?: try { guard case .loadAsyncDisposableVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 14) + try visitor.visitSingularMessageField(value: v, fieldNumber: 15) }() case .loadRegExp?: try { guard case .loadRegExp(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 15) + try visitor.visitSingularMessageField(value: v, fieldNumber: 16) }() case .beginObjectLiteral?: try { guard case .beginObjectLiteral(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 16) + try visitor.visitSingularMessageField(value: v, fieldNumber: 17) }() case .objectLiteralAddProperty?: try { guard case .objectLiteralAddProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 17) + try visitor.visitSingularMessageField(value: v, fieldNumber: 18) }() case .objectLiteralAddElement?: try { guard case .objectLiteralAddElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 18) + try visitor.visitSingularMessageField(value: v, fieldNumber: 19) }() case .objectLiteralAddComputedProperty?: try { guard case .objectLiteralAddComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 19) + try visitor.visitSingularMessageField(value: v, fieldNumber: 20) }() case .objectLiteralCopyProperties?: try { guard case .objectLiteralCopyProperties(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 20) + try visitor.visitSingularMessageField(value: v, fieldNumber: 21) }() case .objectLiteralSetPrototype?: try { guard case .objectLiteralSetPrototype(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 21) + try visitor.visitSingularMessageField(value: v, fieldNumber: 22) }() case .beginObjectLiteralMethod?: try { guard case .beginObjectLiteralMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 22) + try visitor.visitSingularMessageField(value: v, fieldNumber: 23) }() case .endObjectLiteralMethod?: try { guard case .endObjectLiteralMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 23) + try visitor.visitSingularMessageField(value: v, fieldNumber: 24) }() case .beginObjectLiteralComputedMethod?: try { guard case .beginObjectLiteralComputedMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 24) + try visitor.visitSingularMessageField(value: v, fieldNumber: 25) }() case .endObjectLiteralComputedMethod?: try { guard case .endObjectLiteralComputedMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 25) + try visitor.visitSingularMessageField(value: v, fieldNumber: 26) }() case .beginObjectLiteralGetter?: try { guard case .beginObjectLiteralGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 26) + try visitor.visitSingularMessageField(value: v, fieldNumber: 27) }() case .endObjectLiteralGetter?: try { guard case .endObjectLiteralGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 27) + try visitor.visitSingularMessageField(value: v, fieldNumber: 28) }() case .beginObjectLiteralSetter?: try { guard case .beginObjectLiteralSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 28) + try visitor.visitSingularMessageField(value: v, fieldNumber: 29) }() case .endObjectLiteralSetter?: try { guard case .endObjectLiteralSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 29) + try visitor.visitSingularMessageField(value: v, fieldNumber: 30) }() case .endObjectLiteral?: try { guard case .endObjectLiteral(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 30) + try visitor.visitSingularMessageField(value: v, fieldNumber: 31) }() case .beginClassDefinition?: try { guard case .beginClassDefinition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 31) + try visitor.visitSingularMessageField(value: v, fieldNumber: 32) }() case .beginClassConstructor?: try { guard case .beginClassConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 32) + try visitor.visitSingularMessageField(value: v, fieldNumber: 33) }() case .endClassConstructor?: try { guard case .endClassConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 33) + try visitor.visitSingularMessageField(value: v, fieldNumber: 34) }() case .classAddInstanceProperty?: try { guard case .classAddInstanceProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 34) + try visitor.visitSingularMessageField(value: v, fieldNumber: 35) }() case .classAddInstanceElement?: try { guard case .classAddInstanceElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 35) + try visitor.visitSingularMessageField(value: v, fieldNumber: 36) }() case .classAddInstanceComputedProperty?: try { guard case .classAddInstanceComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 36) + try visitor.visitSingularMessageField(value: v, fieldNumber: 37) }() case .beginClassInstanceMethod?: try { guard case .beginClassInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 37) + try visitor.visitSingularMessageField(value: v, fieldNumber: 38) }() case .endClassInstanceMethod?: try { guard case .endClassInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 38) + try visitor.visitSingularMessageField(value: v, fieldNumber: 39) }() case .beginClassInstanceGetter?: try { guard case .beginClassInstanceGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 39) + try visitor.visitSingularMessageField(value: v, fieldNumber: 40) }() case .endClassInstanceGetter?: try { guard case .endClassInstanceGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 40) + try visitor.visitSingularMessageField(value: v, fieldNumber: 41) }() case .beginClassInstanceSetter?: try { guard case .beginClassInstanceSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 41) + try visitor.visitSingularMessageField(value: v, fieldNumber: 42) }() case .endClassInstanceSetter?: try { guard case .endClassInstanceSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 42) + try visitor.visitSingularMessageField(value: v, fieldNumber: 43) }() case .classAddStaticProperty?: try { guard case .classAddStaticProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 43) + try visitor.visitSingularMessageField(value: v, fieldNumber: 44) }() case .classAddStaticElement?: try { guard case .classAddStaticElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 44) + try visitor.visitSingularMessageField(value: v, fieldNumber: 45) }() case .classAddStaticComputedProperty?: try { guard case .classAddStaticComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 45) + try visitor.visitSingularMessageField(value: v, fieldNumber: 46) }() case .beginClassStaticInitializer?: try { guard case .beginClassStaticInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 46) + try visitor.visitSingularMessageField(value: v, fieldNumber: 47) }() case .endClassStaticInitializer?: try { guard case .endClassStaticInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 47) + try visitor.visitSingularMessageField(value: v, fieldNumber: 48) }() case .beginClassStaticMethod?: try { guard case .beginClassStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 48) + try visitor.visitSingularMessageField(value: v, fieldNumber: 49) }() case .endClassStaticMethod?: try { guard case .endClassStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 49) + try visitor.visitSingularMessageField(value: v, fieldNumber: 50) }() case .beginClassStaticGetter?: try { guard case .beginClassStaticGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 50) + try visitor.visitSingularMessageField(value: v, fieldNumber: 51) }() case .endClassStaticGetter?: try { guard case .endClassStaticGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 51) + try visitor.visitSingularMessageField(value: v, fieldNumber: 52) }() case .beginClassStaticSetter?: try { guard case .beginClassStaticSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 52) + try visitor.visitSingularMessageField(value: v, fieldNumber: 53) }() case .endClassStaticSetter?: try { guard case .endClassStaticSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 53) + try visitor.visitSingularMessageField(value: v, fieldNumber: 54) }() case .classAddPrivateInstanceProperty?: try { guard case .classAddPrivateInstanceProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 54) + try visitor.visitSingularMessageField(value: v, fieldNumber: 55) }() case .beginClassPrivateInstanceMethod?: try { guard case .beginClassPrivateInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 55) + try visitor.visitSingularMessageField(value: v, fieldNumber: 56) }() case .endClassPrivateInstanceMethod?: try { guard case .endClassPrivateInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 56) + try visitor.visitSingularMessageField(value: v, fieldNumber: 57) }() case .classAddPrivateStaticProperty?: try { guard case .classAddPrivateStaticProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 57) + try visitor.visitSingularMessageField(value: v, fieldNumber: 58) }() case .beginClassPrivateStaticMethod?: try { guard case .beginClassPrivateStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 58) + try visitor.visitSingularMessageField(value: v, fieldNumber: 59) }() case .endClassPrivateStaticMethod?: try { guard case .endClassPrivateStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 59) + try visitor.visitSingularMessageField(value: v, fieldNumber: 60) }() case .endClassDefinition?: try { guard case .endClassDefinition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 60) + try visitor.visitSingularMessageField(value: v, fieldNumber: 61) }() case .createArray?: try { guard case .createArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 61) + try visitor.visitSingularMessageField(value: v, fieldNumber: 62) }() case .createIntArray?: try { guard case .createIntArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 62) + try visitor.visitSingularMessageField(value: v, fieldNumber: 63) }() case .createFloatArray?: try { guard case .createFloatArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 63) + try visitor.visitSingularMessageField(value: v, fieldNumber: 64) }() case .createArrayWithSpread?: try { guard case .createArrayWithSpread(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 64) + try visitor.visitSingularMessageField(value: v, fieldNumber: 65) }() case .createTemplateString?: try { guard case .createTemplateString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 65) - }() - case .loadBuiltin?: try { - guard case .loadBuiltin(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 66) }() case .getProperty?: try { @@ -4767,245 +4698,233 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M guard case .compare(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 122) }() - case .loadNamedVariable?: try { - guard case .loadNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 123) - }() - case .storeNamedVariable?: try { - guard case .storeNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 124) - }() - case .defineNamedVariable?: try { - guard case .defineNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 125) - }() case .eval?: try { guard case .eval(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 126) + try visitor.visitSingularMessageField(value: v, fieldNumber: 123) }() case .beginWith?: try { guard case .beginWith(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 127) + try visitor.visitSingularMessageField(value: v, fieldNumber: 124) }() case .endWith?: try { guard case .endWith(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 128) + try visitor.visitSingularMessageField(value: v, fieldNumber: 125) }() case .callSuperConstructor?: try { guard case .callSuperConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 129) + try visitor.visitSingularMessageField(value: v, fieldNumber: 126) }() case .callSuperMethod?: try { guard case .callSuperMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 130) + try visitor.visitSingularMessageField(value: v, fieldNumber: 127) }() case .getPrivateProperty?: try { guard case .getPrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 131) + try visitor.visitSingularMessageField(value: v, fieldNumber: 128) }() case .setPrivateProperty?: try { guard case .setPrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 132) + try visitor.visitSingularMessageField(value: v, fieldNumber: 129) }() case .updatePrivateProperty?: try { guard case .updatePrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 133) + try visitor.visitSingularMessageField(value: v, fieldNumber: 130) }() case .callPrivateMethod?: try { guard case .callPrivateMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 134) + try visitor.visitSingularMessageField(value: v, fieldNumber: 131) }() case .getSuperProperty?: try { guard case .getSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 135) + try visitor.visitSingularMessageField(value: v, fieldNumber: 132) }() case .setSuperProperty?: try { guard case .setSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 136) + try visitor.visitSingularMessageField(value: v, fieldNumber: 133) }() case .getComputedSuperProperty?: try { guard case .getComputedSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 137) + try visitor.visitSingularMessageField(value: v, fieldNumber: 134) }() case .setComputedSuperProperty?: try { guard case .setComputedSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 138) + try visitor.visitSingularMessageField(value: v, fieldNumber: 135) }() case .updateSuperProperty?: try { guard case .updateSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 139) + try visitor.visitSingularMessageField(value: v, fieldNumber: 136) }() case .beginIf?: try { guard case .beginIf(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 140) + try visitor.visitSingularMessageField(value: v, fieldNumber: 137) }() case .beginElse?: try { guard case .beginElse(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 141) + try visitor.visitSingularMessageField(value: v, fieldNumber: 138) }() case .endIf?: try { guard case .endIf(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 142) + try visitor.visitSingularMessageField(value: v, fieldNumber: 139) }() case .beginWhileLoopHeader?: try { guard case .beginWhileLoopHeader(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 143) + try visitor.visitSingularMessageField(value: v, fieldNumber: 140) }() case .beginWhileLoopBody?: try { guard case .beginWhileLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 144) + try visitor.visitSingularMessageField(value: v, fieldNumber: 141) }() case .endWhileLoop?: try { guard case .endWhileLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 145) + try visitor.visitSingularMessageField(value: v, fieldNumber: 142) }() case .beginDoWhileLoopBody?: try { guard case .beginDoWhileLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 146) + try visitor.visitSingularMessageField(value: v, fieldNumber: 143) }() case .beginDoWhileLoopHeader?: try { guard case .beginDoWhileLoopHeader(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 147) + try visitor.visitSingularMessageField(value: v, fieldNumber: 144) }() case .endDoWhileLoop?: try { guard case .endDoWhileLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 148) + try visitor.visitSingularMessageField(value: v, fieldNumber: 145) }() case .beginForLoopInitializer?: try { guard case .beginForLoopInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 149) + try visitor.visitSingularMessageField(value: v, fieldNumber: 146) }() case .beginForLoopCondition?: try { guard case .beginForLoopCondition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 150) + try visitor.visitSingularMessageField(value: v, fieldNumber: 147) }() case .beginForLoopAfterthought?: try { guard case .beginForLoopAfterthought(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 151) + try visitor.visitSingularMessageField(value: v, fieldNumber: 148) }() case .beginForLoopBody?: try { guard case .beginForLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 152) + try visitor.visitSingularMessageField(value: v, fieldNumber: 149) }() case .endForLoop?: try { guard case .endForLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 153) + try visitor.visitSingularMessageField(value: v, fieldNumber: 150) }() case .beginForInLoop?: try { guard case .beginForInLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 154) + try visitor.visitSingularMessageField(value: v, fieldNumber: 151) }() case .endForInLoop?: try { guard case .endForInLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 155) + try visitor.visitSingularMessageField(value: v, fieldNumber: 152) }() case .beginForOfLoop?: try { guard case .beginForOfLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 156) + try visitor.visitSingularMessageField(value: v, fieldNumber: 153) }() case .beginForOfLoopWithDestruct?: try { guard case .beginForOfLoopWithDestruct(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 157) + try visitor.visitSingularMessageField(value: v, fieldNumber: 154) }() case .endForOfLoop?: try { guard case .endForOfLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 158) + try visitor.visitSingularMessageField(value: v, fieldNumber: 155) }() case .beginRepeatLoop?: try { guard case .beginRepeatLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 159) + try visitor.visitSingularMessageField(value: v, fieldNumber: 156) }() case .endRepeatLoop?: try { guard case .endRepeatLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 160) + try visitor.visitSingularMessageField(value: v, fieldNumber: 157) }() case .loopBreak?: try { guard case .loopBreak(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 161) + try visitor.visitSingularMessageField(value: v, fieldNumber: 158) }() case .loopContinue?: try { guard case .loopContinue(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 162) + try visitor.visitSingularMessageField(value: v, fieldNumber: 159) }() case .beginTry?: try { guard case .beginTry(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 163) + try visitor.visitSingularMessageField(value: v, fieldNumber: 160) }() case .beginCatch?: try { guard case .beginCatch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 164) + try visitor.visitSingularMessageField(value: v, fieldNumber: 161) }() case .beginFinally?: try { guard case .beginFinally(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 165) + try visitor.visitSingularMessageField(value: v, fieldNumber: 162) }() case .endTryCatchFinally?: try { guard case .endTryCatchFinally(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 166) + try visitor.visitSingularMessageField(value: v, fieldNumber: 163) }() case .throwException?: try { guard case .throwException(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 167) + try visitor.visitSingularMessageField(value: v, fieldNumber: 164) }() case .beginCodeString?: try { guard case .beginCodeString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 168) + try visitor.visitSingularMessageField(value: v, fieldNumber: 165) }() case .endCodeString?: try { guard case .endCodeString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 169) + try visitor.visitSingularMessageField(value: v, fieldNumber: 166) }() case .beginBlockStatement?: try { guard case .beginBlockStatement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 170) + try visitor.visitSingularMessageField(value: v, fieldNumber: 167) }() case .endBlockStatement?: try { guard case .endBlockStatement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 171) + try visitor.visitSingularMessageField(value: v, fieldNumber: 168) }() case .beginSwitch?: try { guard case .beginSwitch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 172) + try visitor.visitSingularMessageField(value: v, fieldNumber: 169) }() case .beginSwitchCase?: try { guard case .beginSwitchCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 173) + try visitor.visitSingularMessageField(value: v, fieldNumber: 170) }() case .beginSwitchDefaultCase?: try { guard case .beginSwitchDefaultCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 174) + try visitor.visitSingularMessageField(value: v, fieldNumber: 171) }() case .endSwitchCase?: try { guard case .endSwitchCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 175) + try visitor.visitSingularMessageField(value: v, fieldNumber: 172) }() case .endSwitch?: try { guard case .endSwitch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 176) + try visitor.visitSingularMessageField(value: v, fieldNumber: 173) }() case .switchBreak?: try { guard case .switchBreak(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 177) + try visitor.visitSingularMessageField(value: v, fieldNumber: 174) }() case .loadNewTarget?: try { guard case .loadNewTarget(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 178) + try visitor.visitSingularMessageField(value: v, fieldNumber: 175) }() case .print?: try { guard case .print(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 179) + try visitor.visitSingularMessageField(value: v, fieldNumber: 176) }() case .explore?: try { guard case .explore(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 180) + try visitor.visitSingularMessageField(value: v, fieldNumber: 177) }() case .probe?: try { guard case .probe(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 181) + try visitor.visitSingularMessageField(value: v, fieldNumber: 178) }() case .fixup?: try { guard case .fixup(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 182) + try visitor.visitSingularMessageField(value: v, fieldNumber: 179) }() case nil: break } diff --git a/Sources/Fuzzilli/Protobuf/program.proto b/Sources/Fuzzilli/Protobuf/program.proto index b3e805fce..5334526e3 100644 --- a/Sources/Fuzzilli/Protobuf/program.proto +++ b/Sources/Fuzzilli/Protobuf/program.proto @@ -36,60 +36,60 @@ message Instruction { LoadNull loadNull = 10; LoadThis loadThis = 11; LoadArguments loadArguments = 12; - LoadDisposableVariable loadDisposableVariable = 13; - LoadAsyncDisposableVariable loadAsyncDisposableVariable = 14; - LoadRegExp loadRegExp = 15; - BeginObjectLiteral beginObjectLiteral = 16; - ObjectLiteralAddProperty objectLiteralAddProperty = 17; - ObjectLiteralAddElement objectLiteralAddElement = 18; - ObjectLiteralAddComputedProperty objectLiteralAddComputedProperty = 19; - ObjectLiteralCopyProperties objectLiteralCopyProperties = 20; - ObjectLiteralSetPrototype objectLiteralSetPrototype = 21; - BeginObjectLiteralMethod beginObjectLiteralMethod = 22; - EndObjectLiteralMethod endObjectLiteralMethod = 23; - BeginObjectLiteralComputedMethod beginObjectLiteralComputedMethod = 24; - EndObjectLiteralComputedMethod endObjectLiteralComputedMethod = 25; - BeginObjectLiteralGetter beginObjectLiteralGetter = 26; - EndObjectLiteralGetter endObjectLiteralGetter = 27; - BeginObjectLiteralSetter beginObjectLiteralSetter = 28; - EndObjectLiteralSetter endObjectLiteralSetter = 29; - EndObjectLiteral endObjectLiteral = 30; - BeginClassDefinition beginClassDefinition = 31; - BeginClassConstructor beginClassConstructor = 32; - EndClassConstructor endClassConstructor = 33; - ClassAddInstanceProperty classAddInstanceProperty = 34; - ClassAddInstanceElement classAddInstanceElement = 35; - ClassAddInstanceComputedProperty classAddInstanceComputedProperty = 36; - BeginClassInstanceMethod beginClassInstanceMethod = 37; - EndClassInstanceMethod endClassInstanceMethod = 38; - BeginClassInstanceGetter beginClassInstanceGetter = 39; - EndClassInstanceGetter endClassInstanceGetter = 40; - BeginClassInstanceSetter beginClassInstanceSetter = 41; - EndClassInstanceSetter endClassInstanceSetter = 42; - ClassAddStaticProperty classAddStaticProperty = 43; - ClassAddStaticElement classAddStaticElement = 44; - ClassAddStaticComputedProperty classAddStaticComputedProperty = 45; - BeginClassStaticInitializer beginClassStaticInitializer = 46; - EndClassStaticInitializer endClassStaticInitializer = 47; - BeginClassStaticMethod beginClassStaticMethod = 48; - EndClassStaticMethod endClassStaticMethod = 49; - BeginClassStaticGetter beginClassStaticGetter = 50; - EndClassStaticGetter endClassStaticGetter = 51; - BeginClassStaticSetter beginClassStaticSetter = 52; - EndClassStaticSetter endClassStaticSetter = 53; - ClassAddPrivateInstanceProperty classAddPrivateInstanceProperty = 54; - BeginClassPrivateInstanceMethod beginClassPrivateInstanceMethod = 55; - EndClassPrivateInstanceMethod endClassPrivateInstanceMethod = 56; - ClassAddPrivateStaticProperty classAddPrivateStaticProperty = 57; - BeginClassPrivateStaticMethod beginClassPrivateStaticMethod = 58; - EndClassPrivateStaticMethod endClassPrivateStaticMethod = 59; - EndClassDefinition endClassDefinition = 60; - CreateArray createArray = 61; - CreateIntArray createIntArray = 62; - CreateFloatArray createFloatArray = 63; - CreateArrayWithSpread createArrayWithSpread = 64; - CreateTemplateString createTemplateString = 65; - LoadBuiltin loadBuiltin = 66; + CreateNamedVariable createNamedVariable = 13; + LoadDisposableVariable loadDisposableVariable = 14; + LoadAsyncDisposableVariable loadAsyncDisposableVariable = 15; + LoadRegExp loadRegExp = 16; + BeginObjectLiteral beginObjectLiteral = 17; + ObjectLiteralAddProperty objectLiteralAddProperty = 18; + ObjectLiteralAddElement objectLiteralAddElement = 19; + ObjectLiteralAddComputedProperty objectLiteralAddComputedProperty = 20; + ObjectLiteralCopyProperties objectLiteralCopyProperties = 21; + ObjectLiteralSetPrototype objectLiteralSetPrototype = 22; + BeginObjectLiteralMethod beginObjectLiteralMethod = 23; + EndObjectLiteralMethod endObjectLiteralMethod = 24; + BeginObjectLiteralComputedMethod beginObjectLiteralComputedMethod = 25; + EndObjectLiteralComputedMethod endObjectLiteralComputedMethod = 26; + BeginObjectLiteralGetter beginObjectLiteralGetter = 27; + EndObjectLiteralGetter endObjectLiteralGetter = 28; + BeginObjectLiteralSetter beginObjectLiteralSetter = 29; + EndObjectLiteralSetter endObjectLiteralSetter = 30; + EndObjectLiteral endObjectLiteral = 31; + BeginClassDefinition beginClassDefinition = 32; + BeginClassConstructor beginClassConstructor = 33; + EndClassConstructor endClassConstructor = 34; + ClassAddInstanceProperty classAddInstanceProperty = 35; + ClassAddInstanceElement classAddInstanceElement = 36; + ClassAddInstanceComputedProperty classAddInstanceComputedProperty = 37; + BeginClassInstanceMethod beginClassInstanceMethod = 38; + EndClassInstanceMethod endClassInstanceMethod = 39; + BeginClassInstanceGetter beginClassInstanceGetter = 40; + EndClassInstanceGetter endClassInstanceGetter = 41; + BeginClassInstanceSetter beginClassInstanceSetter = 42; + EndClassInstanceSetter endClassInstanceSetter = 43; + ClassAddStaticProperty classAddStaticProperty = 44; + ClassAddStaticElement classAddStaticElement = 45; + ClassAddStaticComputedProperty classAddStaticComputedProperty = 46; + BeginClassStaticInitializer beginClassStaticInitializer = 47; + EndClassStaticInitializer endClassStaticInitializer = 48; + BeginClassStaticMethod beginClassStaticMethod = 49; + EndClassStaticMethod endClassStaticMethod = 50; + BeginClassStaticGetter beginClassStaticGetter = 51; + EndClassStaticGetter endClassStaticGetter = 52; + BeginClassStaticSetter beginClassStaticSetter = 53; + EndClassStaticSetter endClassStaticSetter = 54; + ClassAddPrivateInstanceProperty classAddPrivateInstanceProperty = 55; + BeginClassPrivateInstanceMethod beginClassPrivateInstanceMethod = 56; + EndClassPrivateInstanceMethod endClassPrivateInstanceMethod = 57; + ClassAddPrivateStaticProperty classAddPrivateStaticProperty = 58; + BeginClassPrivateStaticMethod beginClassPrivateStaticMethod = 59; + EndClassPrivateStaticMethod endClassPrivateStaticMethod = 60; + EndClassDefinition endClassDefinition = 61; + CreateArray createArray = 62; + CreateIntArray createIntArray = 63; + CreateFloatArray createFloatArray = 64; + CreateArrayWithSpread createArrayWithSpread = 65; + CreateTemplateString createTemplateString = 66; GetProperty getProperty = 67; SetProperty setProperty = 68; UpdateProperty updateProperty = 69; @@ -146,66 +146,63 @@ message Instruction { DestructObject destructObject = 120; DestructObjectAndReassign destructObjectAndReassign = 121; Compare compare = 122; - LoadNamedVariable loadNamedVariable = 123; - StoreNamedVariable storeNamedVariable = 124; - DefineNamedVariable defineNamedVariable = 125; - Eval eval = 126; - BeginWith beginWith = 127; - EndWith endWith = 128; - CallSuperConstructor callSuperConstructor = 129; - CallSuperMethod callSuperMethod = 130; - GetPrivateProperty getPrivateProperty = 131; - SetPrivateProperty setPrivateProperty = 132; - UpdatePrivateProperty updatePrivateProperty = 133; - CallPrivateMethod callPrivateMethod = 134; - GetSuperProperty getSuperProperty = 135; - SetSuperProperty setSuperProperty = 136; - GetComputedSuperProperty getComputedSuperProperty = 137; - SetComputedSuperProperty setComputedSuperProperty = 138; - UpdateSuperProperty updateSuperProperty = 139; - BeginIf beginIf = 140; - BeginElse beginElse = 141; - EndIf endIf = 142; - BeginWhileLoopHeader beginWhileLoopHeader = 143; - BeginWhileLoopBody beginWhileLoopBody = 144; - EndWhileLoop endWhileLoop = 145; - BeginDoWhileLoopBody beginDoWhileLoopBody = 146; - BeginDoWhileLoopHeader beginDoWhileLoopHeader = 147; - EndDoWhileLoop endDoWhileLoop = 148; - BeginForLoopInitializer beginForLoopInitializer = 149; - BeginForLoopCondition beginForLoopCondition = 150; - BeginForLoopAfterthought beginForLoopAfterthought = 151; - BeginForLoopBody beginForLoopBody = 152; - EndForLoop endForLoop = 153; - BeginForInLoop beginForInLoop = 154; - EndForInLoop endForInLoop = 155; - BeginForOfLoop beginForOfLoop = 156; - BeginForOfLoopWithDestruct beginForOfLoopWithDestruct = 157; - EndForOfLoop endForOfLoop = 158; - BeginRepeatLoop beginRepeatLoop = 159; - EndRepeatLoop endRepeatLoop = 160; - LoopBreak loopBreak = 161; - LoopContinue loopContinue = 162; - BeginTry beginTry = 163; - BeginCatch beginCatch = 164; - BeginFinally beginFinally = 165; - EndTryCatchFinally endTryCatchFinally = 166; - ThrowException throwException = 167; - BeginCodeString beginCodeString = 168; - EndCodeString endCodeString = 169; - BeginBlockStatement beginBlockStatement = 170; - EndBlockStatement endBlockStatement = 171; - BeginSwitch beginSwitch = 172; - BeginSwitchCase beginSwitchCase = 173; - BeginSwitchDefaultCase beginSwitchDefaultCase = 174; - EndSwitchCase endSwitchCase = 175; - EndSwitch endSwitch = 176; - SwitchBreak switchBreak = 177; - LoadNewTarget loadNewTarget = 178; - Print print = 179; - Explore explore = 180; - Probe probe = 181; - Fixup fixup = 182; + Eval eval = 123; + BeginWith beginWith = 124; + EndWith endWith = 125; + CallSuperConstructor callSuperConstructor = 126; + CallSuperMethod callSuperMethod = 127; + GetPrivateProperty getPrivateProperty = 128; + SetPrivateProperty setPrivateProperty = 129; + UpdatePrivateProperty updatePrivateProperty = 130; + CallPrivateMethod callPrivateMethod = 131; + GetSuperProperty getSuperProperty = 132; + SetSuperProperty setSuperProperty = 133; + GetComputedSuperProperty getComputedSuperProperty = 134; + SetComputedSuperProperty setComputedSuperProperty = 135; + UpdateSuperProperty updateSuperProperty = 136; + BeginIf beginIf = 137; + BeginElse beginElse = 138; + EndIf endIf = 139; + BeginWhileLoopHeader beginWhileLoopHeader = 140; + BeginWhileLoopBody beginWhileLoopBody = 141; + EndWhileLoop endWhileLoop = 142; + BeginDoWhileLoopBody beginDoWhileLoopBody = 143; + BeginDoWhileLoopHeader beginDoWhileLoopHeader = 144; + EndDoWhileLoop endDoWhileLoop = 145; + BeginForLoopInitializer beginForLoopInitializer = 146; + BeginForLoopCondition beginForLoopCondition = 147; + BeginForLoopAfterthought beginForLoopAfterthought = 148; + BeginForLoopBody beginForLoopBody = 149; + EndForLoop endForLoop = 150; + BeginForInLoop beginForInLoop = 151; + EndForInLoop endForInLoop = 152; + BeginForOfLoop beginForOfLoop = 153; + BeginForOfLoopWithDestruct beginForOfLoopWithDestruct = 154; + EndForOfLoop endForOfLoop = 155; + BeginRepeatLoop beginRepeatLoop = 156; + EndRepeatLoop endRepeatLoop = 157; + LoopBreak loopBreak = 158; + LoopContinue loopContinue = 159; + BeginTry beginTry = 160; + BeginCatch beginCatch = 161; + BeginFinally beginFinally = 162; + EndTryCatchFinally endTryCatchFinally = 163; + ThrowException throwException = 164; + BeginCodeString beginCodeString = 165; + EndCodeString endCodeString = 166; + BeginBlockStatement beginBlockStatement = 167; + EndBlockStatement endBlockStatement = 168; + BeginSwitch beginSwitch = 169; + BeginSwitchCase beginSwitchCase = 170; + BeginSwitchDefaultCase beginSwitchDefaultCase = 171; + EndSwitchCase endSwitchCase = 172; + EndSwitch endSwitch = 173; + SwitchBreak switchBreak = 174; + LoadNewTarget loadNewTarget = 175; + Print print = 176; + Explore explore = 177; + Probe probe = 178; + Fixup fixup = 179; } } diff --git a/Sources/FuzzilliCli/Profiles/JSCProfile.swift b/Sources/FuzzilliCli/Profiles/JSCProfile.swift index 3f5aab062..36d5e87e7 100644 --- a/Sources/FuzzilliCli/Profiles/JSCProfile.swift +++ b/Sources/FuzzilliCli/Profiles/JSCProfile.swift @@ -33,7 +33,7 @@ fileprivate let ForceFTLCompilationGenerator = CodeGenerator("ForceFTLCompilatio } fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - b.callFunction(b.loadBuiltin("gc")) + b.callFunction(b.createNamedVariable(forBuiltin: "gc")) } let jscProfile = Profile( diff --git a/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift b/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift index 65f94f412..fac719046 100644 --- a/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift +++ b/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift @@ -24,7 +24,7 @@ fileprivate let ForceSpidermonkeyIonGenerator = CodeGenerator("ForceSpidermonkey } fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - b.callFunction(b.loadBuiltin("gc")) + b.callFunction(b.createNamedVariable(forBuiltin: "gc")) } let spidermonkeyProfile = Profile( diff --git a/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift b/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift index e15adbff1..4cb975e2a 100644 --- a/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift +++ b/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift @@ -44,7 +44,7 @@ fileprivate let ForceMaglevCompilationGenerator = CodeGenerator("ForceMaglevComp } // Insert random GC calls throughout our code. fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") // Do minor GCs more frequently. let type = b.loadString(probability(0.25) ? "major" : "minor") // If the execution type is 'async', gc() returns a Promise, we currently diff --git a/Sources/FuzzilliCli/Profiles/V8Profile.swift b/Sources/FuzzilliCli/Profiles/V8Profile.swift index 224e8e94e..083948d03 100644 --- a/Sources/FuzzilliCli/Profiles/V8Profile.swift +++ b/Sources/FuzzilliCli/Profiles/V8Profile.swift @@ -79,7 +79,7 @@ fileprivate let WorkerGenerator = RecursiveCodeGenerator("WorkerGenerator") { b b.buildRecursive(block: 2, of: 2) } - let workerConstructor = b.loadBuiltin("Worker") + let workerConstructor = b.createNamedVariable(forBuiltin: "Worker") let functionString = b.loadString("function") let argumentsArray = b.createArray(with: b.randomArguments(forCalling: workerFunction)) @@ -92,7 +92,7 @@ fileprivate let WorkerGenerator = RecursiveCodeGenerator("WorkerGenerator") { b // Insert random GC calls throughout our code. fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") // Do minor GCs more frequently. let type = b.loadString(probability(0.25) ? "major" : "minor") @@ -290,9 +290,9 @@ fileprivate let ValueSerializerFuzzer = ProgramTemplate("ValueSerializerFuzzer") b.build(n: 50) // Load necessary builtins - let d8 = b.loadBuiltin("d8") + let d8 = b.createNamedVariable(forBuiltin: "d8") let serializer = b.getProperty("serializer", of: d8) - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") // Serialize a random object let content = b.callMethod("serialize", on: serializer, withArgs: [b.randomVariable()]) @@ -363,7 +363,7 @@ fileprivate let RegExpFuzzer = ProgramTemplate("RegExpFuzzer") { b in let resultVar = b.loadNull() b.buildTryCatchFinally(tryBody: { - let symbol = b.loadBuiltin("Symbol") + let symbol = b.createNamedVariable(forBuiltin: "Symbol") withEqualProbability({ let res = b.callMethod("exec", on: regExpVar, withArgs: [subjectVar]) b.reassign(resultVar, to: res) diff --git a/Sources/FuzzilliCli/Profiles/XSProfile.swift b/Sources/FuzzilliCli/Profiles/XSProfile.swift index 44ddab3ef..f71377eb5 100644 --- a/Sources/FuzzilliCli/Profiles/XSProfile.swift +++ b/Sources/FuzzilliCli/Profiles/XSProfile.swift @@ -19,7 +19,7 @@ fileprivate let StressXSGC = CodeGenerator("StressXSGC", inputs: .required(.func let index = b.loadInt(1) let end = b.loadInt(128) - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") b.callFunction(gc, withArgs: [index]) b.buildWhileLoop({b.compare(index, with: end, using: .lessThan)}) { b.callFunction(f, withArgs: arguments) @@ -36,7 +36,7 @@ fileprivate let StressXSMemoryFail = CodeGenerator("StressXSMemoryFail", inputs: let index = b.loadInt(1) let max = b.loadInt(1000000) - let memoryFail = b.loadBuiltin("memoryFail") + let memoryFail = b.createNamedVariable(forBuiltin: "memoryFail") b.callFunction(memoryFail, withArgs: [max]) // count how many allocations this function makes b.callFunction(f, withArgs: arguments) var end = b.callFunction(memoryFail, withArgs: [index]) @@ -49,17 +49,17 @@ fileprivate let StressXSMemoryFail = CodeGenerator("StressXSMemoryFail", inputs: } fileprivate let HardenGenerator = CodeGenerator("HardenGenerator", inputs: .required(.object())) { b, obj in - let harden = b.loadBuiltin("harden") + let harden = b.createNamedVariable(forBuiltin: "harden") if probability(0.05) { - let lockdown = b.loadBuiltin("lockdown") + let lockdown = b.createNamedVariable(forBuiltin: "lockdown") b.callFunction(lockdown) } b.callFunction(harden, withArgs: [obj]) } fileprivate let ModuleSourceGenerator = RecursiveCodeGenerator("ModuleSourceGenerator") { b in - let moduleSourceConstructor = b.loadBuiltin("ModuleSource") + let moduleSourceConstructor = b.createNamedVariable(forBuiltin: "ModuleSource") let code = b.buildCodeString() { b.buildRecursive() @@ -69,7 +69,7 @@ fileprivate let ModuleSourceGenerator = RecursiveCodeGenerator("ModuleSourceGene } fileprivate let CompartmentGenerator = RecursiveCodeGenerator("CompartmentGenerator") { b in - let compartmentConstructor = b.loadBuiltin("Compartment") + let compartmentConstructor = b.createNamedVariable(forBuiltin: "Compartment") var endowments = [String: Variable]() // may be used as endowments argument or globalLexicals var moduleMap = [String: Variable]() @@ -132,7 +132,7 @@ fileprivate let UnicodeStringGenerator = CodeGenerator("UnicodeStringGenerator") fileprivate let HexGenerator = CodeGenerator("HexGenerator") { b in let hexValues = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "A", "B", "C", "D", "E", "F"] - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") withEqualProbability({ var s = "" @@ -164,7 +164,7 @@ fileprivate let Base64Generator = CodeGenerator("Base64Generator") { b in let base64Alphabet = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/"] let base64URLAlphabet = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "-", "_"] - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") withEqualProbability({ var options = [String: Variable]() @@ -272,7 +272,7 @@ fileprivate let RegExpFuzzer = ProgramTemplate("RegExpFuzzer") { b in let resultVar = b.loadNull() b.buildTryCatchFinally(tryBody: { - let symbol = b.loadBuiltin("Symbol") + let symbol = b.createNamedVariable(forBuiltin: "Symbol") withEqualProbability({ let res = b.callMethod("exec", on: regExpVar, withArgs: [subjectVar]) b.reassign(resultVar, to: res) diff --git a/Tests/FuzzilliTests/AnalyzerTest.swift b/Tests/FuzzilliTests/AnalyzerTest.swift index 1dac85577..4bffb5cde 100644 --- a/Tests/FuzzilliTests/AnalyzerTest.swift +++ b/Tests/FuzzilliTests/AnalyzerTest.swift @@ -128,7 +128,7 @@ class AnalyzerTests: XCTestCase { } } XCTAssertEqual(b.context, [.javascript, .with]) - b.loadNamedVariable(b.randomPropertyName()) + b.createNamedVariable(b.randomPropertyName(), declarationMode: .none) } let _ = b.finalize() diff --git a/Tests/FuzzilliTests/CompilerTests/advanced_loops.js b/Tests/FuzzilliTests/CompilerTests/advanced_loops.js index 7f40a8bff..998ee415e 100644 --- a/Tests/FuzzilliTests/CompilerTests/advanced_loops.js +++ b/Tests/FuzzilliTests/CompilerTests/advanced_loops.js @@ -89,3 +89,12 @@ for (output("inside for loop initializer"); output("inside for loop condition"), if (!countdown()) break; } resetCounter(); + +// Test scoping in the different parts of a for loop. +{ + global = { start: 0, end: 3, step: 1, value: 42 }; +} +for (let i = global.start; i < global.end; i += global.step) { + output("inside for loop body with global value", global.value); +} + diff --git a/Tests/FuzzilliTests/CompilerTests/basic_object_access.js b/Tests/FuzzilliTests/CompilerTests/basic_object_access.js index 1f300d6c7..8457f8c12 100644 --- a/Tests/FuzzilliTests/CompilerTests/basic_object_access.js +++ b/Tests/FuzzilliTests/CompilerTests/basic_object_access.js @@ -14,9 +14,11 @@ o[3] = o[2] + o[1]; output(JSON.stringify(o)); with(o) { - a = 3; - b = 4; - c = a + b; - } + output(a); + output(b); + a = 3; + b = 4; + c = a + b; +} -output(JSON.stringify(o)); \ No newline at end of file +output(JSON.stringify(o)); diff --git a/Tests/FuzzilliTests/CompilerTests/basic_scoping.js b/Tests/FuzzilliTests/CompilerTests/basic_scoping.js index 1b5b6d34b..becbe0b33 100644 --- a/Tests/FuzzilliTests/CompilerTests/basic_scoping.js +++ b/Tests/FuzzilliTests/CompilerTests/basic_scoping.js @@ -19,18 +19,8 @@ function foo(x) { } foo(44); -// Note: this test will currently fail if 'a' and 'b' are replaced by -// 'x' and 'y' in the object. That's because the compiler will still used -// regular/numbered variables for x and y, and so will effectively rename -// them to something like `v1` and `v2`, while keeping the property names -// of the object. This isn't easy to fix, unfortunately. One option might -// be to change the compiler to only use named variables in testcases that -// use `with` statements, but that would be quite an invasive change and -// result in a FuzzIL program that is less suited for mutations. -let obj = { a: 45, b: 9001 }; +let obj = { x: 45, y: 9001 }; with (obj) { output(x); output(y); - output(a); - output(b); } diff --git a/Tests/FuzzilliTests/CompilerTests/named_variables.js b/Tests/FuzzilliTests/CompilerTests/named_variables.js new file mode 100644 index 000000000..d450cf47d --- /dev/null +++ b/Tests/FuzzilliTests/CompilerTests/named_variables.js @@ -0,0 +1,50 @@ +if (typeof output === 'undefined') output = console.log; + +// Test variable names. +a = 1; +var b = 2; +let c = 3; + +eval('output(a)'); +eval('output(b)'); +eval('output(c)'); + +// Test uninitialized variables. +var d, e; +d = 4; +e = 5; +eval('output(d)'); +eval('output(e)'); + +// Test variable scoping. +function foo() { + var f; + h = 7; + if (true) { + f = 6; + var g = 8; + output(f); + var h; + output(h); + } + output(g); +} +foo(); + +// Test const variable assignment. +const i = 9; +try { + i++; +} catch (e) {} +output(i); + +// Test variable overwriting. +var j = 9; +var j = 10; +output(j); + +// Test multiple references to the same existing variable. +k = 9; +k++; +k++; +output(k); diff --git a/Tests/FuzzilliTests/JSTyperTests.swift b/Tests/FuzzilliTests/JSTyperTests.swift index 5ffd550ec..a56a1d679 100644 --- a/Tests/FuzzilliTests/JSTyperTests.swift +++ b/Tests/FuzzilliTests/JSTyperTests.swift @@ -726,9 +726,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let va = b.loadBuiltin("A") - let vb = b.loadBuiltin("B") - let vc = b.loadBuiltin("C") + let va = b.createNamedVariable(forBuiltin: "A") + let vb = b.createNamedVariable(forBuiltin: "B") + let vc = b.createNamedVariable(forBuiltin: "C") XCTAssertEqual(b.type(of: va), builtinAType) XCTAssertEqual(b.type(of: vb), builtinBType) @@ -759,9 +759,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let aObj = b.loadBuiltin("A") + let aObj = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: aObj), .anything) - let bObj = b.loadBuiltin("B") + let bObj = b.createNamedVariable(forBuiltin: "B") XCTAssertEqual(b.type(of: bObj), .object(ofGroup: "B")) // .foo and .bar are both known for B objects @@ -774,7 +774,7 @@ class JSTyperTests: XCTestCase { p = b.getProperty("baz", of: bObj) XCTAssertEqual(b.type(of: p), .anything) - let cObj = b.loadBuiltin("C") + let cObj = b.createNamedVariable(forBuiltin: "C") p = b.getProperty("baz", of: cObj) XCTAssertEqual(b.type(of: p), propBazType) @@ -809,9 +809,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let aObj = b.loadBuiltin("A") + let aObj = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: aObj), .anything) - let bObj = b.loadBuiltin("B") + let bObj = b.createNamedVariable(forBuiltin: "B") XCTAssertEqual(b.type(of: bObj), .object(ofGroup: "B")) var r = b.callMethod("m1", on: bObj) @@ -820,7 +820,7 @@ class JSTyperTests: XCTestCase { r = b.callMethod("m2", on: bObj) XCTAssertEqual(b.type(of: r), .anything) - let cObj = b.loadBuiltin("C") + let cObj = b.createNamedVariable(forBuiltin: "C") r = b.callMethod("m2", on: cObj) XCTAssertEqual(b.type(of: r), .object(ofGroup: "X")) } @@ -836,7 +836,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let A = b.loadBuiltin("A") + let A = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: A), aConstructorType) // For a known constructor, the resulting type can be inferred @@ -844,7 +844,7 @@ class JSTyperTests: XCTestCase { XCTAssertEqual(b.type(of: a), .object(ofGroup: "A")) // For an unknown constructor, the result will be .object() - let B = b.loadBuiltin("B") + let B = b.createNamedVariable(forBuiltin: "B") let b_ = b.construct(B) XCTAssertEqual(b.type(of: b_), .object()) @@ -869,7 +869,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let a = b.loadBuiltin("a") + let a = b.createNamedVariable(forBuiltin: "a") XCTAssertEqual(b.type(of: a), aFunctionType) // For a known function, the resulting type can be inferred @@ -877,7 +877,7 @@ class JSTyperTests: XCTestCase { XCTAssertEqual(b.type(of: r), .primitive) // For an unknown function, the result will be .anything - let c = b.loadBuiltin("c") + let c = b.createNamedVariable(forBuiltin: "c") r = b.callFunction(c) XCTAssertEqual(b.type(of: r), .anything) } @@ -1223,7 +1223,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let obj = b.loadBuiltin("myO") + let obj = b.createNamedVariable(forBuiltin: "myO") b.setType(ofVariable: obj, to: .object(ofGroup: "O", withProperties: ["foo", "bar", "baz"])) let outputs = b.destruct(obj, selecting: ["foo", "bar"], hasRestElement: true) diff --git a/Tests/FuzzilliTests/LifterTest.swift b/Tests/FuzzilliTests/LifterTest.swift index a7499b400..15a44262a 100644 --- a/Tests/FuzzilliTests/LifterTest.swift +++ b/Tests/FuzzilliTests/LifterTest.swift @@ -52,15 +52,15 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) - let o = b.loadBuiltin("SomeObj") + let o = b.createNamedVariable(forBuiltin: "SomeObj") let foo = b.getProperty("foo", of: o) let bar = b.getProperty("bar", of: foo) let i = b.loadInt(42) let r = b.callMethod("baz", on: bar, withArgs: [i, i]) b.setProperty("r", of: obj, to: r) - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let lhs = b.callMethod("random", on: Math) let rhs = b.loadFloat(13.37) let s = b.binary(lhs, rhs, with: .Add) @@ -85,10 +85,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) let i = b.loadInt(42) - let o = b.loadBuiltin("SomeObj") + let o = b.createNamedVariable(forBuiltin: "SomeObj") let foo = b.getProperty("foo", of: o) let bar = b.getProperty("bar", of: foo) let baz = b.getProperty("baz", of: bar) @@ -113,9 +113,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() // Test that effectful operations aren't reordered in any sematic-changing way. - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) - let effectful = b.loadBuiltin("effectful") + let effectful = b.createNamedVariable(forBuiltin: "effectful") var lhs = b.callMethod("func1", on: effectful) var rhs = b.callMethod("func2", on: effectful) @@ -229,13 +229,13 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let someValue = b.loadBuiltin("someValue") - let computeThreshold = b.loadBuiltin("computeThreshold") + let someValue = b.createNamedVariable(forBuiltin: "someValue") + let computeThreshold = b.createNamedVariable(forBuiltin: "computeThreshold") let threshold = b.callFunction(computeThreshold) let cond = b.compare(someValue, with: threshold, using: .lessThan) // The comparison and the function call can be inlined into the header of the if-statement. b.buildIf(cond) { - let doSomething = b.loadBuiltin("doSomething") + let doSomething = b.createNamedVariable(forBuiltin: "doSomething") b.callFunction(doSomething) } @@ -257,7 +257,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let v0 = b.loadInt(0) - let f = b.loadBuiltin("computeNumIterations") + let f = b.createNamedVariable(forBuiltin: "computeNumIterations") let numIterations = b.callFunction(f) // The function call should not be inlined into the loop header as that would change the programs behavior. b.buildWhileLoop({ b.compare(v0, with: numIterations, using: .lessThan) }) { @@ -284,12 +284,12 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() // Test that (potentially) effectful operations are only executed once. - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let o = b.construct(Object) let v0 = b.loadInt(1337) - let f1 = b.loadBuiltin("func1") + let f1 = b.createNamedVariable(forBuiltin: "func1") let r1 = b.callFunction(f1, withArgs: [v0]) - let f2 = b.loadBuiltin("func2") + let f2 = b.createNamedVariable(forBuiltin: "func2") let r2 = b.callFunction(f2, withArgs: [r1]) b.setProperty("x", of: o, to: r2) b.setProperty("y", of: o, to: r2) @@ -372,7 +372,7 @@ class LifterTests: XCTestCase { b.buildPlainFunction(with: .parameters(n: 1)) { args in let p = args[0] let two = b.loadInt(2) - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let x = b.getProperty("x", of: p) let xSquared = b.binary(x, two, with: .Exp) let y = b.getProperty("y", of: p) @@ -442,8 +442,8 @@ class LifterTests: XCTestCase { // variable access also does not raise an exception. b.loadInt(42) b.loadString("foobar") - b.loadNamedVariable("nonexistant") - let v = b.loadNamedVariable("alsoNonexistantButSafeToAccessViaTypeOf") + b.createNamedVariable("nonexistant", declarationMode: .none) + let v = b.createNamedVariable("alsoNonexistantButSafeToAccessViaTypeOf", declarationMode: .none) b.typeof(v) let program = b.finalize() @@ -466,8 +466,8 @@ class LifterTests: XCTestCase { let v3 = b.loadString("foobar") let null = b.loadNull() let v4 = b.binary(v3, v1, with: .Add) - let otherObject = b.loadBuiltin("SomeObject") - let toPrimitive = b.getProperty("toPrimitive", of: b.loadBuiltin("Symbol")) + let otherObject = b.createNamedVariable(forBuiltin: "SomeObject") + let toPrimitive = b.getProperty("toPrimitive", of: b.createNamedVariable(forBuiltin: "Symbol")) b.buildObjectLiteral { obj in obj.addProperty("p1", as: v1) obj.addProperty("__proto__", as: null) @@ -608,7 +608,7 @@ class LifterTests: XCTestCase { } } b.construct(C, withArgs: [b.loadInt(42)]) - b.reassign(C, to: b.loadBuiltin("Uint8Array")) + b.reassign(C, to: b.createNamedVariable(forBuiltin: "Uint8Array")) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -727,13 +727,13 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let v = b.callMethod("random", on: Math) let two_v = b.binary(v, v, with: .Add) let three_v = b.binary(two_v, v, with: .Add) let twelve_v = b.binary(b.loadInt(4), three_v, with: .Mul) let six_v = b.binary(twelve_v, b.loadInt(2), with: .Div) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [six_v]) let program = b.finalize() @@ -779,26 +779,26 @@ class LifterTests: XCTestCase { let code2 = b.buildCodeString() { let code3 = b.buildCodeString() { let code4 = b.buildCodeString() { - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let msg = b.loadString("Hello") b.callFunction(print, withArgs: [msg]) } let code5 = b.buildCodeString() { - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let msg = b.loadString("World") b.callFunction(print, withArgs: [msg]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code4]) b.callFunction(eval, withArgs: [code5]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code3]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code2]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code1]) let program = b.finalize() @@ -906,7 +906,7 @@ class LifterTests: XCTestCase { b.setProperty("bar", of: this, to: args[2]) } b.construct(c1, withArgs: [b.loadInt(42), b.loadInt(43)]) - let c2 = b.loadBuiltin("Object") + let c2 = b.createNamedVariable(forBuiltin: "Object") b.reassign(c1, to: c2) b.construct(c1, withArgs: [b.loadInt(44), b.loadInt(45)]) @@ -943,8 +943,8 @@ class LifterTests: XCTestCase { let r = b.binary(lhs, rhs, with: .Mul) b.yield(r) } - b.callFunction(f1, withArgs: [b.loadBuiltin("promise1"), b.loadBuiltin("promise2")]) - b.callFunction(f2, withArgs: [b.loadBuiltin("promise3"), b.loadBuiltin("promise4")]) + b.callFunction(f1, withArgs: [b.createNamedVariable(forBuiltin: "promise1"), b.createNamedVariable(forBuiltin: "promise2")]) + b.callFunction(f2, withArgs: [b.createNamedVariable(forBuiltin: "promise3"), b.createNamedVariable(forBuiltin: "promise4")]) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -1052,9 +1052,9 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let foo = b.loadBuiltin("foo") - let bar = b.loadBuiltin("bar") - let baz = b.loadBuiltin("baz") + let foo = b.createNamedVariable(forBuiltin: "foo") + let bar = b.createNamedVariable(forBuiltin: "bar") + let baz = b.createNamedVariable(forBuiltin: "baz") let i = b.loadInt(42) b.reassign(i, to: b.loadInt(43)) b.callFunction(foo, withArgs: [i]) @@ -1131,7 +1131,7 @@ class LifterTests: XCTestCase { b.createTemplateString(from: [""], interpolating: []) let bar = b.loadString("bar") b.createTemplateString(from: ["foo", "baz"], interpolating: [bar]) - let marker = b.callFunction(b.loadBuiltin("getMarker")) + let marker = b.callFunction(b.createNamedVariable(forBuiltin: "getMarker")) let space = b.loadString(" ") let inner = b.createTemplateString(from: ["Hello", "World"], interpolating: [space]) let _ = b.createTemplateString(from: ["", "", "", ""], interpolating: [marker, inner, marker] ) @@ -1154,7 +1154,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let o = b.loadBuiltin("Obj") + let o = b.createNamedVariable(forBuiltin: "Obj") let propA = b.getProperty("a", of: o) let propB = b.getProperty("b", of: propA) let propC = b.getProperty("c", of: propB) @@ -1242,7 +1242,7 @@ class LifterTests: XCTestCase { b.configureElement(1, of: obj, usingFlags: [.writable, .enumerable], as: .setter(f2)) b.configureElement(2, of: obj, usingFlags: [.writable, .enumerable, .configurable], as: .getterSetter(f1, f2)) b.configureElement(3, of: obj, usingFlags: [], as: .value(num)) - let p = b.loadBuiltin("ComputedProperty") + let p = b.createNamedVariable(forBuiltin: "ComputedProperty") b.configureComputedProperty(p, of: obj, usingFlags: [.configurable], as: .getter(f1)) b.configureComputedProperty(p, of: obj, usingFlags: [.enumerable], as: .setter(f2)) b.configureComputedProperty(p, of: obj, usingFlags: [.writable], as: .getterSetter(f1, f2)) @@ -1317,7 +1317,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let o = b.loadBuiltin("o") + let o = b.createNamedVariable(forBuiltin: "o") let a = b.getProperty("a", of: o, guard: true) b.getProperty("b", of: a, guard: true) b.getElement(0, of: o, guard: true) @@ -1361,15 +1361,15 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let f1 = b.loadBuiltin("f1") - let f2 = b.loadBuiltin("f2") + let f1 = b.createNamedVariable(forBuiltin: "f1") + let f2 = b.createNamedVariable(forBuiltin: "f2") b.callFunction(f1, guard: true) let v1 = b.callFunction(f2, guard: true) - let c1 = b.loadBuiltin("c1") - let c2 = b.loadBuiltin("c2") + let c1 = b.createNamedVariable(forBuiltin: "c1") + let c2 = b.createNamedVariable(forBuiltin: "c2") b.construct(c1, guard: true) let v2 = b.construct(c2, guard: true) - let o = b.loadBuiltin("obj") + let o = b.createNamedVariable(forBuiltin: "obj") b.callMethod("m", on: o, guard: true) let v3 = b.callMethod("n", on: o, guard: true) b.callComputedMethod(b.loadString("o"), on: o, withArgs: [v1, v2, v3], guard: true) @@ -1429,9 +1429,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let s = b.loadString("print('Hello World!')") - var eval = b.loadBuiltin("eval") + var eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [s]) - let this = b.loadBuiltin("this") + let this = b.createNamedVariable(forBuiltin: "this") eval = b.getProperty("eval", of: this) // The property load must not be inlined, otherwise it would not be distinguishable from a method call (like the one following it). b.callFunction(eval, withArgs: [s]) @@ -1462,7 +1462,7 @@ class LifterTests: XCTestCase { initialValues.append(b.loadString("World")) let values = b.createArray(with: initialValues) let n = b.loadFloat(13.37) - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") let _ = b.callFunction(Array, withArgs: [values,n], spreading: [true,false]) let program = b.finalize() @@ -1480,7 +1480,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let r = b.callMethod("random", on: Math) b.callMethod("sin", on: Math, withArgs: [r]) @@ -1499,7 +1499,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") var initialValues = [Variable]() initialValues.append(b.loadInt(1)) initialValues.append(b.loadInt(3)) @@ -1528,7 +1528,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let s = b.loadString("Hello World") - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let iterator = b.getProperty("iterator", of: Symbol) let r = b.callComputedMethod(iterator, on: s) b.callMethod("next", on: r) @@ -1548,8 +1548,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let SomeObj = b.loadBuiltin("SomeObject") - let RandomMethod = b.loadBuiltin("RandomMethod") + let SomeObj = b.createNamedVariable(forBuiltin: "SomeObject") + let RandomMethod = b.createNamedVariable(forBuiltin: "RandomMethod") let randomMethod = b.callFunction(RandomMethod) let args = b.createArray(with: [b.loadInt(1), b.loadInt(2), b.loadInt(3), b.loadInt(4)]) b.callComputedMethod(randomMethod, on: SomeObj, withArgs: [args], spreading: [true]) @@ -1577,7 +1577,7 @@ class LifterTests: XCTestCase { let values = b.createArray(with: initialValues) let n1 = b.loadFloat(13.37) let n2 = b.loadFloat(13.38) - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") b.construct(Array, withArgs: [n1,values,n2], spreading: [false,true,false]) let program = b.finalize() @@ -1837,28 +1837,35 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let i1 = b.loadInt(42) let i2 = b.loadInt(1337) - b.defineNamedVariable("a", i1) - let vb = b.loadNamedVariable("b") - b.callFunction(print, withArgs: [vb]) - b.storeNamedVariable("c", i2) - b.defineNamedVariable("b", i2) - b.storeNamedVariable("b", i1) - let vc = b.loadNamedVariable("c") + let va = b.createNamedVariable("a", declarationMode: .let, initialValue: i1) + b.callFunction(print, withArgs: [va]) + let vb1 = b.createNamedVariable("b", declarationMode: .none) + b.callFunction(print, withArgs: [vb1]) + b.createNamedVariable("c", declarationMode: .global, initialValue: i2) + let vb2 = b.createNamedVariable("b", declarationMode: .var, initialValue: i2) + b.reassign(vb2, to: i1) + let vc = b.createNamedVariable("c", declarationMode: .none) b.callFunction(print, withArgs: [vc]) + let undefined = b.loadUndefined() + let vd = b.createNamedVariable("d", declarationMode: .let, initialValue: undefined) + b.callFunction(print, withArgs: [vd]) let program = b.finalize() let actual = fuzzer.lifter.lift(program) let expected = """ - var a = 42; + let a = 42; + print(a); print(b); c = 1337; var b = 1337; b = 42; print(c); + let d; + print(d); """ @@ -2048,7 +2055,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let shouldContinue = b.loadBuiltin("shouldContinue") + let shouldContinue = b.createNamedVariable(forBuiltin: "shouldContinue") b.buildWhileLoop({ b.callFunction(shouldContinue) }) { } @@ -2069,8 +2076,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let f = b.loadBuiltin("f") - let g = b.loadBuiltin("g") + let f = b.createNamedVariable(forBuiltin: "f") + let g = b.createNamedVariable(forBuiltin: "g") let loopVar = b.loadInt(10) b.buildWhileLoop({ b.callFunction(f); b.callFunction(g); return loopVar }) { b.unary(.PostDec, loopVar) @@ -2094,8 +2101,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") b.buildWhileLoop({ b.callFunction(f); let cond = b.callFunction(g); return cond }) { } @@ -2110,10 +2117,10 @@ class LifterTests: XCTestCase { XCTAssertEqual(actual, expected) - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") b.buildWhileLoop({ let cond = b.callFunction(f); b.callFunction(g); return cond }) { - b.callFunction(b.loadBuiltin("body")) + b.callFunction(b.createNamedVariable(forBuiltin: "body")) } program = b.finalize() @@ -2138,11 +2145,11 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildWhileLoop({ - let foobar = b.loadBuiltin("foobar") + let foobar = b.createNamedVariable(forBuiltin: "foobar") let v = b.callFunction(foobar) return b.binary(v, v, with: .Add) }) { - let doLoopBodyStuff = b.loadBuiltin("doLoopBodyStuff") + let doLoopBodyStuff = b.createNamedVariable(forBuiltin: "doLoopBodyStuff") b.callFunction(doLoopBodyStuff) } @@ -2166,10 +2173,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) b.buildWhileLoop({ b.callFunction(print, withArgs: [f]); return b.loadBool(false) }) { b.callFunction(print, withArgs: [g]) } @@ -2201,7 +2208,7 @@ class LifterTests: XCTestCase { let loopVar2 = b.loadInt(0) b.buildDoWhileLoop(do: { b.unary(.PostInc, loopVar2) - }, while: { b.callFunction(b.loadBuiltin("f"), withArgs: [loopVar2]) }) + }, while: { b.callFunction(b.createNamedVariable(forBuiltin: "f"), withArgs: [loopVar2]) }) b.unary(.PostInc, loopVar1) }, while: { b.compare(loopVar1, with: b.loadInt(42), using: .lessThan) }) @@ -2228,9 +2235,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildDoWhileLoop(do: { - let doSomething = b.loadBuiltin("doSomething") + let doSomething = b.createNamedVariable(forBuiltin: "doSomething") b.callFunction(doSomething) - }, while: { b.callFunction(b.loadBuiltin("f")); return b.callFunction(b.loadBuiltin("g")) }) + }, while: { b.callFunction(b.createNamedVariable(forBuiltin: "f")); return b.callFunction(b.createNamedVariable(forBuiltin: "g")) }) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -2249,10 +2256,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) b.buildDoWhileLoop(do: { b.callFunction(print, withArgs: [f]) }, while: { b.callFunction(print, withArgs: [g]); return b.loadBool(false) }) @@ -2281,7 +2288,7 @@ class LifterTests: XCTestCase { b.buildForLoop(i: { b.loadInt(0) }, { i in b.compare(i, with: b.loadInt(10), using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in b.buildForLoop(i: { b.loadInt(0) }, { j in b.compare(j, with: i, using: .lessThan) }, { j in b.unary(.PostInc, j) }) { j in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [i, j]) } } @@ -2326,10 +2333,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ return [b.callFunction(b.loadBuiltin("f1")), b.callFunction(b.loadBuiltin("f2"))] }, - { vars in b.callFunction(b.loadBuiltin("f3"), withArgs: [vars[0]]); return b.callFunction(b.loadBuiltin("f4"), withArgs: [vars[1]]) }, - { vars in b.callFunction(b.loadBuiltin("f5"), withArgs: [vars[1]]); b.callFunction(b.loadBuiltin("f6"), withArgs: [vars[0]]) }) { vars in - b.callFunction(b.loadBuiltin("f7"), withArgs: vars) + b.buildForLoop({ return [b.callFunction(b.createNamedVariable(forBuiltin: "f1")), b.callFunction(b.createNamedVariable(forBuiltin: "f2"))] }, + { vars in b.callFunction(b.createNamedVariable(forBuiltin: "f3"), withArgs: [vars[0]]); return b.callFunction(b.createNamedVariable(forBuiltin: "f4"), withArgs: [vars[1]]) }, + { vars in b.callFunction(b.createNamedVariable(forBuiltin: "f5"), withArgs: [vars[1]]); b.callFunction(b.createNamedVariable(forBuiltin: "f6"), withArgs: [vars[0]]) }) { vars in + b.callFunction(b.createNamedVariable(forBuiltin: "f7"), withArgs: vars) } let program = b.finalize() @@ -2348,10 +2355,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ let x = b.callFunction(b.loadBuiltin("f")); let y = b.callFunction(b.loadBuiltin("g")); b.callFunction(b.loadBuiltin("h")); return [x, y] }, + b.buildForLoop({ let x = b.callFunction(b.createNamedVariable(forBuiltin: "f")); let y = b.callFunction(b.createNamedVariable(forBuiltin: "g")); b.callFunction(b.createNamedVariable(forBuiltin: "h")); return [x, y] }, { vs in return b.compare(vs[0], with: vs[1], using: .lessThan) }, { vs in b.reassign(vs[0], to: vs[1], with: .Add) }) { vs in - b.callFunction(b.loadBuiltin("print"), withArgs: vs) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: vs) } let program = b.finalize() @@ -2378,10 +2385,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ b.callFunction(b.loadBuiltin("foo")); b.callFunction(b.loadBuiltin("bar")) }, + b.buildForLoop({ b.callFunction(b.createNamedVariable(forBuiltin: "foo")); b.callFunction(b.createNamedVariable(forBuiltin: "bar")) }, { - let shouldContinue = b.callFunction(b.loadBuiltin("shouldContinue")) - b.buildIf(b.callFunction(b.loadBuiltin("shouldNotContinue"))) { + let shouldContinue = b.callFunction(b.createNamedVariable(forBuiltin: "shouldContinue")) + b.buildIf(b.callFunction(b.createNamedVariable(forBuiltin: "shouldNotContinue"))) { b.reassign(shouldContinue, to: b.loadBool(false)) } return shouldContinue @@ -2415,7 +2422,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildForLoop(i: { b.loadInt(0) }, { b.compare($0, with: b.loadInt(100), using: .lessThan) }, { b.reassign($0, to: b.loadInt(10), with: .Add) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) } let program = b.finalize() @@ -2435,7 +2442,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop(i: { b.callFunction(b.loadBuiltin("f")); return b.callFunction(b.loadBuiltin("g")) }, {_ in b.loadBool(true) }, { _ in }) { i in + b.buildForLoop(i: { b.callFunction(b.createNamedVariable(forBuiltin: "f")); return b.callFunction(b.createNamedVariable(forBuiltin: "g")) }, {_ in b.loadBool(true) }, { _ in }) { i in b.loopBreak() } @@ -2483,12 +2490,12 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) - let i = b.callFunction(b.loadBuiltin("i")) - let j = b.callFunction(b.loadBuiltin("j")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) + let i = b.callFunction(b.createNamedVariable(forBuiltin: "i")) + let j = b.callFunction(b.createNamedVariable(forBuiltin: "j")) b.buildForLoop({ b.callFunction(print, withArgs: [f]) }, { b.callFunction(print, withArgs: [g]) }, { b.callFunction(print, withArgs: [h]) }) { b.callFunction(print, withArgs: [i]) @@ -2552,7 +2559,7 @@ class LifterTests: XCTestCase { b.buildRepeatLoop(n: 1337) { i in b.reassign(s, to: i, with: .Add) } - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [s]) let program = b.finalize() @@ -2578,7 +2585,7 @@ class LifterTests: XCTestCase { let a2 = b.createArray(with: [b.loadInt(20), b.loadInt(21), b.loadInt(22), b.loadInt(23)]) let a3 = b.createArray(with: [b.loadInt(30), b.loadInt(31), b.loadInt(32)]) let a4 = b.createArray(with: [a1, a2, a3]) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.buildForOfLoop(a4, selecting: [0,2], hasRestElement: true) { args in b.callFunction(print, withArgs: [args[0]]) b.buildForOfLoop(args[1]) { v in @@ -2669,8 +2676,8 @@ class LifterTests: XCTestCase { } } - let p1 = b.loadBuiltin("proto1") - let p2 = b.loadBuiltin("proto2") + let p1 = b.createNamedVariable(forBuiltin: "proto1") + let p2 = b.createNamedVariable(forBuiltin: "proto2") let v = b.loadInt(42) b.buildObjectLiteral { obj in @@ -2681,7 +2688,7 @@ class LifterTests: XCTestCase { obj.addProperty("baz", as: v) } - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let v2 = b.loadInt(43) let v3 = b.loadInt(44) b.buildSwitch(on: v) { swtch in @@ -2841,7 +2848,7 @@ class LifterTests: XCTestCase { b.binary(v0, v2, with: .Add) let v3 = b.loadInt(42) b.reassign(v3, to: v0) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [v0, v1, v2]) b.getProperty("foo", of: v1) b.getProperty("bar", of: v2) @@ -2897,14 +2904,14 @@ class LifterTests: XCTestCase { let f = b.buildPlainFunction(with: .parameters(n: 0)) { args in let v1 = b.loadInt(1) let v2 = b.loadInt(42) - let dispose = b.getProperty("dispose", of: b.loadBuiltin("Symbol")); + let dispose = b.getProperty("dispose", of: b.createNamedVariable(forBuiltin: "Symbol")); let disposableVariable = b.buildObjectLiteral { obj in obj.addProperty("value", as: v1) obj.addComputedMethod(dispose, with: .parameters(n:0)) { args in b.doReturn(v2) } } - let t = b.loadDisposableVariable(disposableVariable) + b.loadDisposableVariable(disposableVariable) } b.callFunction(f) @@ -2935,14 +2942,14 @@ class LifterTests: XCTestCase { let f = b.buildAsyncFunction(with: .parameters(n: 0)) { args in let v1 = b.loadInt(1) let v2 = b.loadInt(42) - let asyncDispose = b.getProperty("asyncDispose", of: b.loadBuiltin("Symbol")) + let asyncDispose = b.getProperty("asyncDispose", of: b.createNamedVariable(forBuiltin: "Symbol")) let asyncDisposableVariable = b.buildObjectLiteral { obj in obj.addProperty("value", as: v1) obj.addComputedMethod(asyncDispose, with: .parameters(n:0)) { args in b.doReturn(v2) } } - let t = b.loadAsyncDisposableVariable(asyncDisposableVariable) + b.loadAsyncDisposableVariable(asyncDisposableVariable) } let g = b.buildAsyncFunction(with: .parameters(n: 0)) { args in diff --git a/Tests/FuzzilliTests/MinimizerTest.swift b/Tests/FuzzilliTests/MinimizerTest.swift index d75e6c59f..75d54bb40 100644 --- a/Tests/FuzzilliTests/MinimizerTest.swift +++ b/Tests/FuzzilliTests/MinimizerTest.swift @@ -178,7 +178,7 @@ class MinimizerTests: XCTestCase { b.setProperty("bar", of: this, to: args[1]) } cls.addInstanceMethod("foo", with: .parameters(n: 0)) { args in - let importantFunction = b.loadBuiltin("ImportantFunction") + let importantFunction = b.createNamedVariable(forBuiltin: "ImportantFunction") evaluator.nextInstructionIsImportant(in: b) b.callFunction(importantFunction) } @@ -192,7 +192,7 @@ class MinimizerTests: XCTestCase { b.callMethod("foo", on: unusedInstance) // This class can be removed entirely - let supercls = b.loadBuiltin("SuperClass") + let supercls = b.createNamedVariable(forBuiltin: "SuperClass") let class3 = b.buildClassDefinition(withSuperclass: supercls) { cls in cls.addInstanceProperty("x", value: s) cls.addInstanceProperty("y") @@ -231,7 +231,7 @@ class MinimizerTests: XCTestCase { } } b.construct(class1) - let importantFunction = b.loadBuiltin("ImportantFunction") + let importantFunction = b.createNamedVariable(forBuiltin: "ImportantFunction") b.callFunction(importantFunction) let expectedProgram = b.finalize() @@ -453,7 +453,7 @@ class MinimizerTests: XCTestCase { } let k = b.loadString("code") b.setComputedProperty(k, of: o, to: c) - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [c]) b.deleteProperty("foo", of: o) @@ -698,12 +698,12 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - let f = b.loadBuiltin("f") + let f = b.createNamedVariable(forBuiltin: "f") let maxIterations = b.loadInt(10) let loopVar = b.loadInt(0) b.buildWhileLoop({ b.callFunction(f) }) { b.unary(.PostInc, loopVar) - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callMethod("bar", on: foo) let cond = b.compare(loopVar, with: maxIterations, using: .lessThan) @@ -715,7 +715,7 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callMethod("bar", on: foo) let expectedProgram = b.finalize() @@ -740,7 +740,7 @@ class MinimizerTests: XCTestCase { evaluator.nextInstructionIsImportant(in: b) b.loopBreak() } - let f = b.loadBuiltin("importantFunction") + let f = b.createNamedVariable(forBuiltin: "importantFunction") evaluator.nextInstructionIsImportant(in: b) b.callFunction(f) b.loopContinue() @@ -752,7 +752,7 @@ class MinimizerTests: XCTestCase { b.buildWhileLoop({ b.loadBool(true) }) { b.loopBreak() } - let f = b.loadBuiltin("importantFunction") + let f = b.createNamedVariable(forBuiltin: "importantFunction") b.callFunction(f) let expectedProgram = b.finalize() @@ -768,11 +768,11 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var d = b.loadBuiltin("d") - var e = b.loadBuiltin("e") - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var d = b.createNamedVariable(forBuiltin: "d") + var e = b.createNamedVariable(forBuiltin: "e") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") b.buildForLoop(i: { evaluator.nextInstructionIsImportant(in: b); return b.callFunction(d) }, { i in evaluator.nextInstructionIsImportant(in: b); b.callFunction(e); return b.compare(i, with: b.loadInt(100), using: .lessThan) }, { i in evaluator.nextInstructionIsImportant(in: b); b.callFunction(f); b.unary(.PostInc, i) }) { i in @@ -785,11 +785,11 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - d = b.loadBuiltin("d") - e = b.loadBuiltin("e") - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + d = b.createNamedVariable(forBuiltin: "d") + e = b.createNamedVariable(forBuiltin: "e") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") b.callFunction(d) b.buildRepeatLoop(n: 5) { i in b.callFunction(e) @@ -811,11 +811,11 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var d = b.loadBuiltin("d") - let e = b.loadBuiltin("e") - let f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var d = b.createNamedVariable(forBuiltin: "d") + let e = b.createNamedVariable(forBuiltin: "e") + let f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") // In this case, the for-loop is actually important (we emulate that by marking the EndForLoopAfterthought instruction as important b.buildForLoop(i: { evaluator.nextInstructionIsImportant(in: b); return b.callFunction(d) }, { i in b.callFunction(e); return b.compare(i, with: b.loadInt(100), using: .lessThan) }, @@ -829,9 +829,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - d = b.loadBuiltin("d") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + d = b.createNamedVariable(forBuiltin: "d") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") b.buildForLoop(i: { return b.callFunction(d) }, { i in b.compare(i, with: b.loadInt(100), using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in @@ -852,9 +852,9 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") var loopVar = b.loadInt(10) b.buildWhileLoop({ evaluator.nextInstructionIsImportant(in: b); b.callFunction(f); evaluator.nextInstructionIsImportant(in: b); return b.unary(.PostDec, loopVar) }) { evaluator.nextInstructionIsImportant(in: b) @@ -870,9 +870,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") loopVar = b.loadInt(10) b.buildRepeatLoop(n: 5) { b.callFunction(f) @@ -895,9 +895,9 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") var loopVar = b.loadInt(10) b.buildDoWhileLoop(do: { evaluator.nextInstructionIsImportant(in: b) @@ -913,9 +913,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") loopVar = b.loadInt(10) b.buildRepeatLoop(n: 5) { b.callFunction(f, withArgs: [loopVar]) @@ -938,7 +938,7 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 100) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) @@ -952,7 +952,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. // Five is currently the smallest iteration count tried by the LoopReducer. b.buildRepeatLoop(n: 5) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i]) b.loopContinue() } @@ -972,14 +972,14 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { b.buildRepeatLoop(n: 2) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") // The inner loop can't be deleted due to the data-flow dependency. evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) } // These instruction isn't needed and will be removed, allowing the loops to be merged. - let unimportant = b.loadBuiltin("unimportant") + let unimportant = b.createNamedVariable(forBuiltin: "unimportant") b.callFunction(unimportant) // Small hack: we force the outer loop to be kept by keeping the EndRepeatLoop instruction (which the loop merging won't change). @@ -990,7 +990,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. b.buildRepeatLoop(n: 4) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i]) } @@ -1009,11 +1009,11 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { i in // These instruction isn't needed and will be removed, allowing the loops to be merged. - let unimportant = b.loadBuiltin("unimportant") + let unimportant = b.createNamedVariable(forBuiltin: "unimportant") b.callFunction(unimportant) b.buildRepeatLoop(n: 2) { j in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i, j]) } @@ -1026,7 +1026,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. b.buildRepeatLoop(n: 4) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i, i]) } @@ -1045,12 +1045,12 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { // In this case, the loops cannot be merged since there is code in between them. - let important = b.loadBuiltin("important") + let important = b.createNamedVariable(forBuiltin: "important") evaluator.nextInstructionIsImportant(in: b) b.callFunction(important) b.buildRepeatLoop(n: 2) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) } @@ -1102,18 +1102,18 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var o = b.loadBuiltin("TheObject") + var o = b.createNamedVariable(forBuiltin: "TheObject") let vars = b.destruct(o, selecting: ["foo", "bar", "baz"]) - var print = b.loadBuiltin("print") + var print = b.createNamedVariable(forBuiltin: "print") evaluator.nextInstructionIsImportant(in: b) b.callFunction(print, withArgs: [vars[1]]) let originalProgram = b.finalize() // Build expected output program. - o = b.loadBuiltin("TheObject") + o = b.createNamedVariable(forBuiltin: "TheObject") let bar = b.getProperty("bar", of: o) - print = b.loadBuiltin("print") + print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [bar]) let expectedProgram = b.finalize() @@ -1129,18 +1129,18 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var o = b.loadBuiltin("TheArray") + var o = b.createNamedVariable(forBuiltin: "TheArray") let vars = b.destruct(o, selecting: [0, 3, 4]) - var print = b.loadBuiltin("print") + var print = b.createNamedVariable(forBuiltin: "print") evaluator.nextInstructionIsImportant(in: b) b.callFunction(print, withArgs: [vars[2]]) let originalProgram = b.finalize() // Build expected output program. - o = b.loadBuiltin("TheArray") + o = b.createNamedVariable(forBuiltin: "TheArray") let bar = b.getElement(4, of: o) - print = b.loadBuiltin("print") + print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [bar]) let expectedProgram = b.finalize() @@ -1156,38 +1156,38 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var foo = b.loadBuiltin("foo") + var foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo) - let foo2 = b.loadBuiltin("foo") + let foo2 = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo2) - var bar = b.loadBuiltin("bar") + var bar = b.createNamedVariable(forBuiltin: "bar") evaluator.nextInstructionIsImportant(in: b) var cond = b.callFunction(bar) evaluator.nextInstructionIsImportant(in: b) b.buildIf(cond) { - let baz = b.loadBuiltin("baz") + let baz = b.createNamedVariable(forBuiltin: "baz") evaluator.nextInstructionIsImportant(in: b) b.callFunction(baz) } - var baz = b.loadBuiltin("baz") + var baz = b.createNamedVariable(forBuiltin: "baz") evaluator.nextInstructionIsImportant(in: b) b.callFunction(baz) let originalProgram = b.finalize() // Build expected output program. - foo = b.loadBuiltin("foo") + foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo) b.callFunction(foo) - bar = b.loadBuiltin("bar") + bar = b.createNamedVariable(forBuiltin: "bar") cond = b.callFunction(bar) b.buildIf(cond) { - let baz = b.loadBuiltin("baz") + let baz = b.createNamedVariable(forBuiltin: "baz") b.callFunction(baz) } - baz = b.loadBuiltin("baz") + baz = b.createNamedVariable(forBuiltin: "baz") b.callFunction(baz) let expectedProgram = b.finalize() @@ -1203,14 +1203,14 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - let o = b.loadBuiltin("o") - let f = b.loadBuiltin("f") + let o = b.createNamedVariable(forBuiltin: "o") + let f = b.createNamedVariable(forBuiltin: "f") let v1 = b.getProperty("p1", of: o, guard: true) let v2 = b.getElement(2, of: o, guard: true) let v3 = b.getComputedProperty(b.loadString("p3"), of: o, guard: true) let v4 = b.callFunction(f, guard: true) let v5 = b.callMethod("m", on: o, guard: true) - let keepInputsAlive = b.loadBuiltin("keepInputsAlive") + let keepInputsAlive = b.createNamedVariable(forBuiltin: "keepInputsAlive") evaluator.nextInstructionIsImportant(in: b) b.callFunction(keepInputsAlive, withArgs: [v1, v2, v3, v4, v5]) diff --git a/Tests/FuzzilliTests/ProgramBuilderTest.swift b/Tests/FuzzilliTests/ProgramBuilderTest.swift index 918af4279..4dfe07a53 100644 --- a/Tests/FuzzilliTests/ProgramBuilderTest.swift +++ b/Tests/FuzzilliTests/ProgramBuilderTest.swift @@ -179,7 +179,7 @@ class ProgramBuilderTests: XCTestCase { // Now there's also a variable of unknown type, which may be anything. Since we don't have enough variables // of a known type, all queries will use a `MayBe` type query to find matches and so may return the unknown variable. - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssert([i, unknown].contains(b.randomVariable(forUseAs: .integer))) @@ -227,7 +227,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssertEqual(b.randomVariable(ofType: .integer), nil) XCTAssertEqual(b.randomVariable(ofType: .number), nil) @@ -235,7 +235,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() - let n = b.loadBuiltin("theNumber") + let n = b.createNamedVariable(forBuiltin: "theNumber") b.setType(ofVariable: n, to: .number) XCTAssertEqual(b.type(of: n), .number) XCTAssertEqual(b.randomVariable(ofType: .integer), nil) @@ -264,7 +264,7 @@ class ProgramBuilderTests: XCTestCase { XCTAssertEqual(b.randomVariable(preferablyNotOfType: .primitive), nil) XCTAssertEqual(b.randomVariable(preferablyNotOfType: .anything), nil) - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssert([v, unknown].contains(b.randomVariable(preferablyNotOfType: .string))) XCTAssertEqual(b.randomVariable(preferablyNotOfType: .primitive), unknown) @@ -293,7 +293,7 @@ class ProgramBuilderTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") XCTAssert(b.visibleVariables.contains(Math)) XCTAssertEqual(b.numberOfVisibleVariables, 1) @@ -531,7 +531,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() // And another similar example, but this time with a union type: .number - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") let n1 = b.getProperty("POSITIVE_INFINITY", of: Number) let n2 = b.getProperty("MIN_SAFE_INTEGER", of: Number) let n3 = b.getProperty("MAX_SAFE_INTEGER", of: Number) @@ -705,7 +705,7 @@ class ProgramBuilderTests: XCTestCase { let b = fuzzer.makeBuilder() let i = b.loadInt(42) - let v = b.loadBuiltin("v") + let v = b.createNamedVariable(forBuiltin: "v") b.buildSwitch(on: v) { swtch in XCTAssertIdentical(swtch, b.currentSwitchBlock) @@ -738,7 +738,7 @@ class ProgramBuilderTests: XCTestCase { var i2 = b.loadInt(0x42) let cond = b.compare(i1, with: i2, using: .lessThan) b.buildIfElse(cond, ifBody: { - let String = b.loadBuiltin("String") + let String = b.createNamedVariable(forBuiltin: "String") splicePoint = b.indexOfNextInstruction() b.callMethod("fromCharCode", on: String, withArgs: [i1]) b.callMethod("fromCharCode", on: String, withArgs: [i2]) @@ -757,7 +757,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // i2 = b.loadInt(0x41) - let String = b.loadBuiltin("String") + let String = b.createNamedVariable(forBuiltin: "String") b.callMethod("fromCharCode", on: String, withArgs: [i2]) let expected = b.finalize() @@ -903,7 +903,7 @@ class ProgramBuilderTests: XCTestCase { let f = b.buildPlainFunction(with: .parameters(n: 3)) { args in let t1 = b.binary(args[0], args[1], with: .Mul) let t2 = b.binary(t1, args[2], with: .Add) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") splicePoint = b.indexOfNextInstruction() b.callFunction(print, withArgs: [t2]) } @@ -925,7 +925,7 @@ class ProgramBuilderTests: XCTestCase { b.buildPlainFunction(with: .parameters(n: 3)) { args in let t1 = b.binary(args[0], args[1], with: .Mul) let t2 = b.binary(t1, args[2], with: .Add) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [t2]) } let expected = b.finalize() @@ -1000,7 +1000,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildAsyncFunction(with: .parameters(n: 0)) { _ in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") splicePoint = b.indexOfNextInstruction() b.await(promise) } @@ -1022,7 +1022,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // b.buildAsyncFunction(with: .parameters(n: 1)) { args in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") b.await(promise) } let expected = b.finalize() @@ -1038,7 +1038,7 @@ class ProgramBuilderTests: XCTestCase { // // Original Program // - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") let f = b.buildAsyncFunction(with: .parameters(n: 0)) { _ in let v = b.await(promise) let zero = b.loadInt(0) @@ -1065,7 +1065,7 @@ class ProgramBuilderTests: XCTestCase { // b.buildAsyncFunction(with: .parameters(n: 2)) { _ in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") let v = b.await(promise) b.unary(.PostDec, v) } @@ -1243,10 +1243,10 @@ class ProgramBuilderTests: XCTestCase { // // Original Program // - let p = b.loadBuiltin("ThePromise") + let p = b.createNamedVariable(forBuiltin: "ThePromise") let f = b.buildAsyncFunction(with: .parameters(n: 0)) { args in let v = b.await(p) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") splicePoint = b.indexOfNextInstruction() // We can only splice this if we replace |v| with another variable in the host program b.callFunction(print, withArgs: [v]) @@ -1356,7 +1356,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // let f = b.buildPlainFunction(with: .parameters(n: 3)) { args in - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") splicePoint = b.indexOfNextInstruction() b.callMethod("of", on: Array, withArgs: args) } @@ -1460,7 +1460,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // var f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } var n = b.loadInt(1337) @@ -1523,7 +1523,7 @@ class ProgramBuilderTests: XCTestCase { // // Here we have a function with one parameter of type .anything. var f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } XCTAssertEqual(b.type(of: f).signature?.parameters, [.anything]) @@ -1559,7 +1559,7 @@ class ProgramBuilderTests: XCTestCase { } n = b.loadInt(42) f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } b.callFunction(f, withArgs: [n]) @@ -1588,7 +1588,7 @@ class ProgramBuilderTests: XCTestCase { b.probabilityOfRemappingAnInstructionsOutputsDuringSplicing = 1.0 // For splicing, we will not use a variable of an unknown type as replacement. - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) b.loadBool(true) // This should also never be used as replacement as it definitely has a different type b.splice(from: original, at: splicePoint, mergeDataFlow: true) @@ -1598,7 +1598,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // let expected: Program - b.loadBuiltin("unknown") + b.createNamedVariable(forBuiltin: "unknown") b.loadBool(true) i = b.loadInt(42) b.unary(.PostInc, i) @@ -1881,7 +1881,7 @@ class ProgramBuilderTests: XCTestCase { var f = b.buildPlainFunction(with: .parameters(n: 2)) { args in splicePoint = b.indexOfNextInstruction() b.buildForLoop(i: { args[0] }, { i in b.compare(i, with: args[1], using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) b.loopBreak() } } @@ -1902,7 +1902,7 @@ class ProgramBuilderTests: XCTestCase { f = b.buildPlainFunction(with: .parameters(n: 2)) { args in splicePoint = b.indexOfNextInstruction() b.buildForLoop(i: { args[0] }, { i in b.compare(i, with: args[1], using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) b.loopBreak() } } @@ -1929,11 +1929,11 @@ class ProgramBuilderTests: XCTestCase { let o2 = b.createObject(with: ["i": i, "f": f2]) b.binary(i, args[0], with: .Add) b.setProperty("f", of: o, to: f2) - let object = b.loadBuiltin("Object") + let object = b.createNamedVariable(forBuiltin: "Object") let descriptor = b.createObject(with: ["value": b.loadString("foobar")]) b.callMethod("defineProperty", on: object, withArgs: [o, b.loadString("s"), descriptor]) b.callMethod("defineProperty", on: object, withArgs: [o2, b.loadString("s"), descriptor]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } let original = b.finalize() @@ -1955,10 +1955,10 @@ class ProgramBuilderTests: XCTestCase { b.reassign(f2, to: b.loadFloat(133.7)) // (Possibly) mutating instruction must be included let o = b.createObject(with: ["i": i, "f": f]) b.setProperty("f", of: o, to: f2) // (Possibly) mutating instruction must be included - let object = b.loadBuiltin("Object") + let object = b.createNamedVariable(forBuiltin: "Object") let descriptor = b.createObject(with: ["value": b.loadString("foobar")]) b.callMethod("defineProperty", on: object, withArgs: [o, b.loadString("s"), descriptor]) // (Possibly) mutating instruction must be included - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) let expected = b.finalize() @@ -2045,7 +2045,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildAsyncGeneratorFunction(with: .parameters(n: 2)) { _ in - let p = b.loadBuiltin("thePromise") + let p = b.createNamedVariable(forBuiltin: "thePromise") b.buildDoWhileLoop(do: { let v0 = b.loadInt(42) let _ = b.createObject(with: ["foo": v0]) @@ -2070,7 +2070,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // b.buildAsyncFunction(with: .parameters(n: 1)) { _ in - let p = b.loadBuiltin("thePromise") + let p = b.createNamedVariable(forBuiltin: "thePromise") let _ = b.await(p) } let expected = b.finalize() @@ -2148,7 +2148,7 @@ class ProgramBuilderTests: XCTestCase { splicePoint = b.indexOfNextInstruction() return c }) { - let foobar = b.loadBuiltin("foobar") + let foobar = b.createNamedVariable(forBuiltin: "foobar") b.callFunction(foobar) } let original = b.finalize() @@ -2171,11 +2171,11 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildDoWhileLoop(do: { - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo) }, while: { // Test that splicing out of the header works. - let bar = b.loadBuiltin("bar") + let bar = b.createNamedVariable(forBuiltin: "bar") splicePoint = b.indexOfNextInstruction() b.callFunction(bar) return b.loadBool(false) @@ -2191,7 +2191,7 @@ class ProgramBuilderTests: XCTestCase { // // Expected Program // - let bar = b.loadBuiltin("bar") + let bar = b.createNamedVariable(forBuiltin: "bar") b.callFunction(bar) let expected = b.finalize() @@ -2286,10 +2286,10 @@ class ProgramBuilderTests: XCTestCase { let code = b.buildCodeString() { let i = b.loadInt(42) let o = b.createObject(with: ["i": i]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") splicePoint = b.indexOfNextInstruction() b.callFunction(eval, withArgs: [code]) } @@ -2307,10 +2307,10 @@ class ProgramBuilderTests: XCTestCase { let code = b.buildCodeString() { let i = b.loadInt(42) let o = b.createObject(with: ["i": i]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code]) let expected = b.finalize() @@ -2404,7 +2404,7 @@ class ProgramBuilderTests: XCTestCase { b.loadInt(42) - let constructor = b.loadBuiltin("DataView") + let constructor = b.createNamedVariable(forBuiltin: "DataView") let signature = env.type(ofBuiltin: "DataView").signature! let variables = b.findOrGenerateArguments(forSignature: signature)