From e4dcc6adf3ab6045ebefdd7e1765035ceffb9d3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20Gro=C3=9F?= Date: Wed, 25 Dec 2024 11:27:12 +0100 Subject: [PATCH] Redesign named variables in FuzzIL This change replaces the three operations LoadNamedVariable, StoreNamedVariable, and DefineNamedVariable with a single new operation: CreateNamedVariable. This operation now simply creates a new FuzzIL variable that will be assigned a specific identifier during lifting. Optionally, the named variable can be declared using any of the available variable declaration modes: global, var, let, or const. Below is a small example of how CreateNamedVariable can be used: // Make an existing named variable (e.g. a builtin) available v0 <- CreateNamedVariable 'print', declarationMode: .none // Overwrite an existing named variable v1 <- CreateNamedVariable 'foo', declarationMode: .none v2 <- CallFunction v0, v1 v3 <- LoadString 'bar' Reassign v1, v3 // Declare a new named variable v4 <- CreateNamedVariable 'baz', declarationMode: .var, v1 v5 <- LoadString 'bla' Update v4 '+' v5 v5 <- CallFunction v0, v4 This will lift to JavaScript code similar to the following: print(foo); foo = "bar"; var baz = foo; baz += "bla"; print(baz); With this, we now have a single, flexible way of creating variables that have a specific name. We now use this: * For builtins, which are effectively just existing named variables in the global scope. This also now makes it (easily) possible to overwrite builtins. As such, The LoadBuiltin operation was removed. * During code generation, to sometimes create variables with specific names in generated code (we use random property names). * In the compiler. This is the main user of named variables and this is where this change has the most impact: we now compiler _every_ variable declaration to a CreateNamedVariable operation. This now makes it possible to correctly compiler any code that relies on variable names, for example due to using `eval`, with statements, or similar constructs. See some of the added/modified tests for examples. The consequence of this is that compiled code will now often have a lot of CreateNamedVariable operations. However, as these are now just regular FuzzIL variables, this change should not significantly affect mutability of the programs. In the future, we could consider implementing a specific minimizer (that we could also run during corpus import) to remove unneeded CreateNamedVariable operations. However, it will likely be somewhat difficult to determine when such an operation is not needed. --- Sources/Fuzzilli/Base/ProgramBuilder.swift | 24 +- .../CodeGen/CodeGeneratorWeights.swift | 4 +- Sources/Fuzzilli/CodeGen/CodeGenerators.swift | 91 +- .../Fuzzilli/CodeGen/ProgramTemplates.swift | 6 +- Sources/Fuzzilli/Compiler/Compiler.swift | 140 ++-- Sources/Fuzzilli/FuzzIL/Instruction.swift | 23 +- Sources/Fuzzilli/FuzzIL/JSTyper.swift | 16 +- Sources/Fuzzilli/FuzzIL/JsOperations.swift | 126 +-- Sources/Fuzzilli/FuzzIL/Opcodes.swift | 5 +- Sources/Fuzzilli/FuzzIL/Semantics.swift | 2 - Sources/Fuzzilli/Fuzzer.swift | 7 +- Sources/Fuzzilli/Lifting/FuzzILLifter.swift | 15 +- .../Fuzzilli/Lifting/JavaScriptLifter.swift | 46 +- .../Minimization/DeduplicatingReducer.swift | 25 +- .../Fuzzilli/Mutators/OperationMutator.swift | 10 +- .../Fuzzilli/Mutators/ProbingMutator.swift | 4 +- .../Mutators/RuntimeAssistedMutator.swift | 8 +- Sources/Fuzzilli/Protobuf/operations.pb.swift | 195 ++--- Sources/Fuzzilli/Protobuf/operations.proto | 18 +- Sources/Fuzzilli/Protobuf/program.pb.swift | 789 ++++++++---------- Sources/Fuzzilli/Protobuf/program.proto | 225 +++-- Sources/FuzzilliCli/Profiles/JSCProfile.swift | 2 +- .../Profiles/SpidermonkeyProfile.swift | 2 +- .../Profiles/V8HoleFuzzingProfile.swift | 2 +- Sources/FuzzilliCli/Profiles/V8Profile.swift | 10 +- Sources/FuzzilliCli/Profiles/XSProfile.swift | 18 +- Tests/FuzzilliTests/AnalyzerTest.swift | 2 +- .../CompilerTests/advanced_loops.js | 9 + .../CompilerTests/basic_object_access.js | 12 +- .../CompilerTests/basic_scoping.js | 12 +- .../CompilerTests/named_variables.js | 50 ++ Tests/FuzzilliTests/JSTyperTests.swift | 28 +- Tests/FuzzilliTests/LifterTest.swift | 227 ++--- Tests/FuzzilliTests/MinimizerTest.swift | 138 +-- Tests/FuzzilliTests/ProgramBuilderTest.swift | 80 +- 35 files changed, 1131 insertions(+), 1240 deletions(-) create mode 100644 Tests/FuzzilliTests/CompilerTests/named_variables.js diff --git a/Sources/Fuzzilli/Base/ProgramBuilder.swift b/Sources/Fuzzilli/Base/ProgramBuilder.swift index ccb5f7147..c4031cc4a 100644 --- a/Sources/Fuzzilli/Base/ProgramBuilder.swift +++ b/Sources/Fuzzilli/Base/ProgramBuilder.swift @@ -517,7 +517,7 @@ public class ProgramBuilder { // We can be sure that we have such a builtin with a signature because the Environment checks this during initialization. let signature = fuzzer.environment.type(ofBuiltin: group).signature! - let constructor = loadBuiltin(group) + let constructor = createNamedVariable(forBuiltin: group) let arguments = findOrGenerateArgumentsInternal(forSignature: signature) let constructed = construct(constructor, withArgs: arguments) @@ -1939,11 +1939,6 @@ public class ProgramBuilder { return emit(CreateTemplateString(parts: parts), withInputs: interpolatedValues).output } - @discardableResult - public func loadBuiltin(_ name: String) -> Variable { - return emit(LoadBuiltin(builtinName: name)).output - } - @discardableResult public func getProperty(_ name: String, of object: Variable, guard isGuarded: Bool = false) -> Variable { return emit(GetProperty(propertyName: name, isGuarded: isGuarded), withInputs: [object]).output @@ -2325,16 +2320,15 @@ public class ProgramBuilder { } @discardableResult - public func loadNamedVariable(_ name: String) -> Variable { - return emit(LoadNamedVariable(name)).output + public func createNamedVariable(_ name: String, declarationMode: NamedVariableDeclarationMode, initialValue: Variable? = nil) -> Variable { + assert((declarationMode == .none) == (initialValue == nil)) + let inputs = initialValue != nil ? [initialValue!] : [] + return emit(CreateNamedVariable(name, declarationMode: declarationMode), withInputs: inputs).output } - - public func storeNamedVariable(_ name: String, _ value: Variable) { - emit(StoreNamedVariable(name), withInputs: [value]) - } - - public func defineNamedVariable(_ name: String, _ value: Variable) { - emit(DefineNamedVariable(name), withInputs: [value]) + + @discardableResult + public func createNamedVariable(forBuiltin builtinName: String) -> Variable { + return createNamedVariable(builtinName, declarationMode: .none) } @discardableResult diff --git a/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift b/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift index f66cde620..0ded74759 100644 --- a/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift +++ b/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift @@ -25,6 +25,7 @@ public let codeGeneratorWeights = [ "BooleanGenerator": 2, "UndefinedGenerator": 1, "NullGenerator": 1, + "NamedVariableGenerator": 10, "ArrayGenerator": 10, "FloatArrayGenerator": 10, "IntArrayGenerator": 10, @@ -133,9 +134,6 @@ public let codeGeneratorWeights = [ "DestructObjectAndReassignGenerator": 5, "WithStatementGenerator": 3, "ComparisonGenerator": 10, - "NamedVariableLoadGenerator": 3, - "NamedVariableStoreGenerator": 3, - "NamedVariableDefinitionGenerator": 3, "SuperMethodCallGenerator": 20, // These will only be used inside class methods, and only if private properties were previously declared in that class. diff --git a/Sources/Fuzzilli/CodeGen/CodeGenerators.swift b/Sources/Fuzzilli/CodeGen/CodeGenerators.swift index 0be26abe9..62403082c 100644 --- a/Sources/Fuzzilli/CodeGen/CodeGenerators.swift +++ b/Sources/Fuzzilli/CodeGen/CodeGenerators.swift @@ -100,7 +100,7 @@ public let CodeGenerators: [CodeGenerator] = [ ValueGenerator("BuiltinObjectInstanceGenerator") { b, n in let builtin = chooseUniform(from: ["Array", "Map", "WeakMap", "Set", "WeakSet", "Date"]) - let constructor = b.loadBuiltin(builtin) + let constructor = b.createNamedVariable(forBuiltin: builtin) if builtin == "Array" { let size = b.loadInt(b.randomSize(upTo: 0x1000)) b.construct(constructor, withArgs: [size]) @@ -113,8 +113,8 @@ public let CodeGenerators: [CodeGenerator] = [ ValueGenerator("TypedArrayGenerator") { b, n in for _ in 0.. Void in - let propertyName = b.type(of: obj).randomProperty() ?? b.randomCustomPropertyName() - b.loadNamedVariable(propertyName) - }, else: { () -> Void in + for i in 1...3 { let propertyName = b.type(of: obj).randomProperty() ?? b.randomCustomPropertyName() - let value = b.randomVariable() - b.storeNamedVariable(propertyName, value) - }) + b.createNamedVariable(propertyName, declarationMode: .none) + } b.buildRecursive() } }, - CodeGenerator("NamedVariableLoadGenerator") { b in - // We're using the custom property names set from the environment for named variables. - // It's not clear if there's something better since that set should be relatively small - // (increasing the probability that named variables will be reused), and it also makes - // sense to use property names if we're inside a `with` statement. - b.loadNamedVariable(b.randomCustomPropertyName()) - }, - - CodeGenerator("NamedVariableStoreGenerator") { b in - let value = b.randomVariable() - b.storeNamedVariable(b.randomCustomPropertyName(), value) - }, - - CodeGenerator("NamedVariableDefinitionGenerator") { b in - let value = b.randomVariable() - b.defineNamedVariable(b.randomCustomPropertyName(), value) - }, - RecursiveCodeGenerator("EvalGenerator") { b in let code = b.buildCodeString() { b.buildRecursive() } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code]) }, @@ -1629,7 +1622,7 @@ public let CodeGenerators: [CodeGenerator] = [ let numComputations = Int.random(in: 3...7) // Common mathematical operations are exposed through the Math builtin in JavaScript. - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") b.hide(Math) // Following code generators should use the numbers generated below, not the Math object. var values = b.randomVariables(upTo: Int.random(in: 1...3)) @@ -1676,7 +1669,7 @@ public let CodeGenerators: [CodeGenerator] = [ } } } else { - let toPrimitive = b.getProperty("toPrimitive", of: b.loadBuiltin("Symbol")) + let toPrimitive = b.getProperty("toPrimitive", of: b.createNamedVariable(forBuiltin: "Symbol")) imitation = b.buildObjectLiteral { obj in obj.addComputedMethod(toPrimitive, with: .parameters(n: 0)) { _ in b.buildRecursive(n: 3) @@ -1689,7 +1682,7 @@ public let CodeGenerators: [CodeGenerator] = [ // A lot of functions are also objects, so we could handle them either way. However, it probably makes more sense to handle // them as a function since they would otherwise no longer be callable. let handler = b.createObject(with: [:]) - let Proxy = b.loadBuiltin("Proxy") + let Proxy = b.createNamedVariable(forBuiltin: "Proxy") imitation = b.construct(Proxy, withArgs: [orig, handler]) } else if b.type(of: orig).Is(.object()) { // Either make a class that extends that object's constructor or make a new object with the original object as prototype. @@ -1724,13 +1717,13 @@ public let CodeGenerators: [CodeGenerator] = [ if maxSize < size { maxSize = size } - let ArrayBuffer = b.loadBuiltin("ArrayBuffer") + let ArrayBuffer = b.createNamedVariable(forBuiltin: "ArrayBuffer") b.hide(ArrayBuffer) let options = b.createObject(with: ["maxByteLength": b.loadInt(maxSize)]) let ab = b.construct(ArrayBuffer, withArgs: [b.loadInt(size), options]) - let View = b.loadBuiltin( - chooseUniform( + let View = b.createNamedVariable( + forBuiltin: chooseUniform( from: ["Uint8Array", "Int8Array", "Uint16Array", "Int16Array", "Uint32Array", "Int32Array", "Float32Array", "Float64Array", "Uint8ClampedArray", "BigInt64Array", "BigUint64Array", "DataView"] ) ) @@ -1743,13 +1736,13 @@ public let CodeGenerators: [CodeGenerator] = [ if maxSize < size { maxSize = size } - let ArrayBuffer = b.loadBuiltin("SharedArrayBuffer") + let ArrayBuffer = b.createNamedVariable(forBuiltin: "SharedArrayBuffer") b.hide(ArrayBuffer) let options = b.createObject(with: ["maxByteLength": b.loadInt(maxSize)]) let ab = b.construct(ArrayBuffer, withArgs: [b.loadInt(size), options]) - let View = b.loadBuiltin( - chooseUniform( + let View = b.createNamedVariable( + forBuiltin: chooseUniform( from: ["Uint8Array", "Int8Array", "Uint16Array", "Int16Array", "Uint32Array", "Int32Array", "Float32Array", "Float64Array", "Uint8ClampedArray", "BigInt64Array", "BigUint64Array", "DataView"] ) ) @@ -1802,7 +1795,7 @@ public let CodeGenerators: [CodeGenerator] = [ }, CodeGenerator("IteratorGenerator") { b in - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") b.hide(Symbol) let iteratorSymbol = b.getProperty("iterator", of: Symbol) b.hide(iteratorSymbol) diff --git a/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift b/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift index 04854911a..042513580 100644 --- a/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift +++ b/Sources/Fuzzilli/CodeGen/ProgramTemplates.swift @@ -228,7 +228,7 @@ public let ProgramTemplates = [ b.build(n: 25) // Generate random JSON payloads by stringifying random values - let JSON = b.loadBuiltin("JSON") + let JSON = b.createNamedVariable(forBuiltin: "JSON") var jsonPayloads = [Variable]() for _ in 0..() - /// List of all named variables. - /// TODO instead of a global list, this should be per (var) scope. - private var namedVariables = Set() - /// The next free FuzzIL variable. private var nextVariable = 0 @@ -95,14 +91,26 @@ public class JavaScriptCompiler { if decl.hasValue { initialValue = try compileExpression(decl.value) } else { + // TODO(saelo): consider caching the `undefined` value for future uses initialValue = emit(LoadUndefined()).output } - if variableDeclaration.kind == .var && namedVariables.contains(decl.name) { - emit(DefineNamedVariable(decl.name), withInputs: [initialValue]) - } else { - map(decl.name, to: initialValue) + let declarationMode: NamedVariableDeclarationMode + switch variableDeclaration.kind { + case .var: + declarationMode = .var + case .let: + declarationMode = .let + case .const: + declarationMode = .const + case .UNRECOGNIZED(let type): + throw CompilerError.invalidNodeError("invalid variable declaration type \(type)") } + + let v = emit(CreateNamedVariable(decl.name, declarationMode: declarationMode), withInputs: [initialValue]).output + // Variables declared with .var are allowed to overwrite each other. + assert(!currentScope.keys.contains(decl.name) || declarationMode == .var) + mapOrRemap(decl.name, to: v) } case .functionDeclaration(let functionDeclaration): @@ -126,7 +134,9 @@ public class JavaScriptCompiler { } let instr = emit(functionBegin) - map(functionDeclaration.name, to: instr.output) + // The function may have been accessed before it was defined due to function hoisting, so + // here we may overwrite an existing variable mapping. + mapOrRemap(functionDeclaration.name, to: instr.output) try enterNewScope { mapParameters(functionDeclaration.parameters, to: instr.innerOutputs) for statement in functionDeclaration.body { @@ -352,12 +362,12 @@ public class JavaScriptCompiler { emit(EndDoWhileLoop(), withInputs: [cond]) case .forLoop(let forLoop): - try enterNewScope { - var loopVariables = [String]() + var loopVariables = [String]() - // Process initializer. - var initialLoopVariableValues = [Variable]() - emit(BeginForLoopInitializer()) + // Process initializer. + var initialLoopVariableValues = [Variable]() + emit(BeginForLoopInitializer()) + try enterNewScope { if let initializer = forLoop.initializer { switch initializer { case .declaration(let declaration): @@ -369,32 +379,38 @@ public class JavaScriptCompiler { try compileExpression(expression) } } + } - // Process condition. - var outputs = emit(BeginForLoopCondition(numLoopVariables: loopVariables.count), withInputs: initialLoopVariableValues).innerOutputs + // Process condition. + var outputs = emit(BeginForLoopCondition(numLoopVariables: loopVariables.count), withInputs: initialLoopVariableValues).innerOutputs + var cond: Variable? = nil + try enterNewScope { zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) - let cond: Variable if forLoop.hasCondition { cond = try compileExpression(forLoop.condition) } else { cond = emit(LoadBoolean(value: true)).output } + } - // Process afterthought. - outputs = emit(BeginForLoopAfterthought(numLoopVariables: loopVariables.count), withInputs: [cond]).innerOutputs - zip(loopVariables, outputs).forEach({ remap($0, to: $1 )}) + // Process afterthought. + outputs = emit(BeginForLoopAfterthought(numLoopVariables: loopVariables.count), withInputs: [cond!]).innerOutputs + try enterNewScope { + zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) if forLoop.hasAfterthought { try compileExpression(forLoop.afterthought) } + } - // Process body - outputs = emit(BeginForLoopBody(numLoopVariables: loopVariables.count)).innerOutputs - zip(loopVariables, outputs).forEach({ remap($0, to: $1 )}) + // Process body + outputs = emit(BeginForLoopBody(numLoopVariables: loopVariables.count)).innerOutputs + try enterNewScope { + zip(loopVariables, outputs).forEach({ map($0, to: $1 )}) try compileBody(forLoop.body) - - emit(EndForLoop()) } + emit(EndForLoop()) + case .forInLoop(let forInLoop): let initializer = forInLoop.left; guard !initializer.hasValue else { @@ -545,9 +561,8 @@ public class JavaScriptCompiler { case .identifier(let identifier): // Identifiers can generally turn into one of three things: // 1. A FuzzIL variable that has previously been associated with the identifier - // 2. A LoadBuiltin operation if the identifier belongs to a builtin object (as defined by the environment) - // 3. A LoadUndefined or LoadArguments operations if the identifier is "undefined" or "arguments" respectively - // 4. A LoadNamedVariable operation in all other cases (typically global or hoisted variables, but could also be properties in a with statement) + // 2. A LoadUndefined or LoadArguments operations if the identifier is "undefined" or "arguments" respectively + // 3. A CreateNamedVariable operation in all other cases (typically global or hoisted variables, but could also be properties in a with statement) // We currently fall-back to case 3 if none of the other works. However, this isn't quite correct as it would incorrectly deal with e.g. // @@ -567,11 +582,6 @@ public class JavaScriptCompiler { } // Case 2 - if environment.builtins.contains(identifier.name) { - return emit(LoadBuiltin(builtinName: identifier.name)).output - } - - // Case 3 assert(identifier.name != "this") // This is handled via ThisExpression if identifier.name == "undefined" { return emit(LoadUndefined()).output @@ -579,12 +589,12 @@ public class JavaScriptCompiler { return emit(LoadArguments()).output } - // Case 4 - // In this case, we need to remember that this variable was accessed in the current scope. - // If the variable access is hoisted, and the variable is defined later, then this allows - // the variable definition to turn into a DefineNamedVariable operation. - namedVariables.insert(identifier.name) - return emit(LoadNamedVariable(identifier.name)).output + // Case 3 + let v = emit(CreateNamedVariable(identifier.name, declarationMode: .none)).output + // Cache the variable in case it is reused again to avoid emitting multiple + // CreateNamedVariable operations for the same variable. + map(identifier.name, to: v) + return v case .numberLiteral(let literal): if let intValue = Int64(exactly: literal.value) { @@ -599,7 +609,7 @@ public class JavaScriptCompiler { } else { // TODO should LoadBigInt support larger integer values (represented as string)? let stringValue = emit(LoadString(value: literal.value)).output - let BigInt = emit(LoadBuiltin(builtinName: "BigInt")).output + let BigInt = emit(CreateNamedVariable("BigInt", declarationMode: .none)).output return emit(CallFunction(numArguments: 1, isGuarded: false), withInputs: [BigInt, stringValue]).output } @@ -652,7 +662,6 @@ public class JavaScriptCompiler { } switch lhs { - case .memberExpression(let memberExpression): // Compile to a Set- or Update{Property/Element/ComputedProperty} operation let object = try compileExpression(memberExpression.object) @@ -680,6 +689,7 @@ public class JavaScriptCompiler { } } } + case .superMemberExpression(let superMemberExpression): guard superMemberExpression.isOptional == false else { throw CompilerError.unsupportedFeatureError("Optional chaining is not supported in super member expressions") @@ -705,36 +715,24 @@ public class JavaScriptCompiler { emit(SetComputedSuperProperty(), withInputs: [property, rhs]) } - case .identifier(let identifier): - if let lhs = lookupIdentifier(identifier.name) { - // Compile to a Reassign or Update operation - switch assignmentExpression.operator { - case "=": - emit(Reassign(), withInputs: [lhs, rhs]) - default: - // It's something like "+=", "-=", etc. - let binaryOperator = String(assignmentExpression.operator.dropLast()) - guard let op = BinaryOperator(rawValue: binaryOperator) else { - throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") - } - emit(Update(op), withInputs: [lhs, rhs]) - } - } else { - // It's (probably) a hoisted or a global variable access. Compile as a named variable. - switch assignmentExpression.operator { - case "=": - emit(StoreNamedVariable(identifier.name), withInputs: [rhs]) - default: - // It's something like "+=", "-=", etc. - let binaryOperator = String(assignmentExpression.operator.dropLast()) - guard let op = BinaryOperator(rawValue: binaryOperator) else { - throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") - } - let oldVal = emit(LoadNamedVariable(identifier.name)).output - let newVal = emit(BinaryOperation(op), withInputs: [oldVal, rhs]).output - emit(StoreNamedVariable(identifier.name), withInputs: [newVal]) + // Try to lookup the variable belonging to the identifier. If there is none, we're (probably) dealing with + // an access to a global variable/builtin or a hoisted variable access. In the case, create a named variable. + let lhs = lookupIdentifier(identifier.name) ?? emit(CreateNamedVariable(identifier.name, declarationMode: .none)).output + + // Compile to a Reassign or Update operation + switch assignmentExpression.operator { + case "=": + // TODO(saelo): if we're assigning to a named variable, we could also generate a declaration + // of a global variable here instead. Probably it doeesn't matter in practice though. + emit(Reassign(), withInputs: [lhs, rhs]) + default: + // It's something like "+=", "-=", etc. + let binaryOperator = String(assignmentExpression.operator.dropLast()) + guard let op = BinaryOperator(rawValue: binaryOperator) else { + throw CompilerError.invalidNodeError("Unknown assignment operator \(assignmentExpression.operator)") } + emit(Update(op), withInputs: [lhs, rhs]) } default: @@ -1178,6 +1176,10 @@ public class JavaScriptCompiler { assert(scopes.top[identifier] != nil) scopes.top[identifier] = v } + + private func mapOrRemap(_ identifier: String, to v: Variable) { + scopes.top[identifier] = v + } private func mapParameters(_ parameters: [Compiler_Protobuf_Parameter], to variables: ArraySlice) { assert(parameters.count == variables.count) diff --git a/Sources/Fuzzilli/FuzzIL/Instruction.swift b/Sources/Fuzzilli/FuzzIL/Instruction.swift index d25ef29b2..da5cfcb56 100644 --- a/Sources/Fuzzilli/FuzzIL/Instruction.swift +++ b/Sources/Fuzzilli/FuzzIL/Instruction.swift @@ -500,8 +500,6 @@ extension Instruction: ProtobufConvertible { $0.createArrayWithSpread = Fuzzilli_Protobuf_CreateArrayWithSpread.with { $0.spreads = op.spreads } case .createTemplateString(let op): $0.createTemplateString = Fuzzilli_Protobuf_CreateTemplateString.with { $0.parts = op.parts } - case .loadBuiltin(let op): - $0.loadBuiltin = Fuzzilli_Protobuf_LoadBuiltin.with { $0.builtinName = op.builtinName } case .getProperty(let op): $0.getProperty = Fuzzilli_Protobuf_GetProperty.with { $0.propertyName = op.propertyName @@ -697,12 +695,11 @@ extension Instruction: ProtobufConvertible { } case .compare(let op): $0.compare = Fuzzilli_Protobuf_Compare.with { $0.op = convertEnum(op.op, Comparator.allCases) } - case .loadNamedVariable(let op): - $0.loadNamedVariable = Fuzzilli_Protobuf_LoadNamedVariable.with { $0.variableName = op.variableName } - case .storeNamedVariable(let op): - $0.storeNamedVariable = Fuzzilli_Protobuf_StoreNamedVariable.with { $0.variableName = op.variableName } - case .defineNamedVariable(let op): - $0.defineNamedVariable = Fuzzilli_Protobuf_DefineNamedVariable.with { $0.variableName = op.variableName } + case .createNamedVariable(let op): + $0.createNamedVariable = Fuzzilli_Protobuf_CreateNamedVariable.with { + $0.variableName = op.variableName + $0.declarationMode = convertEnum(op.declarationMode, NamedVariableDeclarationMode.allCases) + } case .eval(let op): $0.eval = Fuzzilli_Protobuf_Eval.with { $0.code = op.code @@ -1006,8 +1003,6 @@ extension Instruction: ProtobufConvertible { op = CreateArrayWithSpread(spreads: p.spreads) case .createTemplateString(let p): op = CreateTemplateString(parts: p.parts) - case .loadBuiltin(let p): - op = LoadBuiltin(builtinName: p.builtinName) case .getProperty(let p): op = GetProperty(propertyName: p.propertyName, isGuarded: p.isGuarded) case .setProperty(let p): @@ -1141,12 +1136,8 @@ extension Instruction: ProtobufConvertible { op = DestructObjectAndReassign(properties: p.properties, hasRestElement: p.hasRestElement_p) case .compare(let p): op = Compare(try convertEnum(p.op, Comparator.allCases)) - case .loadNamedVariable(let p): - op = LoadNamedVariable(p.variableName) - case .storeNamedVariable(let p): - op = StoreNamedVariable(p.variableName) - case .defineNamedVariable(let p): - op = DefineNamedVariable(p.variableName) + case .createNamedVariable(let p): + op = CreateNamedVariable(p.variableName, declarationMode: try convertEnum(p.declarationMode, NamedVariableDeclarationMode.allCases)) case .eval(let p): let numArguments = inouts.count - (p.hasOutput_p ? 1 : 0) op = Eval(p.code, numArguments: numArguments, hasOutput: p.hasOutput_p) diff --git a/Sources/Fuzzilli/FuzzIL/JSTyper.swift b/Sources/Fuzzilli/FuzzIL/JSTyper.swift index c2b0b2910..a83690159 100644 --- a/Sources/Fuzzilli/FuzzIL/JSTyper.swift +++ b/Sources/Fuzzilli/FuzzIL/JSTyper.swift @@ -451,9 +451,6 @@ public struct JSTyper: Analyzer { } switch instr.op.opcode { - case .loadBuiltin(let op): - set(instr.output, environment.type(ofBuiltin: op.builtinName)) - case .loadInteger: set(instr.output, environment.intType) @@ -480,6 +477,15 @@ public struct JSTyper: Analyzer { case .loadArguments: set(instr.output, environment.argumentsType) + + case .createNamedVariable(let op): + if op.hasInitialValue { + set(instr.output, type(ofInput: 0)) + } else if (environment.hasBuiltin(op.variableName)) { + set(instr.output, environment.type(ofBuiltin: op.variableName)) + } else { + set(instr.output, .anything) + } case .loadDisposableVariable: set(instr.output, type(ofInput: 0)) @@ -734,10 +740,6 @@ public struct JSTyper: Analyzer { case .compare: set(instr.output, .boolean) - case .loadNamedVariable: - // We don't currently track these. - set(instr.output, .anything) - case .await: // TODO if input type is known, set to input type and possibly unwrap the Promise set(instr.output, .anything) diff --git a/Sources/Fuzzilli/FuzzIL/JsOperations.swift b/Sources/Fuzzilli/FuzzIL/JsOperations.swift index 62b7a4497..1dac83d0d 100644 --- a/Sources/Fuzzilli/FuzzIL/JsOperations.swift +++ b/Sources/Fuzzilli/FuzzIL/JsOperations.swift @@ -229,6 +229,79 @@ final class LoadArguments: JsOperation { } } +// Named Variables. +// +// Named variables are variables with a specific name. They are created through the +// CreateNamedVariable operation and are useful whenever the name of a variable is +// (potentially) important. In particular they are used frequenty when compiling +// existing JavaScript code to FuzzIL. Furthermore, named variables are also used to +// access builtins as these are effectively just global/pre-existing named variables. +// +// When declaring a new named variable (i.e. when the declarationMode is not .none), +// then an initial value must be provided (as first and only input to the operation). +// "Uninitialized" named variables can be created by using `undefined` as initial value. +// +// The following code is a simple demonstration of named variables: +// +// // Make an existing named variable (e.g. a builtin) available +// v0 <- CreateNamedVariable 'print', declarationMode: .none +// +// // Overwrite an existing named variable +// v1 <- CreateNamedVariable 'foo', declarationMode: .none +// v2 <- CallFunction v0, v1 +// v3 <- LoadString 'bar' +// Reassign v1, v3 +// +// // Declare a new named variable +// v4 <- CreateNamedVariable 'baz', declarationMode: .var, v1 +// v5 <- LoadString 'bla' +// Update v4 '+' v5 +// v5 <- CallFunction v0, v4 +// +// This will lift to JavaScript code similar to the following: +// +// print(foo); +// foo = "bar"; +// var baz = foo; +// baz += "bla"; +// print(baz); +// +public enum NamedVariableDeclarationMode : CaseIterable { + // The variable is assumed to already exist and therefore is not declared again. + // This is for example used for global variables and builtins, but also to support + // variable and function hoisting where an identifier is used before it is defined. + case none + // Declare the variable as global variable without any declaration keyword. + case global + // Declare the variable using the 'var' keyword. + case `var` + // Declare the variable using the 'let' keyword. + case `let` + // Declare the variable using the 'const' keyword. + case const +} + +final class CreateNamedVariable: JsOperation { + override var opcode: Opcode { .createNamedVariable(self) } + + let variableName: String + let declarationMode: NamedVariableDeclarationMode + + // Currently, all named variable declarations need an initial value. "undefined" can be + // used when no initial value is available, in which case the lifter will not emit an assignment. + // We could also consider allowing variable declarations without an initial value, however for + // both .global and .const declarations, we always need an initial value to produce valid code. + var hasInitialValue: Bool { + return declarationMode != .none + } + + init(_ name: String, declarationMode: NamedVariableDeclarationMode) { + self.variableName = name + self.declarationMode = declarationMode + super.init(numInputs: declarationMode == .none ? 0 : 1, numOutputs: 1, attributes: .isMutable) + } +} + final class LoadDisposableVariable: JsOperation { override var opcode: Opcode { .loadDisposableVariable(self) } @@ -926,17 +999,6 @@ final class CreateTemplateString: JsOperation { } } -final class LoadBuiltin: JsOperation { - override var opcode: Opcode { .loadBuiltin(self) } - - let builtinName: String - - init(builtinName: String) { - self.builtinName = builtinName - super.init(numOutputs: 1, attributes: .isMutable) - } -} - final class GetProperty: GuardableOperation { override var opcode: Opcode { .getProperty(self) } @@ -1667,48 +1729,6 @@ final class Compare: JsOperation { } } -// Named Variables. -// -// Named variables are used to cover global and `var` variables in JavaScript -// as well as to support variable hoisting. -// -// When a named variable is defined, it becomes a `var` variable in JavaScript. -// However, it is allowed to access (load/store) a named variable without -// defining it first, in which case the access becomes either a global variable -// access (if the variable isn't later defined) or a hoisted variable access. -final class LoadNamedVariable: JsOperation { - override var opcode: Opcode { .loadNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numOutputs: 1, attributes: .isMutable) - } -} - -final class StoreNamedVariable: JsOperation { - override var opcode: Opcode { .storeNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numInputs: 1, attributes: .isMutable) - } -} - -final class DefineNamedVariable: JsOperation { - override var opcode: Opcode { .defineNamedVariable(self) } - - let variableName: String - - init(_ name: String) { - self.variableName = name - super.init(numInputs: 1, attributes: .isMutable) - } -} - /// An operation that will be lifted to a given string. The string can use %@ placeholders which /// will be replaced by the expressions for the input variables during lifting. final class Eval: JsOperation { diff --git a/Sources/Fuzzilli/FuzzIL/Opcodes.swift b/Sources/Fuzzilli/FuzzIL/Opcodes.swift index 6728c943e..dff60c9e2 100644 --- a/Sources/Fuzzilli/FuzzIL/Opcodes.swift +++ b/Sources/Fuzzilli/FuzzIL/Opcodes.swift @@ -38,6 +38,7 @@ enum Opcode { case loadNull(LoadNull) case loadThis(LoadThis) case loadArguments(LoadArguments) + case createNamedVariable(CreateNamedVariable) case loadDisposableVariable(LoadDisposableVariable) case loadAsyncDisposableVariable(LoadAsyncDisposableVariable) case loadRegExp(LoadRegExp) @@ -91,7 +92,6 @@ enum Opcode { case createFloatArray(CreateFloatArray) case createArrayWithSpread(CreateArrayWithSpread) case createTemplateString(CreateTemplateString) - case loadBuiltin(LoadBuiltin) case getProperty(GetProperty) case setProperty(SetProperty) case updateProperty(UpdateProperty) @@ -148,9 +148,6 @@ enum Opcode { case destructObject(DestructObject) case destructObjectAndReassign(DestructObjectAndReassign) case compare(Compare) - case loadNamedVariable(LoadNamedVariable) - case storeNamedVariable(StoreNamedVariable) - case defineNamedVariable(DefineNamedVariable) case eval(Eval) case beginWith(BeginWith) case endWith(EndWith) diff --git a/Sources/Fuzzilli/FuzzIL/Semantics.swift b/Sources/Fuzzilli/FuzzIL/Semantics.swift index e8110e02c..c687289f1 100644 --- a/Sources/Fuzzilli/FuzzIL/Semantics.swift +++ b/Sources/Fuzzilli/FuzzIL/Semantics.swift @@ -118,8 +118,6 @@ extension Instruction { canFold = true case (.loadRegExp(let op1), .loadRegExp(let op2)): canFold = op1.pattern == op2.pattern && op1.flags == op2.flags - case (.loadBuiltin(let op1), .loadBuiltin(let op2)): - canFold = op1.builtinName == op2.builtinName default: assert(self.op.name != other.op.name || !isPure) } diff --git a/Sources/Fuzzilli/Fuzzer.swift b/Sources/Fuzzilli/Fuzzer.swift index d94a28e40..141cc088f 100644 --- a/Sources/Fuzzilli/Fuzzer.swift +++ b/Sources/Fuzzilli/Fuzzer.swift @@ -474,14 +474,11 @@ public class Fuzzer { for instr in program.code { var removeInstruction = false switch instr.op.opcode { - case .loadNamedVariable(let op): - if shouldRemoveUsesOf(op.variableName) { + case .createNamedVariable(let op): + if op.declarationMode == .none && shouldRemoveUsesOf(op.variableName) { removeInstruction = true variablesToReplaceWithDummy.insert(instr.output) } - case .loadBuiltin(let op): - // We expect builtins to always be available and don't want to filter them out. - assert(!shouldRemoveUsesOf(op.builtinName)) default: break } diff --git a/Sources/Fuzzilli/Lifting/FuzzILLifter.swift b/Sources/Fuzzilli/Lifting/FuzzILLifter.swift index 6410a79f4..f1b53c4a6 100644 --- a/Sources/Fuzzilli/Lifting/FuzzILLifter.swift +++ b/Sources/Fuzzilli/Lifting/FuzzILLifter.swift @@ -67,6 +67,9 @@ public class FuzzILLifter: Lifter { case .loadArguments: w.emit("\(output()) <- LoadArguments") + case .createNamedVariable(let op): + w.emit("\(output()) <- CreateNamedVariable '\(op.variableName)' declarationMode: \(op.declarationMode)") + case .loadDisposableVariable: w.emit("\(output()) <- LoadDisposableVariable \(input(0))") @@ -315,9 +318,6 @@ public class FuzzILLifter: Lifter { let values = instr.inputs.map(lift).joined(separator: ", ") w.emit("\(output()) <- CreateTemplateString [\(parts)], [\(values)]") - case .loadBuiltin(let op): - w.emit("\(output()) <- LoadBuiltin '\(op.builtinName)'") - case .getProperty(let op): let opcode = op.isGuarded ? "GetProperty (guarded)" : "GetProperty" w.emit("\(output()) <- \(opcode) \(input(0)), '\(op.propertyName)'") @@ -502,15 +502,6 @@ public class FuzzILLifter: Lifter { case .compare(let op): w.emit("\(output()) <- Compare \(input(0)), '\(op.op.token)', \(input(1))") - case .loadNamedVariable(let op): - w.emit("\(output()) <- LoadNamedVariable '\(op.variableName)'") - - case .storeNamedVariable(let op): - w.emit("StoreNamedVariable '\(op.variableName)' <- \(input(0))") - - case .defineNamedVariable(let op): - w.emit("DefineNamedVariable '\(op.variableName)' <- \(input(0))") - case .eval(let op): let args = instr.inputs.map(lift).joined(separator: ", ") if op.hasOutput { diff --git a/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift b/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift index 5b3beb509..160c53ecd 100644 --- a/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift +++ b/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift @@ -219,6 +219,36 @@ public class JavaScriptLifter: Lifter { case .loadArguments: w.assign(Identifier.new("arguments"), to: instr.output) + case .createNamedVariable(let op): + assert(op.declarationMode == .none || op.hasInitialValue) + if op.hasInitialValue { + switch op.declarationMode { + case .none: + fatalError("This declaration mode doesn't have an initial value") + case .global: + w.emit("\(op.variableName) = \(input(0));") + case .var: + // Small optimization: turn `var x = undefined;` into just `var x;` + let initialValue = input(0).text + if initialValue == "undefined" { + w.emit("var \(op.variableName);") + } else { + w.emit("var \(op.variableName) = \(initialValue);") + } + case .let: + // Small optimization: turn `let x = undefined;` into just `var x;` + let initialValue = input(0).text + if initialValue == "undefined" { + w.emit("let \(op.variableName);") + } else { + w.emit("let \(op.variableName) = \(initialValue);") + } + case .const: + w.emit("const \(op.variableName) = \(input(0));") + } + } + w.declare(instr.output, as: op.variableName) + case .loadDisposableVariable: let V = w.declare(instr.output); w.emit("using \(V) = \(input(0));"); @@ -541,9 +571,6 @@ public class JavaScriptLifter: Lifter { let expr = TemplateLiteral.new("\(escapeSequence)`" + parts.joined() + "\(escapeSequence)`") w.assign(expr, to: instr.output) - case .loadBuiltin(let op): - w.assign(Identifier.new(op.builtinName), to: instr.output) - case .getProperty(let op): let obj = input(0) let accessOperator = op.isGuarded ? "?." : "." @@ -893,19 +920,6 @@ public class JavaScriptLifter: Lifter { let expr = BinaryExpression.new() + lhs + " " + op.op.token + " " + rhs w.assign(expr, to: instr.output) - case .loadNamedVariable(let op): - w.assign(Identifier.new(op.variableName), to: instr.output) - - case .storeNamedVariable(let op): - let NAME = op.variableName - let VALUE = input(0) - w.emit("\(NAME) = \(VALUE);") - - case .defineNamedVariable(let op): - let NAME = op.variableName - let VALUE = input(0) - w.emit("var \(NAME) = \(VALUE);") - case .eval(let op): // Woraround until Strings implement the CVarArg protocol in the linux Foundation library... // TODO can make this permanent, but then use different placeholder pattern diff --git a/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift b/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift index c9effe3cd..2e5746a39 100644 --- a/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift +++ b/Sources/Fuzzilli/Minimization/DeduplicatingReducer.swift @@ -15,7 +15,7 @@ // Attempts deduplicate variables containing the same values. struct DeduplicatingReducer: Reducer { func reduce(with helper: MinimizationHelper) { - // Currently we only handle LoadBuiltin, but the code could easily be + // Currently we only handle CreateNamedVariable, but the code could easily be // extended to cover other types of values as well. // It's not obvious however which other values would benefit from this. // For example, for identical integer values it may be interesting to @@ -30,7 +30,7 @@ struct DeduplicatingReducer: Reducer { var deduplicatedVariables = VariableMap() var visibleBuiltins = Stack<[String]>([[]]) - var variableForBuiltin = [String: Variable]() + var variableForName = [String: Variable]() for instr in helper.code { // Instruction replacement. let oldInouts = Array(instr.inouts) @@ -42,7 +42,7 @@ struct DeduplicatingReducer: Reducer { // Scope management. if instr.isBlockEnd { for builtin in visibleBuiltins.pop() { - variableForBuiltin.removeValue(forKey: builtin) + variableForName.removeValue(forKey: builtin) } } if instr.isBlockStart { @@ -50,14 +50,17 @@ struct DeduplicatingReducer: Reducer { } // Value deduplication. - if let op = instr.op as? LoadBuiltin { - if let replacement = variableForBuiltin[op.builtinName] { - deduplicatedVariables[instr.output] = replacement - } else { - // Each builtin must only be present once (all other instances are replaced with the first one). - assert(visibleBuiltins.elementsStartingAtBottom().allSatisfy({ !$0.contains(op.builtinName) })) - visibleBuiltins.top.append(op.builtinName) - variableForBuiltin[op.builtinName] = instr.output + if case .createNamedVariable(let op) = instr.op.opcode { + // Only deduplicate accesses to existing variables, not newly declared variables (that would not be correct). + if op.declarationMode == .none { + if let replacement = variableForName[op.variableName] { + deduplicatedVariables[instr.output] = replacement + } else { + // Each builtin must only be present once (all other instances are replaced with the first one). + assert(visibleBuiltins.elementsStartingAtBottom().allSatisfy({ !$0.contains(op.variableName) })) + visibleBuiltins.top.append(op.variableName) + variableForName[op.variableName] = instr.output + } } } } diff --git a/Sources/Fuzzilli/Mutators/OperationMutator.swift b/Sources/Fuzzilli/Mutators/OperationMutator.swift index 0550b4cf4..5ded20806 100644 --- a/Sources/Fuzzilli/Mutators/OperationMutator.swift +++ b/Sources/Fuzzilli/Mutators/OperationMutator.swift @@ -67,8 +67,6 @@ public class OperationMutator: BaseInstructionMutator { var newParts = op.parts replaceRandomElement(in: &newParts, generatingRandomValuesWith: { return b.randomString() }) newOp = CreateTemplateString(parts: newParts) - case .loadBuiltin(_): - newOp = LoadBuiltin(builtinName: b.randomBuiltin()) case .objectLiteralAddProperty: newOp = ObjectLiteralAddProperty(propertyName: b.randomPropertyName()) case .objectLiteralAddElement: @@ -209,13 +207,9 @@ public class OperationMutator: BaseInstructionMutator { newOp = DestructObjectAndReassign(properties: newProperties.sorted(), hasRestElement: !op.hasRestElement) case .compare(_): newOp = Compare(chooseUniform(from: Comparator.allCases)) - case .loadNamedVariable: + case .createNamedVariable(let op): // We just use property names as variable names here. It's not clear if there's a better alternative and this also works well with `with` statements. - newOp = LoadNamedVariable(b.randomPropertyName()) - case .storeNamedVariable: - newOp = StoreNamedVariable(b.randomPropertyName()) - case .defineNamedVariable: - newOp = DefineNamedVariable(b.randomPropertyName()) + newOp = CreateNamedVariable(b.randomPropertyName(), declarationMode: op.declarationMode) case .callSuperMethod(let op): let methodName = b.currentSuperType().randomMethod() ?? b.randomMethodName() newOp = CallSuperMethod(methodName: methodName, numArguments: op.numArguments) diff --git a/Sources/Fuzzilli/Mutators/ProbingMutator.swift b/Sources/Fuzzilli/Mutators/ProbingMutator.swift index 09fbccc2d..05ca58667 100644 --- a/Sources/Fuzzilli/Mutators/ProbingMutator.swift +++ b/Sources/Fuzzilli/Mutators/ProbingMutator.swift @@ -213,7 +213,7 @@ public class ProbingMutator: RuntimeAssistedMutator { case .element(let index): b.setElement(index, of: obj, to: value) case .symbol(let desc): - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let symbol = b.getProperty(extractSymbolNameFromDescription(desc), of: Symbol) b.setComputedProperty(symbol, of: obj, to: value) } @@ -258,7 +258,7 @@ public class ProbingMutator: RuntimeAssistedMutator { case .element(let index): b.configureElement(index, of: obj, usingFlags: PropertyFlags.random(), as: config) case .symbol(let desc): - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let symbol = b.getProperty(extractSymbolNameFromDescription(desc), of: Symbol) b.configureComputedProperty(symbol, of: obj, usingFlags: PropertyFlags.random(), as: config) } diff --git a/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift b/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift index b0f6422a6..7f323b01c 100644 --- a/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift +++ b/Sources/Fuzzilli/Mutators/RuntimeAssistedMutator.swift @@ -250,7 +250,7 @@ extension RuntimeAssistedMutator.Action.Input { } else { // TODO consider changing loadBigInt to use a string instead let s = b.loadString(value) - let BigInt = b.loadBuiltin("BigInt") + let BigInt = b.createNamedVariable(forBuiltin: "BigInt") return b.callFunction(BigInt, withArgs: [s]) } case .string(let value): @@ -415,17 +415,17 @@ extension RuntimeAssistedMutator.Action { case .TestIsNaN: assert(!isGuarded) let v = try translateInput(0) - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") b.callMethod("isNaN", on: Number, withArgs: [v]) case .TestIsFinite: assert(!isGuarded) let v = try translateInput(0) - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") b.callMethod("isFinite", on: Number, withArgs: [v]) case .SymbolRegistration: assert(!isGuarded) let s = try translateInput(0) - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let description = b.getProperty("description", of: s) b.callMethod("for", on: Symbol, withArgs: [description]) } diff --git a/Sources/Fuzzilli/Protobuf/operations.pb.swift b/Sources/Fuzzilli/Protobuf/operations.pb.swift index 6bba74b5e..55f4fa448 100644 --- a/Sources/Fuzzilli/Protobuf/operations.pb.swift +++ b/Sources/Fuzzilli/Protobuf/operations.pb.swift @@ -274,6 +274,48 @@ public enum Fuzzilli_Protobuf_Comparator: SwiftProtobuf.Enum, Swift.CaseIterable } +public enum Fuzzilli_Protobuf_NamedVariableDeclarationMode: SwiftProtobuf.Enum, Swift.CaseIterable { + public typealias RawValue = Int + case none // = 0 + case global // = 1 + case `var` // = 2 + case `let` // = 3 + case UNRECOGNIZED(Int) + + public init() { + self = .none + } + + public init?(rawValue: Int) { + switch rawValue { + case 0: self = .none + case 1: self = .global + case 2: self = .var + case 3: self = .let + default: self = .UNRECOGNIZED(rawValue) + } + } + + public var rawValue: Int { + switch self { + case .none: return 0 + case .global: return 1 + case .var: return 2 + case .let: return 3 + case .UNRECOGNIZED(let i): return i + } + } + + // The compiler won't synthesize support with the UNRECOGNIZED case. + public static let allCases: [Fuzzilli_Protobuf_NamedVariableDeclarationMode] = [ + .none, + .global, + .var, + .let, + ] + +} + /// Parameters used by function definitions, not an operation by itself. public struct Fuzzilli_Protobuf_Parameters: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the @@ -1064,18 +1106,6 @@ public struct Fuzzilli_Protobuf_CreateArrayWithSpread: Sendable { public init() {} } -public struct Fuzzilli_Protobuf_LoadBuiltin: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var builtinName: String = String() - - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - public struct Fuzzilli_Protobuf_GetProperty: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for @@ -1839,36 +1869,14 @@ public struct Fuzzilli_Protobuf_Compare: Sendable { public init() {} } -public struct Fuzzilli_Protobuf_LoadNamedVariable: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var variableName: String = String() - - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - -public struct Fuzzilli_Protobuf_StoreNamedVariable: Sendable { +public struct Fuzzilli_Protobuf_CreateNamedVariable: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var variableName: String = String() - public var unknownFields = SwiftProtobuf.UnknownStorage() - - public init() {} -} - -public struct Fuzzilli_Protobuf_DefineNamedVariable: Sendable { - // SwiftProtobuf.Message conformance is added in an extension below. See the - // `Message` and `Message+*Additions` files in the SwiftProtobuf library for - // methods supported on all messages. - - public var variableName: String = String() + public var declarationMode: Fuzzilli_Protobuf_NamedVariableDeclarationMode = .none public var unknownFields = SwiftProtobuf.UnknownStorage() @@ -2575,6 +2583,15 @@ extension Fuzzilli_Protobuf_Comparator: SwiftProtobuf._ProtoNameProviding { ] } +extension Fuzzilli_Protobuf_NamedVariableDeclarationMode: SwiftProtobuf._ProtoNameProviding { + public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ + 0: .same(proto: "NONE"), + 1: .same(proto: "GLOBAL"), + 2: .same(proto: "VAR"), + 3: .same(proto: "LET"), + ] +} + extension Fuzzilli_Protobuf_Parameters: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".Parameters" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ @@ -4333,38 +4350,6 @@ extension Fuzzilli_Protobuf_CreateArrayWithSpread: SwiftProtobuf.Message, SwiftP } } -extension Fuzzilli_Protobuf_LoadBuiltin: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".LoadBuiltin" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "builtinName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.builtinName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.builtinName.isEmpty { - try visitor.visitSingularStringField(value: self.builtinName, fieldNumber: 1) - } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_LoadBuiltin, rhs: Fuzzilli_Protobuf_LoadBuiltin) -> Bool { - if lhs.builtinName != rhs.builtinName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - extension Fuzzilli_Protobuf_GetProperty: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".GetProperty" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ @@ -6136,10 +6121,11 @@ extension Fuzzilli_Protobuf_Compare: SwiftProtobuf.Message, SwiftProtobuf._Messa } } -extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".LoadNamedVariable" +extension Fuzzilli_Protobuf_CreateNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { + public static let protoMessageName: String = _protobuf_package + ".CreateNamedVariable" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "variableName"), + 2: .same(proto: "declarationMode"), ] public mutating func decodeMessage(decoder: inout D) throws { @@ -6149,6 +6135,7 @@ extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProto // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() + case 2: try { try decoder.decodeSingularEnumField(value: &self.declarationMode) }() default: break } } @@ -6158,75 +6145,15 @@ extension Fuzzilli_Protobuf_LoadNamedVariable: SwiftProtobuf.Message, SwiftProto if !self.variableName.isEmpty { try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_LoadNamedVariable, rhs: Fuzzilli_Protobuf_LoadNamedVariable) -> Bool { - if lhs.variableName != rhs.variableName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - -extension Fuzzilli_Protobuf_StoreNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".StoreNamedVariable" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "variableName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.variableName.isEmpty { - try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) - } - try unknownFields.traverse(visitor: &visitor) - } - - public static func ==(lhs: Fuzzilli_Protobuf_StoreNamedVariable, rhs: Fuzzilli_Protobuf_StoreNamedVariable) -> Bool { - if lhs.variableName != rhs.variableName {return false} - if lhs.unknownFields != rhs.unknownFields {return false} - return true - } -} - -extension Fuzzilli_Protobuf_DefineNamedVariable: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { - public static let protoMessageName: String = _protobuf_package + ".DefineNamedVariable" - public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ - 1: .same(proto: "variableName"), - ] - - public mutating func decodeMessage(decoder: inout D) throws { - while let fieldNumber = try decoder.nextFieldNumber() { - // The use of inline closures is to circumvent an issue where the compiler - // allocates stack space for every case branch when no optimizations are - // enabled. https://github.com/apple/swift-protobuf/issues/1034 - switch fieldNumber { - case 1: try { try decoder.decodeSingularStringField(value: &self.variableName) }() - default: break - } - } - } - - public func traverse(visitor: inout V) throws { - if !self.variableName.isEmpty { - try visitor.visitSingularStringField(value: self.variableName, fieldNumber: 1) + if self.declarationMode != .none { + try visitor.visitSingularEnumField(value: self.declarationMode, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } - public static func ==(lhs: Fuzzilli_Protobuf_DefineNamedVariable, rhs: Fuzzilli_Protobuf_DefineNamedVariable) -> Bool { + public static func ==(lhs: Fuzzilli_Protobuf_CreateNamedVariable, rhs: Fuzzilli_Protobuf_CreateNamedVariable) -> Bool { if lhs.variableName != rhs.variableName {return false} + if lhs.declarationMode != rhs.declarationMode {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } diff --git a/Sources/Fuzzilli/Protobuf/operations.proto b/Sources/Fuzzilli/Protobuf/operations.proto index 770d5b3aa..e92429e41 100644 --- a/Sources/Fuzzilli/Protobuf/operations.proto +++ b/Sources/Fuzzilli/Protobuf/operations.proto @@ -253,10 +253,6 @@ message CreateArrayWithSpread { repeated bool spreads = 1; } -message LoadBuiltin { - string builtinName = 1; -} - message GetProperty { string propertyName = 1; bool isGuarded = 2; @@ -541,16 +537,16 @@ message Compare { Comparator op = 1; } -message LoadNamedVariable { - string variableName = 1; -} - -message StoreNamedVariable { - string variableName = 1; +enum NamedVariableDeclarationMode { + NONE = 0; + GLOBAL = 1; + VAR = 2; + LET = 3; } -message DefineNamedVariable { +message CreateNamedVariable { string variableName = 1; + NamedVariableDeclarationMode declarationMode = 2; } message Eval { diff --git a/Sources/Fuzzilli/Protobuf/program.pb.swift b/Sources/Fuzzilli/Protobuf/program.pb.swift index 0220d3f9c..030535f48 100644 --- a/Sources/Fuzzilli/Protobuf/program.pb.swift +++ b/Sources/Fuzzilli/Protobuf/program.pb.swift @@ -137,6 +137,14 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .loadArguments(newValue)} } + public var createNamedVariable: Fuzzilli_Protobuf_CreateNamedVariable { + get { + if case .createNamedVariable(let v)? = operation {return v} + return Fuzzilli_Protobuf_CreateNamedVariable() + } + set {operation = .createNamedVariable(newValue)} + } + public var loadDisposableVariable: Fuzzilli_Protobuf_LoadDisposableVariable { get { if case .loadDisposableVariable(let v)? = operation {return v} @@ -561,14 +569,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .createTemplateString(newValue)} } - public var loadBuiltin: Fuzzilli_Protobuf_LoadBuiltin { - get { - if case .loadBuiltin(let v)? = operation {return v} - return Fuzzilli_Protobuf_LoadBuiltin() - } - set {operation = .loadBuiltin(newValue)} - } - public var getProperty: Fuzzilli_Protobuf_GetProperty { get { if case .getProperty(let v)? = operation {return v} @@ -1017,30 +1017,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { set {operation = .compare(newValue)} } - public var loadNamedVariable: Fuzzilli_Protobuf_LoadNamedVariable { - get { - if case .loadNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_LoadNamedVariable() - } - set {operation = .loadNamedVariable(newValue)} - } - - public var storeNamedVariable: Fuzzilli_Protobuf_StoreNamedVariable { - get { - if case .storeNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_StoreNamedVariable() - } - set {operation = .storeNamedVariable(newValue)} - } - - public var defineNamedVariable: Fuzzilli_Protobuf_DefineNamedVariable { - get { - if case .defineNamedVariable(let v)? = operation {return v} - return Fuzzilli_Protobuf_DefineNamedVariable() - } - set {operation = .defineNamedVariable(newValue)} - } - public var eval: Fuzzilli_Protobuf_Eval { get { if case .eval(let v)? = operation {return v} @@ -1511,6 +1487,7 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case loadNull(Fuzzilli_Protobuf_LoadNull) case loadThis(Fuzzilli_Protobuf_LoadThis) case loadArguments(Fuzzilli_Protobuf_LoadArguments) + case createNamedVariable(Fuzzilli_Protobuf_CreateNamedVariable) case loadDisposableVariable(Fuzzilli_Protobuf_LoadDisposableVariable) case loadAsyncDisposableVariable(Fuzzilli_Protobuf_LoadAsyncDisposableVariable) case loadRegExp(Fuzzilli_Protobuf_LoadRegExp) @@ -1564,7 +1541,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case createFloatArray(Fuzzilli_Protobuf_CreateFloatArray) case createArrayWithSpread(Fuzzilli_Protobuf_CreateArrayWithSpread) case createTemplateString(Fuzzilli_Protobuf_CreateTemplateString) - case loadBuiltin(Fuzzilli_Protobuf_LoadBuiltin) case getProperty(Fuzzilli_Protobuf_GetProperty) case setProperty(Fuzzilli_Protobuf_SetProperty) case updateProperty(Fuzzilli_Protobuf_UpdateProperty) @@ -1621,9 +1597,6 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable { case destructObject(Fuzzilli_Protobuf_DestructObject) case destructObjectAndReassign(Fuzzilli_Protobuf_DestructObjectAndReassign) case compare(Fuzzilli_Protobuf_Compare) - case loadNamedVariable(Fuzzilli_Protobuf_LoadNamedVariable) - case storeNamedVariable(Fuzzilli_Protobuf_StoreNamedVariable) - case defineNamedVariable(Fuzzilli_Protobuf_DefineNamedVariable) case eval(Fuzzilli_Protobuf_Eval) case beginWith(Fuzzilli_Protobuf_BeginWith) case endWith(Fuzzilli_Protobuf_EndWith) @@ -1742,60 +1715,60 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M 10: .same(proto: "loadNull"), 11: .same(proto: "loadThis"), 12: .same(proto: "loadArguments"), - 13: .same(proto: "loadDisposableVariable"), - 14: .same(proto: "loadAsyncDisposableVariable"), - 15: .same(proto: "loadRegExp"), - 16: .same(proto: "beginObjectLiteral"), - 17: .same(proto: "objectLiteralAddProperty"), - 18: .same(proto: "objectLiteralAddElement"), - 19: .same(proto: "objectLiteralAddComputedProperty"), - 20: .same(proto: "objectLiteralCopyProperties"), - 21: .same(proto: "objectLiteralSetPrototype"), - 22: .same(proto: "beginObjectLiteralMethod"), - 23: .same(proto: "endObjectLiteralMethod"), - 24: .same(proto: "beginObjectLiteralComputedMethod"), - 25: .same(proto: "endObjectLiteralComputedMethod"), - 26: .same(proto: "beginObjectLiteralGetter"), - 27: .same(proto: "endObjectLiteralGetter"), - 28: .same(proto: "beginObjectLiteralSetter"), - 29: .same(proto: "endObjectLiteralSetter"), - 30: .same(proto: "endObjectLiteral"), - 31: .same(proto: "beginClassDefinition"), - 32: .same(proto: "beginClassConstructor"), - 33: .same(proto: "endClassConstructor"), - 34: .same(proto: "classAddInstanceProperty"), - 35: .same(proto: "classAddInstanceElement"), - 36: .same(proto: "classAddInstanceComputedProperty"), - 37: .same(proto: "beginClassInstanceMethod"), - 38: .same(proto: "endClassInstanceMethod"), - 39: .same(proto: "beginClassInstanceGetter"), - 40: .same(proto: "endClassInstanceGetter"), - 41: .same(proto: "beginClassInstanceSetter"), - 42: .same(proto: "endClassInstanceSetter"), - 43: .same(proto: "classAddStaticProperty"), - 44: .same(proto: "classAddStaticElement"), - 45: .same(proto: "classAddStaticComputedProperty"), - 46: .same(proto: "beginClassStaticInitializer"), - 47: .same(proto: "endClassStaticInitializer"), - 48: .same(proto: "beginClassStaticMethod"), - 49: .same(proto: "endClassStaticMethod"), - 50: .same(proto: "beginClassStaticGetter"), - 51: .same(proto: "endClassStaticGetter"), - 52: .same(proto: "beginClassStaticSetter"), - 53: .same(proto: "endClassStaticSetter"), - 54: .same(proto: "classAddPrivateInstanceProperty"), - 55: .same(proto: "beginClassPrivateInstanceMethod"), - 56: .same(proto: "endClassPrivateInstanceMethod"), - 57: .same(proto: "classAddPrivateStaticProperty"), - 58: .same(proto: "beginClassPrivateStaticMethod"), - 59: .same(proto: "endClassPrivateStaticMethod"), - 60: .same(proto: "endClassDefinition"), - 61: .same(proto: "createArray"), - 62: .same(proto: "createIntArray"), - 63: .same(proto: "createFloatArray"), - 64: .same(proto: "createArrayWithSpread"), - 65: .same(proto: "createTemplateString"), - 66: .same(proto: "loadBuiltin"), + 13: .same(proto: "createNamedVariable"), + 14: .same(proto: "loadDisposableVariable"), + 15: .same(proto: "loadAsyncDisposableVariable"), + 16: .same(proto: "loadRegExp"), + 17: .same(proto: "beginObjectLiteral"), + 18: .same(proto: "objectLiteralAddProperty"), + 19: .same(proto: "objectLiteralAddElement"), + 20: .same(proto: "objectLiteralAddComputedProperty"), + 21: .same(proto: "objectLiteralCopyProperties"), + 22: .same(proto: "objectLiteralSetPrototype"), + 23: .same(proto: "beginObjectLiteralMethod"), + 24: .same(proto: "endObjectLiteralMethod"), + 25: .same(proto: "beginObjectLiteralComputedMethod"), + 26: .same(proto: "endObjectLiteralComputedMethod"), + 27: .same(proto: "beginObjectLiteralGetter"), + 28: .same(proto: "endObjectLiteralGetter"), + 29: .same(proto: "beginObjectLiteralSetter"), + 30: .same(proto: "endObjectLiteralSetter"), + 31: .same(proto: "endObjectLiteral"), + 32: .same(proto: "beginClassDefinition"), + 33: .same(proto: "beginClassConstructor"), + 34: .same(proto: "endClassConstructor"), + 35: .same(proto: "classAddInstanceProperty"), + 36: .same(proto: "classAddInstanceElement"), + 37: .same(proto: "classAddInstanceComputedProperty"), + 38: .same(proto: "beginClassInstanceMethod"), + 39: .same(proto: "endClassInstanceMethod"), + 40: .same(proto: "beginClassInstanceGetter"), + 41: .same(proto: "endClassInstanceGetter"), + 42: .same(proto: "beginClassInstanceSetter"), + 43: .same(proto: "endClassInstanceSetter"), + 44: .same(proto: "classAddStaticProperty"), + 45: .same(proto: "classAddStaticElement"), + 46: .same(proto: "classAddStaticComputedProperty"), + 47: .same(proto: "beginClassStaticInitializer"), + 48: .same(proto: "endClassStaticInitializer"), + 49: .same(proto: "beginClassStaticMethod"), + 50: .same(proto: "endClassStaticMethod"), + 51: .same(proto: "beginClassStaticGetter"), + 52: .same(proto: "endClassStaticGetter"), + 53: .same(proto: "beginClassStaticSetter"), + 54: .same(proto: "endClassStaticSetter"), + 55: .same(proto: "classAddPrivateInstanceProperty"), + 56: .same(proto: "beginClassPrivateInstanceMethod"), + 57: .same(proto: "endClassPrivateInstanceMethod"), + 58: .same(proto: "classAddPrivateStaticProperty"), + 59: .same(proto: "beginClassPrivateStaticMethod"), + 60: .same(proto: "endClassPrivateStaticMethod"), + 61: .same(proto: "endClassDefinition"), + 62: .same(proto: "createArray"), + 63: .same(proto: "createIntArray"), + 64: .same(proto: "createFloatArray"), + 65: .same(proto: "createArrayWithSpread"), + 66: .same(proto: "createTemplateString"), 67: .same(proto: "getProperty"), 68: .same(proto: "setProperty"), 69: .same(proto: "updateProperty"), @@ -1852,66 +1825,63 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M 120: .same(proto: "destructObject"), 121: .same(proto: "destructObjectAndReassign"), 122: .same(proto: "compare"), - 123: .same(proto: "loadNamedVariable"), - 124: .same(proto: "storeNamedVariable"), - 125: .same(proto: "defineNamedVariable"), - 126: .same(proto: "eval"), - 127: .same(proto: "beginWith"), - 128: .same(proto: "endWith"), - 129: .same(proto: "callSuperConstructor"), - 130: .same(proto: "callSuperMethod"), - 131: .same(proto: "getPrivateProperty"), - 132: .same(proto: "setPrivateProperty"), - 133: .same(proto: "updatePrivateProperty"), - 134: .same(proto: "callPrivateMethod"), - 135: .same(proto: "getSuperProperty"), - 136: .same(proto: "setSuperProperty"), - 137: .same(proto: "getComputedSuperProperty"), - 138: .same(proto: "setComputedSuperProperty"), - 139: .same(proto: "updateSuperProperty"), - 140: .same(proto: "beginIf"), - 141: .same(proto: "beginElse"), - 142: .same(proto: "endIf"), - 143: .same(proto: "beginWhileLoopHeader"), - 144: .same(proto: "beginWhileLoopBody"), - 145: .same(proto: "endWhileLoop"), - 146: .same(proto: "beginDoWhileLoopBody"), - 147: .same(proto: "beginDoWhileLoopHeader"), - 148: .same(proto: "endDoWhileLoop"), - 149: .same(proto: "beginForLoopInitializer"), - 150: .same(proto: "beginForLoopCondition"), - 151: .same(proto: "beginForLoopAfterthought"), - 152: .same(proto: "beginForLoopBody"), - 153: .same(proto: "endForLoop"), - 154: .same(proto: "beginForInLoop"), - 155: .same(proto: "endForInLoop"), - 156: .same(proto: "beginForOfLoop"), - 157: .same(proto: "beginForOfLoopWithDestruct"), - 158: .same(proto: "endForOfLoop"), - 159: .same(proto: "beginRepeatLoop"), - 160: .same(proto: "endRepeatLoop"), - 161: .same(proto: "loopBreak"), - 162: .same(proto: "loopContinue"), - 163: .same(proto: "beginTry"), - 164: .same(proto: "beginCatch"), - 165: .same(proto: "beginFinally"), - 166: .same(proto: "endTryCatchFinally"), - 167: .same(proto: "throwException"), - 168: .same(proto: "beginCodeString"), - 169: .same(proto: "endCodeString"), - 170: .same(proto: "beginBlockStatement"), - 171: .same(proto: "endBlockStatement"), - 172: .same(proto: "beginSwitch"), - 173: .same(proto: "beginSwitchCase"), - 174: .same(proto: "beginSwitchDefaultCase"), - 175: .same(proto: "endSwitchCase"), - 176: .same(proto: "endSwitch"), - 177: .same(proto: "switchBreak"), - 178: .same(proto: "loadNewTarget"), - 179: .same(proto: "print"), - 180: .same(proto: "explore"), - 181: .same(proto: "probe"), - 182: .same(proto: "fixup"), + 123: .same(proto: "eval"), + 124: .same(proto: "beginWith"), + 125: .same(proto: "endWith"), + 126: .same(proto: "callSuperConstructor"), + 127: .same(proto: "callSuperMethod"), + 128: .same(proto: "getPrivateProperty"), + 129: .same(proto: "setPrivateProperty"), + 130: .same(proto: "updatePrivateProperty"), + 131: .same(proto: "callPrivateMethod"), + 132: .same(proto: "getSuperProperty"), + 133: .same(proto: "setSuperProperty"), + 134: .same(proto: "getComputedSuperProperty"), + 135: .same(proto: "setComputedSuperProperty"), + 136: .same(proto: "updateSuperProperty"), + 137: .same(proto: "beginIf"), + 138: .same(proto: "beginElse"), + 139: .same(proto: "endIf"), + 140: .same(proto: "beginWhileLoopHeader"), + 141: .same(proto: "beginWhileLoopBody"), + 142: .same(proto: "endWhileLoop"), + 143: .same(proto: "beginDoWhileLoopBody"), + 144: .same(proto: "beginDoWhileLoopHeader"), + 145: .same(proto: "endDoWhileLoop"), + 146: .same(proto: "beginForLoopInitializer"), + 147: .same(proto: "beginForLoopCondition"), + 148: .same(proto: "beginForLoopAfterthought"), + 149: .same(proto: "beginForLoopBody"), + 150: .same(proto: "endForLoop"), + 151: .same(proto: "beginForInLoop"), + 152: .same(proto: "endForInLoop"), + 153: .same(proto: "beginForOfLoop"), + 154: .same(proto: "beginForOfLoopWithDestruct"), + 155: .same(proto: "endForOfLoop"), + 156: .same(proto: "beginRepeatLoop"), + 157: .same(proto: "endRepeatLoop"), + 158: .same(proto: "loopBreak"), + 159: .same(proto: "loopContinue"), + 160: .same(proto: "beginTry"), + 161: .same(proto: "beginCatch"), + 162: .same(proto: "beginFinally"), + 163: .same(proto: "endTryCatchFinally"), + 164: .same(proto: "throwException"), + 165: .same(proto: "beginCodeString"), + 166: .same(proto: "endCodeString"), + 167: .same(proto: "beginBlockStatement"), + 168: .same(proto: "endBlockStatement"), + 169: .same(proto: "beginSwitch"), + 170: .same(proto: "beginSwitchCase"), + 171: .same(proto: "beginSwitchDefaultCase"), + 172: .same(proto: "endSwitchCase"), + 173: .same(proto: "endSwitch"), + 174: .same(proto: "switchBreak"), + 175: .same(proto: "loadNewTarget"), + 176: .same(proto: "print"), + 177: .same(proto: "explore"), + 178: .same(proto: "probe"), + 179: .same(proto: "fixup"), ] public mutating func decodeMessage(decoder: inout D) throws { @@ -2060,6 +2030,19 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M } }() case 13: try { + var v: Fuzzilli_Protobuf_CreateNamedVariable? + var hadOneofValue = false + if let current = self.operation { + hadOneofValue = true + if case .createNamedVariable(let m) = current {v = m} + } + try decoder.decodeSingularMessageField(value: &v) + if let v = v { + if hadOneofValue {try decoder.handleConflictingOneOf()} + self.operation = .createNamedVariable(v) + } + }() + case 14: try { var v: Fuzzilli_Protobuf_LoadDisposableVariable? var hadOneofValue = false if let current = self.operation { @@ -2072,7 +2055,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadDisposableVariable(v) } }() - case 14: try { + case 15: try { var v: Fuzzilli_Protobuf_LoadAsyncDisposableVariable? var hadOneofValue = false if let current = self.operation { @@ -2085,7 +2068,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadAsyncDisposableVariable(v) } }() - case 15: try { + case 16: try { var v: Fuzzilli_Protobuf_LoadRegExp? var hadOneofValue = false if let current = self.operation { @@ -2098,7 +2081,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadRegExp(v) } }() - case 16: try { + case 17: try { var v: Fuzzilli_Protobuf_BeginObjectLiteral? var hadOneofValue = false if let current = self.operation { @@ -2111,7 +2094,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteral(v) } }() - case 17: try { + case 18: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddProperty? var hadOneofValue = false if let current = self.operation { @@ -2124,7 +2107,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddProperty(v) } }() - case 18: try { + case 19: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddElement? var hadOneofValue = false if let current = self.operation { @@ -2137,7 +2120,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddElement(v) } }() - case 19: try { + case 20: try { var v: Fuzzilli_Protobuf_ObjectLiteralAddComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2150,7 +2133,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralAddComputedProperty(v) } }() - case 20: try { + case 21: try { var v: Fuzzilli_Protobuf_ObjectLiteralCopyProperties? var hadOneofValue = false if let current = self.operation { @@ -2163,7 +2146,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralCopyProperties(v) } }() - case 21: try { + case 22: try { var v: Fuzzilli_Protobuf_ObjectLiteralSetPrototype? var hadOneofValue = false if let current = self.operation { @@ -2176,7 +2159,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .objectLiteralSetPrototype(v) } }() - case 22: try { + case 23: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralMethod? var hadOneofValue = false if let current = self.operation { @@ -2189,7 +2172,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralMethod(v) } }() - case 23: try { + case 24: try { var v: Fuzzilli_Protobuf_EndObjectLiteralMethod? var hadOneofValue = false if let current = self.operation { @@ -2202,7 +2185,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralMethod(v) } }() - case 24: try { + case 25: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralComputedMethod? var hadOneofValue = false if let current = self.operation { @@ -2215,7 +2198,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralComputedMethod(v) } }() - case 25: try { + case 26: try { var v: Fuzzilli_Protobuf_EndObjectLiteralComputedMethod? var hadOneofValue = false if let current = self.operation { @@ -2228,7 +2211,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralComputedMethod(v) } }() - case 26: try { + case 27: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralGetter? var hadOneofValue = false if let current = self.operation { @@ -2241,7 +2224,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralGetter(v) } }() - case 27: try { + case 28: try { var v: Fuzzilli_Protobuf_EndObjectLiteralGetter? var hadOneofValue = false if let current = self.operation { @@ -2254,7 +2237,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralGetter(v) } }() - case 28: try { + case 29: try { var v: Fuzzilli_Protobuf_BeginObjectLiteralSetter? var hadOneofValue = false if let current = self.operation { @@ -2267,7 +2250,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginObjectLiteralSetter(v) } }() - case 29: try { + case 30: try { var v: Fuzzilli_Protobuf_EndObjectLiteralSetter? var hadOneofValue = false if let current = self.operation { @@ -2280,7 +2263,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteralSetter(v) } }() - case 30: try { + case 31: try { var v: Fuzzilli_Protobuf_EndObjectLiteral? var hadOneofValue = false if let current = self.operation { @@ -2293,7 +2276,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endObjectLiteral(v) } }() - case 31: try { + case 32: try { var v: Fuzzilli_Protobuf_BeginClassDefinition? var hadOneofValue = false if let current = self.operation { @@ -2306,7 +2289,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassDefinition(v) } }() - case 32: try { + case 33: try { var v: Fuzzilli_Protobuf_BeginClassConstructor? var hadOneofValue = false if let current = self.operation { @@ -2319,7 +2302,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassConstructor(v) } }() - case 33: try { + case 34: try { var v: Fuzzilli_Protobuf_EndClassConstructor? var hadOneofValue = false if let current = self.operation { @@ -2332,7 +2315,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassConstructor(v) } }() - case 34: try { + case 35: try { var v: Fuzzilli_Protobuf_ClassAddInstanceProperty? var hadOneofValue = false if let current = self.operation { @@ -2345,7 +2328,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceProperty(v) } }() - case 35: try { + case 36: try { var v: Fuzzilli_Protobuf_ClassAddInstanceElement? var hadOneofValue = false if let current = self.operation { @@ -2358,7 +2341,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceElement(v) } }() - case 36: try { + case 37: try { var v: Fuzzilli_Protobuf_ClassAddInstanceComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2371,7 +2354,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddInstanceComputedProperty(v) } }() - case 37: try { + case 38: try { var v: Fuzzilli_Protobuf_BeginClassInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2384,7 +2367,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceMethod(v) } }() - case 38: try { + case 39: try { var v: Fuzzilli_Protobuf_EndClassInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2397,7 +2380,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceMethod(v) } }() - case 39: try { + case 40: try { var v: Fuzzilli_Protobuf_BeginClassInstanceGetter? var hadOneofValue = false if let current = self.operation { @@ -2410,7 +2393,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceGetter(v) } }() - case 40: try { + case 41: try { var v: Fuzzilli_Protobuf_EndClassInstanceGetter? var hadOneofValue = false if let current = self.operation { @@ -2423,7 +2406,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceGetter(v) } }() - case 41: try { + case 42: try { var v: Fuzzilli_Protobuf_BeginClassInstanceSetter? var hadOneofValue = false if let current = self.operation { @@ -2436,7 +2419,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassInstanceSetter(v) } }() - case 42: try { + case 43: try { var v: Fuzzilli_Protobuf_EndClassInstanceSetter? var hadOneofValue = false if let current = self.operation { @@ -2449,7 +2432,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassInstanceSetter(v) } }() - case 43: try { + case 44: try { var v: Fuzzilli_Protobuf_ClassAddStaticProperty? var hadOneofValue = false if let current = self.operation { @@ -2462,7 +2445,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticProperty(v) } }() - case 44: try { + case 45: try { var v: Fuzzilli_Protobuf_ClassAddStaticElement? var hadOneofValue = false if let current = self.operation { @@ -2475,7 +2458,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticElement(v) } }() - case 45: try { + case 46: try { var v: Fuzzilli_Protobuf_ClassAddStaticComputedProperty? var hadOneofValue = false if let current = self.operation { @@ -2488,7 +2471,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddStaticComputedProperty(v) } }() - case 46: try { + case 47: try { var v: Fuzzilli_Protobuf_BeginClassStaticInitializer? var hadOneofValue = false if let current = self.operation { @@ -2501,7 +2484,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticInitializer(v) } }() - case 47: try { + case 48: try { var v: Fuzzilli_Protobuf_EndClassStaticInitializer? var hadOneofValue = false if let current = self.operation { @@ -2514,7 +2497,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticInitializer(v) } }() - case 48: try { + case 49: try { var v: Fuzzilli_Protobuf_BeginClassStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2527,7 +2510,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticMethod(v) } }() - case 49: try { + case 50: try { var v: Fuzzilli_Protobuf_EndClassStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2540,7 +2523,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticMethod(v) } }() - case 50: try { + case 51: try { var v: Fuzzilli_Protobuf_BeginClassStaticGetter? var hadOneofValue = false if let current = self.operation { @@ -2553,7 +2536,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticGetter(v) } }() - case 51: try { + case 52: try { var v: Fuzzilli_Protobuf_EndClassStaticGetter? var hadOneofValue = false if let current = self.operation { @@ -2566,7 +2549,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticGetter(v) } }() - case 52: try { + case 53: try { var v: Fuzzilli_Protobuf_BeginClassStaticSetter? var hadOneofValue = false if let current = self.operation { @@ -2579,7 +2562,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassStaticSetter(v) } }() - case 53: try { + case 54: try { var v: Fuzzilli_Protobuf_EndClassStaticSetter? var hadOneofValue = false if let current = self.operation { @@ -2592,7 +2575,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassStaticSetter(v) } }() - case 54: try { + case 55: try { var v: Fuzzilli_Protobuf_ClassAddPrivateInstanceProperty? var hadOneofValue = false if let current = self.operation { @@ -2605,7 +2588,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddPrivateInstanceProperty(v) } }() - case 55: try { + case 56: try { var v: Fuzzilli_Protobuf_BeginClassPrivateInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2618,7 +2601,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassPrivateInstanceMethod(v) } }() - case 56: try { + case 57: try { var v: Fuzzilli_Protobuf_EndClassPrivateInstanceMethod? var hadOneofValue = false if let current = self.operation { @@ -2631,7 +2614,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassPrivateInstanceMethod(v) } }() - case 57: try { + case 58: try { var v: Fuzzilli_Protobuf_ClassAddPrivateStaticProperty? var hadOneofValue = false if let current = self.operation { @@ -2644,7 +2627,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .classAddPrivateStaticProperty(v) } }() - case 58: try { + case 59: try { var v: Fuzzilli_Protobuf_BeginClassPrivateStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2657,7 +2640,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginClassPrivateStaticMethod(v) } }() - case 59: try { + case 60: try { var v: Fuzzilli_Protobuf_EndClassPrivateStaticMethod? var hadOneofValue = false if let current = self.operation { @@ -2670,7 +2653,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassPrivateStaticMethod(v) } }() - case 60: try { + case 61: try { var v: Fuzzilli_Protobuf_EndClassDefinition? var hadOneofValue = false if let current = self.operation { @@ -2683,7 +2666,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endClassDefinition(v) } }() - case 61: try { + case 62: try { var v: Fuzzilli_Protobuf_CreateArray? var hadOneofValue = false if let current = self.operation { @@ -2696,7 +2679,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createArray(v) } }() - case 62: try { + case 63: try { var v: Fuzzilli_Protobuf_CreateIntArray? var hadOneofValue = false if let current = self.operation { @@ -2709,7 +2692,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createIntArray(v) } }() - case 63: try { + case 64: try { var v: Fuzzilli_Protobuf_CreateFloatArray? var hadOneofValue = false if let current = self.operation { @@ -2722,7 +2705,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createFloatArray(v) } }() - case 64: try { + case 65: try { var v: Fuzzilli_Protobuf_CreateArrayWithSpread? var hadOneofValue = false if let current = self.operation { @@ -2735,7 +2718,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createArrayWithSpread(v) } }() - case 65: try { + case 66: try { var v: Fuzzilli_Protobuf_CreateTemplateString? var hadOneofValue = false if let current = self.operation { @@ -2748,19 +2731,6 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .createTemplateString(v) } }() - case 66: try { - var v: Fuzzilli_Protobuf_LoadBuiltin? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .loadBuiltin(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .loadBuiltin(v) - } - }() case 67: try { var v: Fuzzilli_Protobuf_GetProperty? var hadOneofValue = false @@ -3490,45 +3460,6 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M } }() case 123: try { - var v: Fuzzilli_Protobuf_LoadNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .loadNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .loadNamedVariable(v) - } - }() - case 124: try { - var v: Fuzzilli_Protobuf_StoreNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .storeNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .storeNamedVariable(v) - } - }() - case 125: try { - var v: Fuzzilli_Protobuf_DefineNamedVariable? - var hadOneofValue = false - if let current = self.operation { - hadOneofValue = true - if case .defineNamedVariable(let m) = current {v = m} - } - try decoder.decodeSingularMessageField(value: &v) - if let v = v { - if hadOneofValue {try decoder.handleConflictingOneOf()} - self.operation = .defineNamedVariable(v) - } - }() - case 126: try { var v: Fuzzilli_Protobuf_Eval? var hadOneofValue = false if let current = self.operation { @@ -3541,7 +3472,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .eval(v) } }() - case 127: try { + case 124: try { var v: Fuzzilli_Protobuf_BeginWith? var hadOneofValue = false if let current = self.operation { @@ -3554,7 +3485,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWith(v) } }() - case 128: try { + case 125: try { var v: Fuzzilli_Protobuf_EndWith? var hadOneofValue = false if let current = self.operation { @@ -3567,7 +3498,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endWith(v) } }() - case 129: try { + case 126: try { var v: Fuzzilli_Protobuf_CallSuperConstructor? var hadOneofValue = false if let current = self.operation { @@ -3580,7 +3511,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callSuperConstructor(v) } }() - case 130: try { + case 127: try { var v: Fuzzilli_Protobuf_CallSuperMethod? var hadOneofValue = false if let current = self.operation { @@ -3593,7 +3524,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callSuperMethod(v) } }() - case 131: try { + case 128: try { var v: Fuzzilli_Protobuf_GetPrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3606,7 +3537,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getPrivateProperty(v) } }() - case 132: try { + case 129: try { var v: Fuzzilli_Protobuf_SetPrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3619,7 +3550,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setPrivateProperty(v) } }() - case 133: try { + case 130: try { var v: Fuzzilli_Protobuf_UpdatePrivateProperty? var hadOneofValue = false if let current = self.operation { @@ -3632,7 +3563,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .updatePrivateProperty(v) } }() - case 134: try { + case 131: try { var v: Fuzzilli_Protobuf_CallPrivateMethod? var hadOneofValue = false if let current = self.operation { @@ -3645,7 +3576,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .callPrivateMethod(v) } }() - case 135: try { + case 132: try { var v: Fuzzilli_Protobuf_GetSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3658,7 +3589,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getSuperProperty(v) } }() - case 136: try { + case 133: try { var v: Fuzzilli_Protobuf_SetSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3671,7 +3602,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setSuperProperty(v) } }() - case 137: try { + case 134: try { var v: Fuzzilli_Protobuf_GetComputedSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3684,7 +3615,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .getComputedSuperProperty(v) } }() - case 138: try { + case 135: try { var v: Fuzzilli_Protobuf_SetComputedSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3697,7 +3628,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .setComputedSuperProperty(v) } }() - case 139: try { + case 136: try { var v: Fuzzilli_Protobuf_UpdateSuperProperty? var hadOneofValue = false if let current = self.operation { @@ -3710,7 +3641,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .updateSuperProperty(v) } }() - case 140: try { + case 137: try { var v: Fuzzilli_Protobuf_BeginIf? var hadOneofValue = false if let current = self.operation { @@ -3723,7 +3654,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginIf(v) } }() - case 141: try { + case 138: try { var v: Fuzzilli_Protobuf_BeginElse? var hadOneofValue = false if let current = self.operation { @@ -3736,7 +3667,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginElse(v) } }() - case 142: try { + case 139: try { var v: Fuzzilli_Protobuf_EndIf? var hadOneofValue = false if let current = self.operation { @@ -3749,7 +3680,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endIf(v) } }() - case 143: try { + case 140: try { var v: Fuzzilli_Protobuf_BeginWhileLoopHeader? var hadOneofValue = false if let current = self.operation { @@ -3762,7 +3693,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWhileLoopHeader(v) } }() - case 144: try { + case 141: try { var v: Fuzzilli_Protobuf_BeginWhileLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3775,7 +3706,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginWhileLoopBody(v) } }() - case 145: try { + case 142: try { var v: Fuzzilli_Protobuf_EndWhileLoop? var hadOneofValue = false if let current = self.operation { @@ -3788,7 +3719,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endWhileLoop(v) } }() - case 146: try { + case 143: try { var v: Fuzzilli_Protobuf_BeginDoWhileLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3801,7 +3732,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginDoWhileLoopBody(v) } }() - case 147: try { + case 144: try { var v: Fuzzilli_Protobuf_BeginDoWhileLoopHeader? var hadOneofValue = false if let current = self.operation { @@ -3814,7 +3745,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginDoWhileLoopHeader(v) } }() - case 148: try { + case 145: try { var v: Fuzzilli_Protobuf_EndDoWhileLoop? var hadOneofValue = false if let current = self.operation { @@ -3827,7 +3758,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endDoWhileLoop(v) } }() - case 149: try { + case 146: try { var v: Fuzzilli_Protobuf_BeginForLoopInitializer? var hadOneofValue = false if let current = self.operation { @@ -3840,7 +3771,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopInitializer(v) } }() - case 150: try { + case 147: try { var v: Fuzzilli_Protobuf_BeginForLoopCondition? var hadOneofValue = false if let current = self.operation { @@ -3853,7 +3784,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopCondition(v) } }() - case 151: try { + case 148: try { var v: Fuzzilli_Protobuf_BeginForLoopAfterthought? var hadOneofValue = false if let current = self.operation { @@ -3866,7 +3797,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopAfterthought(v) } }() - case 152: try { + case 149: try { var v: Fuzzilli_Protobuf_BeginForLoopBody? var hadOneofValue = false if let current = self.operation { @@ -3879,7 +3810,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForLoopBody(v) } }() - case 153: try { + case 150: try { var v: Fuzzilli_Protobuf_EndForLoop? var hadOneofValue = false if let current = self.operation { @@ -3892,7 +3823,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForLoop(v) } }() - case 154: try { + case 151: try { var v: Fuzzilli_Protobuf_BeginForInLoop? var hadOneofValue = false if let current = self.operation { @@ -3905,7 +3836,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForInLoop(v) } }() - case 155: try { + case 152: try { var v: Fuzzilli_Protobuf_EndForInLoop? var hadOneofValue = false if let current = self.operation { @@ -3918,7 +3849,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForInLoop(v) } }() - case 156: try { + case 153: try { var v: Fuzzilli_Protobuf_BeginForOfLoop? var hadOneofValue = false if let current = self.operation { @@ -3931,7 +3862,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForOfLoop(v) } }() - case 157: try { + case 154: try { var v: Fuzzilli_Protobuf_BeginForOfLoopWithDestruct? var hadOneofValue = false if let current = self.operation { @@ -3944,7 +3875,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginForOfLoopWithDestruct(v) } }() - case 158: try { + case 155: try { var v: Fuzzilli_Protobuf_EndForOfLoop? var hadOneofValue = false if let current = self.operation { @@ -3957,7 +3888,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endForOfLoop(v) } }() - case 159: try { + case 156: try { var v: Fuzzilli_Protobuf_BeginRepeatLoop? var hadOneofValue = false if let current = self.operation { @@ -3970,7 +3901,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginRepeatLoop(v) } }() - case 160: try { + case 157: try { var v: Fuzzilli_Protobuf_EndRepeatLoop? var hadOneofValue = false if let current = self.operation { @@ -3983,7 +3914,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endRepeatLoop(v) } }() - case 161: try { + case 158: try { var v: Fuzzilli_Protobuf_LoopBreak? var hadOneofValue = false if let current = self.operation { @@ -3996,7 +3927,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loopBreak(v) } }() - case 162: try { + case 159: try { var v: Fuzzilli_Protobuf_LoopContinue? var hadOneofValue = false if let current = self.operation { @@ -4009,7 +3940,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loopContinue(v) } }() - case 163: try { + case 160: try { var v: Fuzzilli_Protobuf_BeginTry? var hadOneofValue = false if let current = self.operation { @@ -4022,7 +3953,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginTry(v) } }() - case 164: try { + case 161: try { var v: Fuzzilli_Protobuf_BeginCatch? var hadOneofValue = false if let current = self.operation { @@ -4035,7 +3966,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginCatch(v) } }() - case 165: try { + case 162: try { var v: Fuzzilli_Protobuf_BeginFinally? var hadOneofValue = false if let current = self.operation { @@ -4048,7 +3979,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginFinally(v) } }() - case 166: try { + case 163: try { var v: Fuzzilli_Protobuf_EndTryCatchFinally? var hadOneofValue = false if let current = self.operation { @@ -4061,7 +3992,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endTryCatchFinally(v) } }() - case 167: try { + case 164: try { var v: Fuzzilli_Protobuf_ThrowException? var hadOneofValue = false if let current = self.operation { @@ -4074,7 +4005,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .throwException(v) } }() - case 168: try { + case 165: try { var v: Fuzzilli_Protobuf_BeginCodeString? var hadOneofValue = false if let current = self.operation { @@ -4087,7 +4018,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginCodeString(v) } }() - case 169: try { + case 166: try { var v: Fuzzilli_Protobuf_EndCodeString? var hadOneofValue = false if let current = self.operation { @@ -4100,7 +4031,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endCodeString(v) } }() - case 170: try { + case 167: try { var v: Fuzzilli_Protobuf_BeginBlockStatement? var hadOneofValue = false if let current = self.operation { @@ -4113,7 +4044,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginBlockStatement(v) } }() - case 171: try { + case 168: try { var v: Fuzzilli_Protobuf_EndBlockStatement? var hadOneofValue = false if let current = self.operation { @@ -4126,7 +4057,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endBlockStatement(v) } }() - case 172: try { + case 169: try { var v: Fuzzilli_Protobuf_BeginSwitch? var hadOneofValue = false if let current = self.operation { @@ -4139,7 +4070,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitch(v) } }() - case 173: try { + case 170: try { var v: Fuzzilli_Protobuf_BeginSwitchCase? var hadOneofValue = false if let current = self.operation { @@ -4152,7 +4083,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitchCase(v) } }() - case 174: try { + case 171: try { var v: Fuzzilli_Protobuf_BeginSwitchDefaultCase? var hadOneofValue = false if let current = self.operation { @@ -4165,7 +4096,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .beginSwitchDefaultCase(v) } }() - case 175: try { + case 172: try { var v: Fuzzilli_Protobuf_EndSwitchCase? var hadOneofValue = false if let current = self.operation { @@ -4178,7 +4109,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endSwitchCase(v) } }() - case 176: try { + case 173: try { var v: Fuzzilli_Protobuf_EndSwitch? var hadOneofValue = false if let current = self.operation { @@ -4191,7 +4122,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .endSwitch(v) } }() - case 177: try { + case 174: try { var v: Fuzzilli_Protobuf_SwitchBreak? var hadOneofValue = false if let current = self.operation { @@ -4204,7 +4135,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .switchBreak(v) } }() - case 178: try { + case 175: try { var v: Fuzzilli_Protobuf_LoadNewTarget? var hadOneofValue = false if let current = self.operation { @@ -4217,7 +4148,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .loadNewTarget(v) } }() - case 179: try { + case 176: try { var v: Fuzzilli_Protobuf_Print? var hadOneofValue = false if let current = self.operation { @@ -4230,7 +4161,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .print(v) } }() - case 180: try { + case 177: try { var v: Fuzzilli_Protobuf_Explore? var hadOneofValue = false if let current = self.operation { @@ -4243,7 +4174,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .explore(v) } }() - case 181: try { + case 178: try { var v: Fuzzilli_Protobuf_Probe? var hadOneofValue = false if let current = self.operation { @@ -4256,7 +4187,7 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M self.operation = .probe(v) } }() - case 182: try { + case 179: try { var v: Fuzzilli_Protobuf_Fixup? var hadOneofValue = false if let current = self.operation { @@ -4327,220 +4258,220 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M guard case .loadArguments(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 12) }() + case .createNamedVariable?: try { + guard case .createNamedVariable(let v)? = self.operation else { preconditionFailure() } + try visitor.visitSingularMessageField(value: v, fieldNumber: 13) + }() case .loadDisposableVariable?: try { guard case .loadDisposableVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 13) + try visitor.visitSingularMessageField(value: v, fieldNumber: 14) }() case .loadAsyncDisposableVariable?: try { guard case .loadAsyncDisposableVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 14) + try visitor.visitSingularMessageField(value: v, fieldNumber: 15) }() case .loadRegExp?: try { guard case .loadRegExp(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 15) + try visitor.visitSingularMessageField(value: v, fieldNumber: 16) }() case .beginObjectLiteral?: try { guard case .beginObjectLiteral(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 16) + try visitor.visitSingularMessageField(value: v, fieldNumber: 17) }() case .objectLiteralAddProperty?: try { guard case .objectLiteralAddProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 17) + try visitor.visitSingularMessageField(value: v, fieldNumber: 18) }() case .objectLiteralAddElement?: try { guard case .objectLiteralAddElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 18) + try visitor.visitSingularMessageField(value: v, fieldNumber: 19) }() case .objectLiteralAddComputedProperty?: try { guard case .objectLiteralAddComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 19) + try visitor.visitSingularMessageField(value: v, fieldNumber: 20) }() case .objectLiteralCopyProperties?: try { guard case .objectLiteralCopyProperties(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 20) + try visitor.visitSingularMessageField(value: v, fieldNumber: 21) }() case .objectLiteralSetPrototype?: try { guard case .objectLiteralSetPrototype(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 21) + try visitor.visitSingularMessageField(value: v, fieldNumber: 22) }() case .beginObjectLiteralMethod?: try { guard case .beginObjectLiteralMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 22) + try visitor.visitSingularMessageField(value: v, fieldNumber: 23) }() case .endObjectLiteralMethod?: try { guard case .endObjectLiteralMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 23) + try visitor.visitSingularMessageField(value: v, fieldNumber: 24) }() case .beginObjectLiteralComputedMethod?: try { guard case .beginObjectLiteralComputedMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 24) + try visitor.visitSingularMessageField(value: v, fieldNumber: 25) }() case .endObjectLiteralComputedMethod?: try { guard case .endObjectLiteralComputedMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 25) + try visitor.visitSingularMessageField(value: v, fieldNumber: 26) }() case .beginObjectLiteralGetter?: try { guard case .beginObjectLiteralGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 26) + try visitor.visitSingularMessageField(value: v, fieldNumber: 27) }() case .endObjectLiteralGetter?: try { guard case .endObjectLiteralGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 27) + try visitor.visitSingularMessageField(value: v, fieldNumber: 28) }() case .beginObjectLiteralSetter?: try { guard case .beginObjectLiteralSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 28) + try visitor.visitSingularMessageField(value: v, fieldNumber: 29) }() case .endObjectLiteralSetter?: try { guard case .endObjectLiteralSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 29) + try visitor.visitSingularMessageField(value: v, fieldNumber: 30) }() case .endObjectLiteral?: try { guard case .endObjectLiteral(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 30) + try visitor.visitSingularMessageField(value: v, fieldNumber: 31) }() case .beginClassDefinition?: try { guard case .beginClassDefinition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 31) + try visitor.visitSingularMessageField(value: v, fieldNumber: 32) }() case .beginClassConstructor?: try { guard case .beginClassConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 32) + try visitor.visitSingularMessageField(value: v, fieldNumber: 33) }() case .endClassConstructor?: try { guard case .endClassConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 33) + try visitor.visitSingularMessageField(value: v, fieldNumber: 34) }() case .classAddInstanceProperty?: try { guard case .classAddInstanceProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 34) + try visitor.visitSingularMessageField(value: v, fieldNumber: 35) }() case .classAddInstanceElement?: try { guard case .classAddInstanceElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 35) + try visitor.visitSingularMessageField(value: v, fieldNumber: 36) }() case .classAddInstanceComputedProperty?: try { guard case .classAddInstanceComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 36) + try visitor.visitSingularMessageField(value: v, fieldNumber: 37) }() case .beginClassInstanceMethod?: try { guard case .beginClassInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 37) + try visitor.visitSingularMessageField(value: v, fieldNumber: 38) }() case .endClassInstanceMethod?: try { guard case .endClassInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 38) + try visitor.visitSingularMessageField(value: v, fieldNumber: 39) }() case .beginClassInstanceGetter?: try { guard case .beginClassInstanceGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 39) + try visitor.visitSingularMessageField(value: v, fieldNumber: 40) }() case .endClassInstanceGetter?: try { guard case .endClassInstanceGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 40) + try visitor.visitSingularMessageField(value: v, fieldNumber: 41) }() case .beginClassInstanceSetter?: try { guard case .beginClassInstanceSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 41) + try visitor.visitSingularMessageField(value: v, fieldNumber: 42) }() case .endClassInstanceSetter?: try { guard case .endClassInstanceSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 42) + try visitor.visitSingularMessageField(value: v, fieldNumber: 43) }() case .classAddStaticProperty?: try { guard case .classAddStaticProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 43) + try visitor.visitSingularMessageField(value: v, fieldNumber: 44) }() case .classAddStaticElement?: try { guard case .classAddStaticElement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 44) + try visitor.visitSingularMessageField(value: v, fieldNumber: 45) }() case .classAddStaticComputedProperty?: try { guard case .classAddStaticComputedProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 45) + try visitor.visitSingularMessageField(value: v, fieldNumber: 46) }() case .beginClassStaticInitializer?: try { guard case .beginClassStaticInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 46) + try visitor.visitSingularMessageField(value: v, fieldNumber: 47) }() case .endClassStaticInitializer?: try { guard case .endClassStaticInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 47) + try visitor.visitSingularMessageField(value: v, fieldNumber: 48) }() case .beginClassStaticMethod?: try { guard case .beginClassStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 48) + try visitor.visitSingularMessageField(value: v, fieldNumber: 49) }() case .endClassStaticMethod?: try { guard case .endClassStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 49) + try visitor.visitSingularMessageField(value: v, fieldNumber: 50) }() case .beginClassStaticGetter?: try { guard case .beginClassStaticGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 50) + try visitor.visitSingularMessageField(value: v, fieldNumber: 51) }() case .endClassStaticGetter?: try { guard case .endClassStaticGetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 51) + try visitor.visitSingularMessageField(value: v, fieldNumber: 52) }() case .beginClassStaticSetter?: try { guard case .beginClassStaticSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 52) + try visitor.visitSingularMessageField(value: v, fieldNumber: 53) }() case .endClassStaticSetter?: try { guard case .endClassStaticSetter(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 53) + try visitor.visitSingularMessageField(value: v, fieldNumber: 54) }() case .classAddPrivateInstanceProperty?: try { guard case .classAddPrivateInstanceProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 54) + try visitor.visitSingularMessageField(value: v, fieldNumber: 55) }() case .beginClassPrivateInstanceMethod?: try { guard case .beginClassPrivateInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 55) + try visitor.visitSingularMessageField(value: v, fieldNumber: 56) }() case .endClassPrivateInstanceMethod?: try { guard case .endClassPrivateInstanceMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 56) + try visitor.visitSingularMessageField(value: v, fieldNumber: 57) }() case .classAddPrivateStaticProperty?: try { guard case .classAddPrivateStaticProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 57) + try visitor.visitSingularMessageField(value: v, fieldNumber: 58) }() case .beginClassPrivateStaticMethod?: try { guard case .beginClassPrivateStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 58) + try visitor.visitSingularMessageField(value: v, fieldNumber: 59) }() case .endClassPrivateStaticMethod?: try { guard case .endClassPrivateStaticMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 59) + try visitor.visitSingularMessageField(value: v, fieldNumber: 60) }() case .endClassDefinition?: try { guard case .endClassDefinition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 60) + try visitor.visitSingularMessageField(value: v, fieldNumber: 61) }() case .createArray?: try { guard case .createArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 61) + try visitor.visitSingularMessageField(value: v, fieldNumber: 62) }() case .createIntArray?: try { guard case .createIntArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 62) + try visitor.visitSingularMessageField(value: v, fieldNumber: 63) }() case .createFloatArray?: try { guard case .createFloatArray(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 63) + try visitor.visitSingularMessageField(value: v, fieldNumber: 64) }() case .createArrayWithSpread?: try { guard case .createArrayWithSpread(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 64) + try visitor.visitSingularMessageField(value: v, fieldNumber: 65) }() case .createTemplateString?: try { guard case .createTemplateString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 65) - }() - case .loadBuiltin?: try { - guard case .loadBuiltin(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 66) }() case .getProperty?: try { @@ -4767,245 +4698,233 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M guard case .compare(let v)? = self.operation else { preconditionFailure() } try visitor.visitSingularMessageField(value: v, fieldNumber: 122) }() - case .loadNamedVariable?: try { - guard case .loadNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 123) - }() - case .storeNamedVariable?: try { - guard case .storeNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 124) - }() - case .defineNamedVariable?: try { - guard case .defineNamedVariable(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 125) - }() case .eval?: try { guard case .eval(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 126) + try visitor.visitSingularMessageField(value: v, fieldNumber: 123) }() case .beginWith?: try { guard case .beginWith(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 127) + try visitor.visitSingularMessageField(value: v, fieldNumber: 124) }() case .endWith?: try { guard case .endWith(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 128) + try visitor.visitSingularMessageField(value: v, fieldNumber: 125) }() case .callSuperConstructor?: try { guard case .callSuperConstructor(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 129) + try visitor.visitSingularMessageField(value: v, fieldNumber: 126) }() case .callSuperMethod?: try { guard case .callSuperMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 130) + try visitor.visitSingularMessageField(value: v, fieldNumber: 127) }() case .getPrivateProperty?: try { guard case .getPrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 131) + try visitor.visitSingularMessageField(value: v, fieldNumber: 128) }() case .setPrivateProperty?: try { guard case .setPrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 132) + try visitor.visitSingularMessageField(value: v, fieldNumber: 129) }() case .updatePrivateProperty?: try { guard case .updatePrivateProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 133) + try visitor.visitSingularMessageField(value: v, fieldNumber: 130) }() case .callPrivateMethod?: try { guard case .callPrivateMethod(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 134) + try visitor.visitSingularMessageField(value: v, fieldNumber: 131) }() case .getSuperProperty?: try { guard case .getSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 135) + try visitor.visitSingularMessageField(value: v, fieldNumber: 132) }() case .setSuperProperty?: try { guard case .setSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 136) + try visitor.visitSingularMessageField(value: v, fieldNumber: 133) }() case .getComputedSuperProperty?: try { guard case .getComputedSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 137) + try visitor.visitSingularMessageField(value: v, fieldNumber: 134) }() case .setComputedSuperProperty?: try { guard case .setComputedSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 138) + try visitor.visitSingularMessageField(value: v, fieldNumber: 135) }() case .updateSuperProperty?: try { guard case .updateSuperProperty(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 139) + try visitor.visitSingularMessageField(value: v, fieldNumber: 136) }() case .beginIf?: try { guard case .beginIf(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 140) + try visitor.visitSingularMessageField(value: v, fieldNumber: 137) }() case .beginElse?: try { guard case .beginElse(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 141) + try visitor.visitSingularMessageField(value: v, fieldNumber: 138) }() case .endIf?: try { guard case .endIf(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 142) + try visitor.visitSingularMessageField(value: v, fieldNumber: 139) }() case .beginWhileLoopHeader?: try { guard case .beginWhileLoopHeader(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 143) + try visitor.visitSingularMessageField(value: v, fieldNumber: 140) }() case .beginWhileLoopBody?: try { guard case .beginWhileLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 144) + try visitor.visitSingularMessageField(value: v, fieldNumber: 141) }() case .endWhileLoop?: try { guard case .endWhileLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 145) + try visitor.visitSingularMessageField(value: v, fieldNumber: 142) }() case .beginDoWhileLoopBody?: try { guard case .beginDoWhileLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 146) + try visitor.visitSingularMessageField(value: v, fieldNumber: 143) }() case .beginDoWhileLoopHeader?: try { guard case .beginDoWhileLoopHeader(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 147) + try visitor.visitSingularMessageField(value: v, fieldNumber: 144) }() case .endDoWhileLoop?: try { guard case .endDoWhileLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 148) + try visitor.visitSingularMessageField(value: v, fieldNumber: 145) }() case .beginForLoopInitializer?: try { guard case .beginForLoopInitializer(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 149) + try visitor.visitSingularMessageField(value: v, fieldNumber: 146) }() case .beginForLoopCondition?: try { guard case .beginForLoopCondition(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 150) + try visitor.visitSingularMessageField(value: v, fieldNumber: 147) }() case .beginForLoopAfterthought?: try { guard case .beginForLoopAfterthought(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 151) + try visitor.visitSingularMessageField(value: v, fieldNumber: 148) }() case .beginForLoopBody?: try { guard case .beginForLoopBody(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 152) + try visitor.visitSingularMessageField(value: v, fieldNumber: 149) }() case .endForLoop?: try { guard case .endForLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 153) + try visitor.visitSingularMessageField(value: v, fieldNumber: 150) }() case .beginForInLoop?: try { guard case .beginForInLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 154) + try visitor.visitSingularMessageField(value: v, fieldNumber: 151) }() case .endForInLoop?: try { guard case .endForInLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 155) + try visitor.visitSingularMessageField(value: v, fieldNumber: 152) }() case .beginForOfLoop?: try { guard case .beginForOfLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 156) + try visitor.visitSingularMessageField(value: v, fieldNumber: 153) }() case .beginForOfLoopWithDestruct?: try { guard case .beginForOfLoopWithDestruct(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 157) + try visitor.visitSingularMessageField(value: v, fieldNumber: 154) }() case .endForOfLoop?: try { guard case .endForOfLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 158) + try visitor.visitSingularMessageField(value: v, fieldNumber: 155) }() case .beginRepeatLoop?: try { guard case .beginRepeatLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 159) + try visitor.visitSingularMessageField(value: v, fieldNumber: 156) }() case .endRepeatLoop?: try { guard case .endRepeatLoop(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 160) + try visitor.visitSingularMessageField(value: v, fieldNumber: 157) }() case .loopBreak?: try { guard case .loopBreak(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 161) + try visitor.visitSingularMessageField(value: v, fieldNumber: 158) }() case .loopContinue?: try { guard case .loopContinue(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 162) + try visitor.visitSingularMessageField(value: v, fieldNumber: 159) }() case .beginTry?: try { guard case .beginTry(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 163) + try visitor.visitSingularMessageField(value: v, fieldNumber: 160) }() case .beginCatch?: try { guard case .beginCatch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 164) + try visitor.visitSingularMessageField(value: v, fieldNumber: 161) }() case .beginFinally?: try { guard case .beginFinally(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 165) + try visitor.visitSingularMessageField(value: v, fieldNumber: 162) }() case .endTryCatchFinally?: try { guard case .endTryCatchFinally(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 166) + try visitor.visitSingularMessageField(value: v, fieldNumber: 163) }() case .throwException?: try { guard case .throwException(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 167) + try visitor.visitSingularMessageField(value: v, fieldNumber: 164) }() case .beginCodeString?: try { guard case .beginCodeString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 168) + try visitor.visitSingularMessageField(value: v, fieldNumber: 165) }() case .endCodeString?: try { guard case .endCodeString(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 169) + try visitor.visitSingularMessageField(value: v, fieldNumber: 166) }() case .beginBlockStatement?: try { guard case .beginBlockStatement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 170) + try visitor.visitSingularMessageField(value: v, fieldNumber: 167) }() case .endBlockStatement?: try { guard case .endBlockStatement(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 171) + try visitor.visitSingularMessageField(value: v, fieldNumber: 168) }() case .beginSwitch?: try { guard case .beginSwitch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 172) + try visitor.visitSingularMessageField(value: v, fieldNumber: 169) }() case .beginSwitchCase?: try { guard case .beginSwitchCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 173) + try visitor.visitSingularMessageField(value: v, fieldNumber: 170) }() case .beginSwitchDefaultCase?: try { guard case .beginSwitchDefaultCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 174) + try visitor.visitSingularMessageField(value: v, fieldNumber: 171) }() case .endSwitchCase?: try { guard case .endSwitchCase(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 175) + try visitor.visitSingularMessageField(value: v, fieldNumber: 172) }() case .endSwitch?: try { guard case .endSwitch(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 176) + try visitor.visitSingularMessageField(value: v, fieldNumber: 173) }() case .switchBreak?: try { guard case .switchBreak(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 177) + try visitor.visitSingularMessageField(value: v, fieldNumber: 174) }() case .loadNewTarget?: try { guard case .loadNewTarget(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 178) + try visitor.visitSingularMessageField(value: v, fieldNumber: 175) }() case .print?: try { guard case .print(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 179) + try visitor.visitSingularMessageField(value: v, fieldNumber: 176) }() case .explore?: try { guard case .explore(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 180) + try visitor.visitSingularMessageField(value: v, fieldNumber: 177) }() case .probe?: try { guard case .probe(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 181) + try visitor.visitSingularMessageField(value: v, fieldNumber: 178) }() case .fixup?: try { guard case .fixup(let v)? = self.operation else { preconditionFailure() } - try visitor.visitSingularMessageField(value: v, fieldNumber: 182) + try visitor.visitSingularMessageField(value: v, fieldNumber: 179) }() case nil: break } diff --git a/Sources/Fuzzilli/Protobuf/program.proto b/Sources/Fuzzilli/Protobuf/program.proto index b3e805fce..5334526e3 100644 --- a/Sources/Fuzzilli/Protobuf/program.proto +++ b/Sources/Fuzzilli/Protobuf/program.proto @@ -36,60 +36,60 @@ message Instruction { LoadNull loadNull = 10; LoadThis loadThis = 11; LoadArguments loadArguments = 12; - LoadDisposableVariable loadDisposableVariable = 13; - LoadAsyncDisposableVariable loadAsyncDisposableVariable = 14; - LoadRegExp loadRegExp = 15; - BeginObjectLiteral beginObjectLiteral = 16; - ObjectLiteralAddProperty objectLiteralAddProperty = 17; - ObjectLiteralAddElement objectLiteralAddElement = 18; - ObjectLiteralAddComputedProperty objectLiteralAddComputedProperty = 19; - ObjectLiteralCopyProperties objectLiteralCopyProperties = 20; - ObjectLiteralSetPrototype objectLiteralSetPrototype = 21; - BeginObjectLiteralMethod beginObjectLiteralMethod = 22; - EndObjectLiteralMethod endObjectLiteralMethod = 23; - BeginObjectLiteralComputedMethod beginObjectLiteralComputedMethod = 24; - EndObjectLiteralComputedMethod endObjectLiteralComputedMethod = 25; - BeginObjectLiteralGetter beginObjectLiteralGetter = 26; - EndObjectLiteralGetter endObjectLiteralGetter = 27; - BeginObjectLiteralSetter beginObjectLiteralSetter = 28; - EndObjectLiteralSetter endObjectLiteralSetter = 29; - EndObjectLiteral endObjectLiteral = 30; - BeginClassDefinition beginClassDefinition = 31; - BeginClassConstructor beginClassConstructor = 32; - EndClassConstructor endClassConstructor = 33; - ClassAddInstanceProperty classAddInstanceProperty = 34; - ClassAddInstanceElement classAddInstanceElement = 35; - ClassAddInstanceComputedProperty classAddInstanceComputedProperty = 36; - BeginClassInstanceMethod beginClassInstanceMethod = 37; - EndClassInstanceMethod endClassInstanceMethod = 38; - BeginClassInstanceGetter beginClassInstanceGetter = 39; - EndClassInstanceGetter endClassInstanceGetter = 40; - BeginClassInstanceSetter beginClassInstanceSetter = 41; - EndClassInstanceSetter endClassInstanceSetter = 42; - ClassAddStaticProperty classAddStaticProperty = 43; - ClassAddStaticElement classAddStaticElement = 44; - ClassAddStaticComputedProperty classAddStaticComputedProperty = 45; - BeginClassStaticInitializer beginClassStaticInitializer = 46; - EndClassStaticInitializer endClassStaticInitializer = 47; - BeginClassStaticMethod beginClassStaticMethod = 48; - EndClassStaticMethod endClassStaticMethod = 49; - BeginClassStaticGetter beginClassStaticGetter = 50; - EndClassStaticGetter endClassStaticGetter = 51; - BeginClassStaticSetter beginClassStaticSetter = 52; - EndClassStaticSetter endClassStaticSetter = 53; - ClassAddPrivateInstanceProperty classAddPrivateInstanceProperty = 54; - BeginClassPrivateInstanceMethod beginClassPrivateInstanceMethod = 55; - EndClassPrivateInstanceMethod endClassPrivateInstanceMethod = 56; - ClassAddPrivateStaticProperty classAddPrivateStaticProperty = 57; - BeginClassPrivateStaticMethod beginClassPrivateStaticMethod = 58; - EndClassPrivateStaticMethod endClassPrivateStaticMethod = 59; - EndClassDefinition endClassDefinition = 60; - CreateArray createArray = 61; - CreateIntArray createIntArray = 62; - CreateFloatArray createFloatArray = 63; - CreateArrayWithSpread createArrayWithSpread = 64; - CreateTemplateString createTemplateString = 65; - LoadBuiltin loadBuiltin = 66; + CreateNamedVariable createNamedVariable = 13; + LoadDisposableVariable loadDisposableVariable = 14; + LoadAsyncDisposableVariable loadAsyncDisposableVariable = 15; + LoadRegExp loadRegExp = 16; + BeginObjectLiteral beginObjectLiteral = 17; + ObjectLiteralAddProperty objectLiteralAddProperty = 18; + ObjectLiteralAddElement objectLiteralAddElement = 19; + ObjectLiteralAddComputedProperty objectLiteralAddComputedProperty = 20; + ObjectLiteralCopyProperties objectLiteralCopyProperties = 21; + ObjectLiteralSetPrototype objectLiteralSetPrototype = 22; + BeginObjectLiteralMethod beginObjectLiteralMethod = 23; + EndObjectLiteralMethod endObjectLiteralMethod = 24; + BeginObjectLiteralComputedMethod beginObjectLiteralComputedMethod = 25; + EndObjectLiteralComputedMethod endObjectLiteralComputedMethod = 26; + BeginObjectLiteralGetter beginObjectLiteralGetter = 27; + EndObjectLiteralGetter endObjectLiteralGetter = 28; + BeginObjectLiteralSetter beginObjectLiteralSetter = 29; + EndObjectLiteralSetter endObjectLiteralSetter = 30; + EndObjectLiteral endObjectLiteral = 31; + BeginClassDefinition beginClassDefinition = 32; + BeginClassConstructor beginClassConstructor = 33; + EndClassConstructor endClassConstructor = 34; + ClassAddInstanceProperty classAddInstanceProperty = 35; + ClassAddInstanceElement classAddInstanceElement = 36; + ClassAddInstanceComputedProperty classAddInstanceComputedProperty = 37; + BeginClassInstanceMethod beginClassInstanceMethod = 38; + EndClassInstanceMethod endClassInstanceMethod = 39; + BeginClassInstanceGetter beginClassInstanceGetter = 40; + EndClassInstanceGetter endClassInstanceGetter = 41; + BeginClassInstanceSetter beginClassInstanceSetter = 42; + EndClassInstanceSetter endClassInstanceSetter = 43; + ClassAddStaticProperty classAddStaticProperty = 44; + ClassAddStaticElement classAddStaticElement = 45; + ClassAddStaticComputedProperty classAddStaticComputedProperty = 46; + BeginClassStaticInitializer beginClassStaticInitializer = 47; + EndClassStaticInitializer endClassStaticInitializer = 48; + BeginClassStaticMethod beginClassStaticMethod = 49; + EndClassStaticMethod endClassStaticMethod = 50; + BeginClassStaticGetter beginClassStaticGetter = 51; + EndClassStaticGetter endClassStaticGetter = 52; + BeginClassStaticSetter beginClassStaticSetter = 53; + EndClassStaticSetter endClassStaticSetter = 54; + ClassAddPrivateInstanceProperty classAddPrivateInstanceProperty = 55; + BeginClassPrivateInstanceMethod beginClassPrivateInstanceMethod = 56; + EndClassPrivateInstanceMethod endClassPrivateInstanceMethod = 57; + ClassAddPrivateStaticProperty classAddPrivateStaticProperty = 58; + BeginClassPrivateStaticMethod beginClassPrivateStaticMethod = 59; + EndClassPrivateStaticMethod endClassPrivateStaticMethod = 60; + EndClassDefinition endClassDefinition = 61; + CreateArray createArray = 62; + CreateIntArray createIntArray = 63; + CreateFloatArray createFloatArray = 64; + CreateArrayWithSpread createArrayWithSpread = 65; + CreateTemplateString createTemplateString = 66; GetProperty getProperty = 67; SetProperty setProperty = 68; UpdateProperty updateProperty = 69; @@ -146,66 +146,63 @@ message Instruction { DestructObject destructObject = 120; DestructObjectAndReassign destructObjectAndReassign = 121; Compare compare = 122; - LoadNamedVariable loadNamedVariable = 123; - StoreNamedVariable storeNamedVariable = 124; - DefineNamedVariable defineNamedVariable = 125; - Eval eval = 126; - BeginWith beginWith = 127; - EndWith endWith = 128; - CallSuperConstructor callSuperConstructor = 129; - CallSuperMethod callSuperMethod = 130; - GetPrivateProperty getPrivateProperty = 131; - SetPrivateProperty setPrivateProperty = 132; - UpdatePrivateProperty updatePrivateProperty = 133; - CallPrivateMethod callPrivateMethod = 134; - GetSuperProperty getSuperProperty = 135; - SetSuperProperty setSuperProperty = 136; - GetComputedSuperProperty getComputedSuperProperty = 137; - SetComputedSuperProperty setComputedSuperProperty = 138; - UpdateSuperProperty updateSuperProperty = 139; - BeginIf beginIf = 140; - BeginElse beginElse = 141; - EndIf endIf = 142; - BeginWhileLoopHeader beginWhileLoopHeader = 143; - BeginWhileLoopBody beginWhileLoopBody = 144; - EndWhileLoop endWhileLoop = 145; - BeginDoWhileLoopBody beginDoWhileLoopBody = 146; - BeginDoWhileLoopHeader beginDoWhileLoopHeader = 147; - EndDoWhileLoop endDoWhileLoop = 148; - BeginForLoopInitializer beginForLoopInitializer = 149; - BeginForLoopCondition beginForLoopCondition = 150; - BeginForLoopAfterthought beginForLoopAfterthought = 151; - BeginForLoopBody beginForLoopBody = 152; - EndForLoop endForLoop = 153; - BeginForInLoop beginForInLoop = 154; - EndForInLoop endForInLoop = 155; - BeginForOfLoop beginForOfLoop = 156; - BeginForOfLoopWithDestruct beginForOfLoopWithDestruct = 157; - EndForOfLoop endForOfLoop = 158; - BeginRepeatLoop beginRepeatLoop = 159; - EndRepeatLoop endRepeatLoop = 160; - LoopBreak loopBreak = 161; - LoopContinue loopContinue = 162; - BeginTry beginTry = 163; - BeginCatch beginCatch = 164; - BeginFinally beginFinally = 165; - EndTryCatchFinally endTryCatchFinally = 166; - ThrowException throwException = 167; - BeginCodeString beginCodeString = 168; - EndCodeString endCodeString = 169; - BeginBlockStatement beginBlockStatement = 170; - EndBlockStatement endBlockStatement = 171; - BeginSwitch beginSwitch = 172; - BeginSwitchCase beginSwitchCase = 173; - BeginSwitchDefaultCase beginSwitchDefaultCase = 174; - EndSwitchCase endSwitchCase = 175; - EndSwitch endSwitch = 176; - SwitchBreak switchBreak = 177; - LoadNewTarget loadNewTarget = 178; - Print print = 179; - Explore explore = 180; - Probe probe = 181; - Fixup fixup = 182; + Eval eval = 123; + BeginWith beginWith = 124; + EndWith endWith = 125; + CallSuperConstructor callSuperConstructor = 126; + CallSuperMethod callSuperMethod = 127; + GetPrivateProperty getPrivateProperty = 128; + SetPrivateProperty setPrivateProperty = 129; + UpdatePrivateProperty updatePrivateProperty = 130; + CallPrivateMethod callPrivateMethod = 131; + GetSuperProperty getSuperProperty = 132; + SetSuperProperty setSuperProperty = 133; + GetComputedSuperProperty getComputedSuperProperty = 134; + SetComputedSuperProperty setComputedSuperProperty = 135; + UpdateSuperProperty updateSuperProperty = 136; + BeginIf beginIf = 137; + BeginElse beginElse = 138; + EndIf endIf = 139; + BeginWhileLoopHeader beginWhileLoopHeader = 140; + BeginWhileLoopBody beginWhileLoopBody = 141; + EndWhileLoop endWhileLoop = 142; + BeginDoWhileLoopBody beginDoWhileLoopBody = 143; + BeginDoWhileLoopHeader beginDoWhileLoopHeader = 144; + EndDoWhileLoop endDoWhileLoop = 145; + BeginForLoopInitializer beginForLoopInitializer = 146; + BeginForLoopCondition beginForLoopCondition = 147; + BeginForLoopAfterthought beginForLoopAfterthought = 148; + BeginForLoopBody beginForLoopBody = 149; + EndForLoop endForLoop = 150; + BeginForInLoop beginForInLoop = 151; + EndForInLoop endForInLoop = 152; + BeginForOfLoop beginForOfLoop = 153; + BeginForOfLoopWithDestruct beginForOfLoopWithDestruct = 154; + EndForOfLoop endForOfLoop = 155; + BeginRepeatLoop beginRepeatLoop = 156; + EndRepeatLoop endRepeatLoop = 157; + LoopBreak loopBreak = 158; + LoopContinue loopContinue = 159; + BeginTry beginTry = 160; + BeginCatch beginCatch = 161; + BeginFinally beginFinally = 162; + EndTryCatchFinally endTryCatchFinally = 163; + ThrowException throwException = 164; + BeginCodeString beginCodeString = 165; + EndCodeString endCodeString = 166; + BeginBlockStatement beginBlockStatement = 167; + EndBlockStatement endBlockStatement = 168; + BeginSwitch beginSwitch = 169; + BeginSwitchCase beginSwitchCase = 170; + BeginSwitchDefaultCase beginSwitchDefaultCase = 171; + EndSwitchCase endSwitchCase = 172; + EndSwitch endSwitch = 173; + SwitchBreak switchBreak = 174; + LoadNewTarget loadNewTarget = 175; + Print print = 176; + Explore explore = 177; + Probe probe = 178; + Fixup fixup = 179; } } diff --git a/Sources/FuzzilliCli/Profiles/JSCProfile.swift b/Sources/FuzzilliCli/Profiles/JSCProfile.swift index 3f5aab062..36d5e87e7 100644 --- a/Sources/FuzzilliCli/Profiles/JSCProfile.swift +++ b/Sources/FuzzilliCli/Profiles/JSCProfile.swift @@ -33,7 +33,7 @@ fileprivate let ForceFTLCompilationGenerator = CodeGenerator("ForceFTLCompilatio } fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - b.callFunction(b.loadBuiltin("gc")) + b.callFunction(b.createNamedVariable(forBuiltin: "gc")) } let jscProfile = Profile( diff --git a/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift b/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift index 65f94f412..fac719046 100644 --- a/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift +++ b/Sources/FuzzilliCli/Profiles/SpidermonkeyProfile.swift @@ -24,7 +24,7 @@ fileprivate let ForceSpidermonkeyIonGenerator = CodeGenerator("ForceSpidermonkey } fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - b.callFunction(b.loadBuiltin("gc")) + b.callFunction(b.createNamedVariable(forBuiltin: "gc")) } let spidermonkeyProfile = Profile( diff --git a/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift b/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift index e15adbff1..4cb975e2a 100644 --- a/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift +++ b/Sources/FuzzilliCli/Profiles/V8HoleFuzzingProfile.swift @@ -44,7 +44,7 @@ fileprivate let ForceMaglevCompilationGenerator = CodeGenerator("ForceMaglevComp } // Insert random GC calls throughout our code. fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") // Do minor GCs more frequently. let type = b.loadString(probability(0.25) ? "major" : "minor") // If the execution type is 'async', gc() returns a Promise, we currently diff --git a/Sources/FuzzilliCli/Profiles/V8Profile.swift b/Sources/FuzzilliCli/Profiles/V8Profile.swift index 224e8e94e..083948d03 100644 --- a/Sources/FuzzilliCli/Profiles/V8Profile.swift +++ b/Sources/FuzzilliCli/Profiles/V8Profile.swift @@ -79,7 +79,7 @@ fileprivate let WorkerGenerator = RecursiveCodeGenerator("WorkerGenerator") { b b.buildRecursive(block: 2, of: 2) } - let workerConstructor = b.loadBuiltin("Worker") + let workerConstructor = b.createNamedVariable(forBuiltin: "Worker") let functionString = b.loadString("function") let argumentsArray = b.createArray(with: b.randomArguments(forCalling: workerFunction)) @@ -92,7 +92,7 @@ fileprivate let WorkerGenerator = RecursiveCodeGenerator("WorkerGenerator") { b // Insert random GC calls throughout our code. fileprivate let GcGenerator = CodeGenerator("GcGenerator") { b in - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") // Do minor GCs more frequently. let type = b.loadString(probability(0.25) ? "major" : "minor") @@ -290,9 +290,9 @@ fileprivate let ValueSerializerFuzzer = ProgramTemplate("ValueSerializerFuzzer") b.build(n: 50) // Load necessary builtins - let d8 = b.loadBuiltin("d8") + let d8 = b.createNamedVariable(forBuiltin: "d8") let serializer = b.getProperty("serializer", of: d8) - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") // Serialize a random object let content = b.callMethod("serialize", on: serializer, withArgs: [b.randomVariable()]) @@ -363,7 +363,7 @@ fileprivate let RegExpFuzzer = ProgramTemplate("RegExpFuzzer") { b in let resultVar = b.loadNull() b.buildTryCatchFinally(tryBody: { - let symbol = b.loadBuiltin("Symbol") + let symbol = b.createNamedVariable(forBuiltin: "Symbol") withEqualProbability({ let res = b.callMethod("exec", on: regExpVar, withArgs: [subjectVar]) b.reassign(resultVar, to: res) diff --git a/Sources/FuzzilliCli/Profiles/XSProfile.swift b/Sources/FuzzilliCli/Profiles/XSProfile.swift index 44ddab3ef..f71377eb5 100644 --- a/Sources/FuzzilliCli/Profiles/XSProfile.swift +++ b/Sources/FuzzilliCli/Profiles/XSProfile.swift @@ -19,7 +19,7 @@ fileprivate let StressXSGC = CodeGenerator("StressXSGC", inputs: .required(.func let index = b.loadInt(1) let end = b.loadInt(128) - let gc = b.loadBuiltin("gc") + let gc = b.createNamedVariable(forBuiltin: "gc") b.callFunction(gc, withArgs: [index]) b.buildWhileLoop({b.compare(index, with: end, using: .lessThan)}) { b.callFunction(f, withArgs: arguments) @@ -36,7 +36,7 @@ fileprivate let StressXSMemoryFail = CodeGenerator("StressXSMemoryFail", inputs: let index = b.loadInt(1) let max = b.loadInt(1000000) - let memoryFail = b.loadBuiltin("memoryFail") + let memoryFail = b.createNamedVariable(forBuiltin: "memoryFail") b.callFunction(memoryFail, withArgs: [max]) // count how many allocations this function makes b.callFunction(f, withArgs: arguments) var end = b.callFunction(memoryFail, withArgs: [index]) @@ -49,17 +49,17 @@ fileprivate let StressXSMemoryFail = CodeGenerator("StressXSMemoryFail", inputs: } fileprivate let HardenGenerator = CodeGenerator("HardenGenerator", inputs: .required(.object())) { b, obj in - let harden = b.loadBuiltin("harden") + let harden = b.createNamedVariable(forBuiltin: "harden") if probability(0.05) { - let lockdown = b.loadBuiltin("lockdown") + let lockdown = b.createNamedVariable(forBuiltin: "lockdown") b.callFunction(lockdown) } b.callFunction(harden, withArgs: [obj]) } fileprivate let ModuleSourceGenerator = RecursiveCodeGenerator("ModuleSourceGenerator") { b in - let moduleSourceConstructor = b.loadBuiltin("ModuleSource") + let moduleSourceConstructor = b.createNamedVariable(forBuiltin: "ModuleSource") let code = b.buildCodeString() { b.buildRecursive() @@ -69,7 +69,7 @@ fileprivate let ModuleSourceGenerator = RecursiveCodeGenerator("ModuleSourceGene } fileprivate let CompartmentGenerator = RecursiveCodeGenerator("CompartmentGenerator") { b in - let compartmentConstructor = b.loadBuiltin("Compartment") + let compartmentConstructor = b.createNamedVariable(forBuiltin: "Compartment") var endowments = [String: Variable]() // may be used as endowments argument or globalLexicals var moduleMap = [String: Variable]() @@ -132,7 +132,7 @@ fileprivate let UnicodeStringGenerator = CodeGenerator("UnicodeStringGenerator") fileprivate let HexGenerator = CodeGenerator("HexGenerator") { b in let hexValues = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "A", "B", "C", "D", "E", "F"] - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") withEqualProbability({ var s = "" @@ -164,7 +164,7 @@ fileprivate let Base64Generator = CodeGenerator("Base64Generator") { b in let base64Alphabet = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/"] let base64URLAlphabet = ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "-", "_"] - let Uint8Array = b.loadBuiltin("Uint8Array") + let Uint8Array = b.createNamedVariable(forBuiltin: "Uint8Array") withEqualProbability({ var options = [String: Variable]() @@ -272,7 +272,7 @@ fileprivate let RegExpFuzzer = ProgramTemplate("RegExpFuzzer") { b in let resultVar = b.loadNull() b.buildTryCatchFinally(tryBody: { - let symbol = b.loadBuiltin("Symbol") + let symbol = b.createNamedVariable(forBuiltin: "Symbol") withEqualProbability({ let res = b.callMethod("exec", on: regExpVar, withArgs: [subjectVar]) b.reassign(resultVar, to: res) diff --git a/Tests/FuzzilliTests/AnalyzerTest.swift b/Tests/FuzzilliTests/AnalyzerTest.swift index 1dac85577..4bffb5cde 100644 --- a/Tests/FuzzilliTests/AnalyzerTest.swift +++ b/Tests/FuzzilliTests/AnalyzerTest.swift @@ -128,7 +128,7 @@ class AnalyzerTests: XCTestCase { } } XCTAssertEqual(b.context, [.javascript, .with]) - b.loadNamedVariable(b.randomPropertyName()) + b.createNamedVariable(b.randomPropertyName(), declarationMode: .none) } let _ = b.finalize() diff --git a/Tests/FuzzilliTests/CompilerTests/advanced_loops.js b/Tests/FuzzilliTests/CompilerTests/advanced_loops.js index 7f40a8bff..998ee415e 100644 --- a/Tests/FuzzilliTests/CompilerTests/advanced_loops.js +++ b/Tests/FuzzilliTests/CompilerTests/advanced_loops.js @@ -89,3 +89,12 @@ for (output("inside for loop initializer"); output("inside for loop condition"), if (!countdown()) break; } resetCounter(); + +// Test scoping in the different parts of a for loop. +{ + global = { start: 0, end: 3, step: 1, value: 42 }; +} +for (let i = global.start; i < global.end; i += global.step) { + output("inside for loop body with global value", global.value); +} + diff --git a/Tests/FuzzilliTests/CompilerTests/basic_object_access.js b/Tests/FuzzilliTests/CompilerTests/basic_object_access.js index 1f300d6c7..8457f8c12 100644 --- a/Tests/FuzzilliTests/CompilerTests/basic_object_access.js +++ b/Tests/FuzzilliTests/CompilerTests/basic_object_access.js @@ -14,9 +14,11 @@ o[3] = o[2] + o[1]; output(JSON.stringify(o)); with(o) { - a = 3; - b = 4; - c = a + b; - } + output(a); + output(b); + a = 3; + b = 4; + c = a + b; +} -output(JSON.stringify(o)); \ No newline at end of file +output(JSON.stringify(o)); diff --git a/Tests/FuzzilliTests/CompilerTests/basic_scoping.js b/Tests/FuzzilliTests/CompilerTests/basic_scoping.js index 1b5b6d34b..becbe0b33 100644 --- a/Tests/FuzzilliTests/CompilerTests/basic_scoping.js +++ b/Tests/FuzzilliTests/CompilerTests/basic_scoping.js @@ -19,18 +19,8 @@ function foo(x) { } foo(44); -// Note: this test will currently fail if 'a' and 'b' are replaced by -// 'x' and 'y' in the object. That's because the compiler will still used -// regular/numbered variables for x and y, and so will effectively rename -// them to something like `v1` and `v2`, while keeping the property names -// of the object. This isn't easy to fix, unfortunately. One option might -// be to change the compiler to only use named variables in testcases that -// use `with` statements, but that would be quite an invasive change and -// result in a FuzzIL program that is less suited for mutations. -let obj = { a: 45, b: 9001 }; +let obj = { x: 45, y: 9001 }; with (obj) { output(x); output(y); - output(a); - output(b); } diff --git a/Tests/FuzzilliTests/CompilerTests/named_variables.js b/Tests/FuzzilliTests/CompilerTests/named_variables.js new file mode 100644 index 000000000..d450cf47d --- /dev/null +++ b/Tests/FuzzilliTests/CompilerTests/named_variables.js @@ -0,0 +1,50 @@ +if (typeof output === 'undefined') output = console.log; + +// Test variable names. +a = 1; +var b = 2; +let c = 3; + +eval('output(a)'); +eval('output(b)'); +eval('output(c)'); + +// Test uninitialized variables. +var d, e; +d = 4; +e = 5; +eval('output(d)'); +eval('output(e)'); + +// Test variable scoping. +function foo() { + var f; + h = 7; + if (true) { + f = 6; + var g = 8; + output(f); + var h; + output(h); + } + output(g); +} +foo(); + +// Test const variable assignment. +const i = 9; +try { + i++; +} catch (e) {} +output(i); + +// Test variable overwriting. +var j = 9; +var j = 10; +output(j); + +// Test multiple references to the same existing variable. +k = 9; +k++; +k++; +output(k); diff --git a/Tests/FuzzilliTests/JSTyperTests.swift b/Tests/FuzzilliTests/JSTyperTests.swift index 5ffd550ec..a56a1d679 100644 --- a/Tests/FuzzilliTests/JSTyperTests.swift +++ b/Tests/FuzzilliTests/JSTyperTests.swift @@ -726,9 +726,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let va = b.loadBuiltin("A") - let vb = b.loadBuiltin("B") - let vc = b.loadBuiltin("C") + let va = b.createNamedVariable(forBuiltin: "A") + let vb = b.createNamedVariable(forBuiltin: "B") + let vc = b.createNamedVariable(forBuiltin: "C") XCTAssertEqual(b.type(of: va), builtinAType) XCTAssertEqual(b.type(of: vb), builtinBType) @@ -759,9 +759,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let aObj = b.loadBuiltin("A") + let aObj = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: aObj), .anything) - let bObj = b.loadBuiltin("B") + let bObj = b.createNamedVariable(forBuiltin: "B") XCTAssertEqual(b.type(of: bObj), .object(ofGroup: "B")) // .foo and .bar are both known for B objects @@ -774,7 +774,7 @@ class JSTyperTests: XCTestCase { p = b.getProperty("baz", of: bObj) XCTAssertEqual(b.type(of: p), .anything) - let cObj = b.loadBuiltin("C") + let cObj = b.createNamedVariable(forBuiltin: "C") p = b.getProperty("baz", of: cObj) XCTAssertEqual(b.type(of: p), propBazType) @@ -809,9 +809,9 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let aObj = b.loadBuiltin("A") + let aObj = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: aObj), .anything) - let bObj = b.loadBuiltin("B") + let bObj = b.createNamedVariable(forBuiltin: "B") XCTAssertEqual(b.type(of: bObj), .object(ofGroup: "B")) var r = b.callMethod("m1", on: bObj) @@ -820,7 +820,7 @@ class JSTyperTests: XCTestCase { r = b.callMethod("m2", on: bObj) XCTAssertEqual(b.type(of: r), .anything) - let cObj = b.loadBuiltin("C") + let cObj = b.createNamedVariable(forBuiltin: "C") r = b.callMethod("m2", on: cObj) XCTAssertEqual(b.type(of: r), .object(ofGroup: "X")) } @@ -836,7 +836,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let A = b.loadBuiltin("A") + let A = b.createNamedVariable(forBuiltin: "A") XCTAssertEqual(b.type(of: A), aConstructorType) // For a known constructor, the resulting type can be inferred @@ -844,7 +844,7 @@ class JSTyperTests: XCTestCase { XCTAssertEqual(b.type(of: a), .object(ofGroup: "A")) // For an unknown constructor, the result will be .object() - let B = b.loadBuiltin("B") + let B = b.createNamedVariable(forBuiltin: "B") let b_ = b.construct(B) XCTAssertEqual(b.type(of: b_), .object()) @@ -869,7 +869,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let a = b.loadBuiltin("a") + let a = b.createNamedVariable(forBuiltin: "a") XCTAssertEqual(b.type(of: a), aFunctionType) // For a known function, the resulting type can be inferred @@ -877,7 +877,7 @@ class JSTyperTests: XCTestCase { XCTAssertEqual(b.type(of: r), .primitive) // For an unknown function, the result will be .anything - let c = b.loadBuiltin("c") + let c = b.createNamedVariable(forBuiltin: "c") r = b.callFunction(c) XCTAssertEqual(b.type(of: r), .anything) } @@ -1223,7 +1223,7 @@ class JSTyperTests: XCTestCase { let fuzzer = makeMockFuzzer(environment: env) let b = fuzzer.makeBuilder() - let obj = b.loadBuiltin("myO") + let obj = b.createNamedVariable(forBuiltin: "myO") b.setType(ofVariable: obj, to: .object(ofGroup: "O", withProperties: ["foo", "bar", "baz"])) let outputs = b.destruct(obj, selecting: ["foo", "bar"], hasRestElement: true) diff --git a/Tests/FuzzilliTests/LifterTest.swift b/Tests/FuzzilliTests/LifterTest.swift index a7499b400..15a44262a 100644 --- a/Tests/FuzzilliTests/LifterTest.swift +++ b/Tests/FuzzilliTests/LifterTest.swift @@ -52,15 +52,15 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) - let o = b.loadBuiltin("SomeObj") + let o = b.createNamedVariable(forBuiltin: "SomeObj") let foo = b.getProperty("foo", of: o) let bar = b.getProperty("bar", of: foo) let i = b.loadInt(42) let r = b.callMethod("baz", on: bar, withArgs: [i, i]) b.setProperty("r", of: obj, to: r) - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let lhs = b.callMethod("random", on: Math) let rhs = b.loadFloat(13.37) let s = b.binary(lhs, rhs, with: .Add) @@ -85,10 +85,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) let i = b.loadInt(42) - let o = b.loadBuiltin("SomeObj") + let o = b.createNamedVariable(forBuiltin: "SomeObj") let foo = b.getProperty("foo", of: o) let bar = b.getProperty("bar", of: foo) let baz = b.getProperty("baz", of: bar) @@ -113,9 +113,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() // Test that effectful operations aren't reordered in any sematic-changing way. - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let obj = b.construct(Object) - let effectful = b.loadBuiltin("effectful") + let effectful = b.createNamedVariable(forBuiltin: "effectful") var lhs = b.callMethod("func1", on: effectful) var rhs = b.callMethod("func2", on: effectful) @@ -229,13 +229,13 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let someValue = b.loadBuiltin("someValue") - let computeThreshold = b.loadBuiltin("computeThreshold") + let someValue = b.createNamedVariable(forBuiltin: "someValue") + let computeThreshold = b.createNamedVariable(forBuiltin: "computeThreshold") let threshold = b.callFunction(computeThreshold) let cond = b.compare(someValue, with: threshold, using: .lessThan) // The comparison and the function call can be inlined into the header of the if-statement. b.buildIf(cond) { - let doSomething = b.loadBuiltin("doSomething") + let doSomething = b.createNamedVariable(forBuiltin: "doSomething") b.callFunction(doSomething) } @@ -257,7 +257,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let v0 = b.loadInt(0) - let f = b.loadBuiltin("computeNumIterations") + let f = b.createNamedVariable(forBuiltin: "computeNumIterations") let numIterations = b.callFunction(f) // The function call should not be inlined into the loop header as that would change the programs behavior. b.buildWhileLoop({ b.compare(v0, with: numIterations, using: .lessThan) }) { @@ -284,12 +284,12 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() // Test that (potentially) effectful operations are only executed once. - let Object = b.loadBuiltin("Object") + let Object = b.createNamedVariable(forBuiltin: "Object") let o = b.construct(Object) let v0 = b.loadInt(1337) - let f1 = b.loadBuiltin("func1") + let f1 = b.createNamedVariable(forBuiltin: "func1") let r1 = b.callFunction(f1, withArgs: [v0]) - let f2 = b.loadBuiltin("func2") + let f2 = b.createNamedVariable(forBuiltin: "func2") let r2 = b.callFunction(f2, withArgs: [r1]) b.setProperty("x", of: o, to: r2) b.setProperty("y", of: o, to: r2) @@ -372,7 +372,7 @@ class LifterTests: XCTestCase { b.buildPlainFunction(with: .parameters(n: 1)) { args in let p = args[0] let two = b.loadInt(2) - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let x = b.getProperty("x", of: p) let xSquared = b.binary(x, two, with: .Exp) let y = b.getProperty("y", of: p) @@ -442,8 +442,8 @@ class LifterTests: XCTestCase { // variable access also does not raise an exception. b.loadInt(42) b.loadString("foobar") - b.loadNamedVariable("nonexistant") - let v = b.loadNamedVariable("alsoNonexistantButSafeToAccessViaTypeOf") + b.createNamedVariable("nonexistant", declarationMode: .none) + let v = b.createNamedVariable("alsoNonexistantButSafeToAccessViaTypeOf", declarationMode: .none) b.typeof(v) let program = b.finalize() @@ -466,8 +466,8 @@ class LifterTests: XCTestCase { let v3 = b.loadString("foobar") let null = b.loadNull() let v4 = b.binary(v3, v1, with: .Add) - let otherObject = b.loadBuiltin("SomeObject") - let toPrimitive = b.getProperty("toPrimitive", of: b.loadBuiltin("Symbol")) + let otherObject = b.createNamedVariable(forBuiltin: "SomeObject") + let toPrimitive = b.getProperty("toPrimitive", of: b.createNamedVariable(forBuiltin: "Symbol")) b.buildObjectLiteral { obj in obj.addProperty("p1", as: v1) obj.addProperty("__proto__", as: null) @@ -608,7 +608,7 @@ class LifterTests: XCTestCase { } } b.construct(C, withArgs: [b.loadInt(42)]) - b.reassign(C, to: b.loadBuiltin("Uint8Array")) + b.reassign(C, to: b.createNamedVariable(forBuiltin: "Uint8Array")) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -727,13 +727,13 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let v = b.callMethod("random", on: Math) let two_v = b.binary(v, v, with: .Add) let three_v = b.binary(two_v, v, with: .Add) let twelve_v = b.binary(b.loadInt(4), three_v, with: .Mul) let six_v = b.binary(twelve_v, b.loadInt(2), with: .Div) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [six_v]) let program = b.finalize() @@ -779,26 +779,26 @@ class LifterTests: XCTestCase { let code2 = b.buildCodeString() { let code3 = b.buildCodeString() { let code4 = b.buildCodeString() { - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let msg = b.loadString("Hello") b.callFunction(print, withArgs: [msg]) } let code5 = b.buildCodeString() { - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let msg = b.loadString("World") b.callFunction(print, withArgs: [msg]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code4]) b.callFunction(eval, withArgs: [code5]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code3]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code2]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code1]) let program = b.finalize() @@ -906,7 +906,7 @@ class LifterTests: XCTestCase { b.setProperty("bar", of: this, to: args[2]) } b.construct(c1, withArgs: [b.loadInt(42), b.loadInt(43)]) - let c2 = b.loadBuiltin("Object") + let c2 = b.createNamedVariable(forBuiltin: "Object") b.reassign(c1, to: c2) b.construct(c1, withArgs: [b.loadInt(44), b.loadInt(45)]) @@ -943,8 +943,8 @@ class LifterTests: XCTestCase { let r = b.binary(lhs, rhs, with: .Mul) b.yield(r) } - b.callFunction(f1, withArgs: [b.loadBuiltin("promise1"), b.loadBuiltin("promise2")]) - b.callFunction(f2, withArgs: [b.loadBuiltin("promise3"), b.loadBuiltin("promise4")]) + b.callFunction(f1, withArgs: [b.createNamedVariable(forBuiltin: "promise1"), b.createNamedVariable(forBuiltin: "promise2")]) + b.callFunction(f2, withArgs: [b.createNamedVariable(forBuiltin: "promise3"), b.createNamedVariable(forBuiltin: "promise4")]) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -1052,9 +1052,9 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let foo = b.loadBuiltin("foo") - let bar = b.loadBuiltin("bar") - let baz = b.loadBuiltin("baz") + let foo = b.createNamedVariable(forBuiltin: "foo") + let bar = b.createNamedVariable(forBuiltin: "bar") + let baz = b.createNamedVariable(forBuiltin: "baz") let i = b.loadInt(42) b.reassign(i, to: b.loadInt(43)) b.callFunction(foo, withArgs: [i]) @@ -1131,7 +1131,7 @@ class LifterTests: XCTestCase { b.createTemplateString(from: [""], interpolating: []) let bar = b.loadString("bar") b.createTemplateString(from: ["foo", "baz"], interpolating: [bar]) - let marker = b.callFunction(b.loadBuiltin("getMarker")) + let marker = b.callFunction(b.createNamedVariable(forBuiltin: "getMarker")) let space = b.loadString(" ") let inner = b.createTemplateString(from: ["Hello", "World"], interpolating: [space]) let _ = b.createTemplateString(from: ["", "", "", ""], interpolating: [marker, inner, marker] ) @@ -1154,7 +1154,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let o = b.loadBuiltin("Obj") + let o = b.createNamedVariable(forBuiltin: "Obj") let propA = b.getProperty("a", of: o) let propB = b.getProperty("b", of: propA) let propC = b.getProperty("c", of: propB) @@ -1242,7 +1242,7 @@ class LifterTests: XCTestCase { b.configureElement(1, of: obj, usingFlags: [.writable, .enumerable], as: .setter(f2)) b.configureElement(2, of: obj, usingFlags: [.writable, .enumerable, .configurable], as: .getterSetter(f1, f2)) b.configureElement(3, of: obj, usingFlags: [], as: .value(num)) - let p = b.loadBuiltin("ComputedProperty") + let p = b.createNamedVariable(forBuiltin: "ComputedProperty") b.configureComputedProperty(p, of: obj, usingFlags: [.configurable], as: .getter(f1)) b.configureComputedProperty(p, of: obj, usingFlags: [.enumerable], as: .setter(f2)) b.configureComputedProperty(p, of: obj, usingFlags: [.writable], as: .getterSetter(f1, f2)) @@ -1317,7 +1317,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let o = b.loadBuiltin("o") + let o = b.createNamedVariable(forBuiltin: "o") let a = b.getProperty("a", of: o, guard: true) b.getProperty("b", of: a, guard: true) b.getElement(0, of: o, guard: true) @@ -1361,15 +1361,15 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let f1 = b.loadBuiltin("f1") - let f2 = b.loadBuiltin("f2") + let f1 = b.createNamedVariable(forBuiltin: "f1") + let f2 = b.createNamedVariable(forBuiltin: "f2") b.callFunction(f1, guard: true) let v1 = b.callFunction(f2, guard: true) - let c1 = b.loadBuiltin("c1") - let c2 = b.loadBuiltin("c2") + let c1 = b.createNamedVariable(forBuiltin: "c1") + let c2 = b.createNamedVariable(forBuiltin: "c2") b.construct(c1, guard: true) let v2 = b.construct(c2, guard: true) - let o = b.loadBuiltin("obj") + let o = b.createNamedVariable(forBuiltin: "obj") b.callMethod("m", on: o, guard: true) let v3 = b.callMethod("n", on: o, guard: true) b.callComputedMethod(b.loadString("o"), on: o, withArgs: [v1, v2, v3], guard: true) @@ -1429,9 +1429,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let s = b.loadString("print('Hello World!')") - var eval = b.loadBuiltin("eval") + var eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [s]) - let this = b.loadBuiltin("this") + let this = b.createNamedVariable(forBuiltin: "this") eval = b.getProperty("eval", of: this) // The property load must not be inlined, otherwise it would not be distinguishable from a method call (like the one following it). b.callFunction(eval, withArgs: [s]) @@ -1462,7 +1462,7 @@ class LifterTests: XCTestCase { initialValues.append(b.loadString("World")) let values = b.createArray(with: initialValues) let n = b.loadFloat(13.37) - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") let _ = b.callFunction(Array, withArgs: [values,n], spreading: [true,false]) let program = b.finalize() @@ -1480,7 +1480,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") let r = b.callMethod("random", on: Math) b.callMethod("sin", on: Math, withArgs: [r]) @@ -1499,7 +1499,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") var initialValues = [Variable]() initialValues.append(b.loadInt(1)) initialValues.append(b.loadInt(3)) @@ -1528,7 +1528,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() let s = b.loadString("Hello World") - let Symbol = b.loadBuiltin("Symbol") + let Symbol = b.createNamedVariable(forBuiltin: "Symbol") let iterator = b.getProperty("iterator", of: Symbol) let r = b.callComputedMethod(iterator, on: s) b.callMethod("next", on: r) @@ -1548,8 +1548,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let SomeObj = b.loadBuiltin("SomeObject") - let RandomMethod = b.loadBuiltin("RandomMethod") + let SomeObj = b.createNamedVariable(forBuiltin: "SomeObject") + let RandomMethod = b.createNamedVariable(forBuiltin: "RandomMethod") let randomMethod = b.callFunction(RandomMethod) let args = b.createArray(with: [b.loadInt(1), b.loadInt(2), b.loadInt(3), b.loadInt(4)]) b.callComputedMethod(randomMethod, on: SomeObj, withArgs: [args], spreading: [true]) @@ -1577,7 +1577,7 @@ class LifterTests: XCTestCase { let values = b.createArray(with: initialValues) let n1 = b.loadFloat(13.37) let n2 = b.loadFloat(13.38) - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") b.construct(Array, withArgs: [n1,values,n2], spreading: [false,true,false]) let program = b.finalize() @@ -1837,28 +1837,35 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let i1 = b.loadInt(42) let i2 = b.loadInt(1337) - b.defineNamedVariable("a", i1) - let vb = b.loadNamedVariable("b") - b.callFunction(print, withArgs: [vb]) - b.storeNamedVariable("c", i2) - b.defineNamedVariable("b", i2) - b.storeNamedVariable("b", i1) - let vc = b.loadNamedVariable("c") + let va = b.createNamedVariable("a", declarationMode: .let, initialValue: i1) + b.callFunction(print, withArgs: [va]) + let vb1 = b.createNamedVariable("b", declarationMode: .none) + b.callFunction(print, withArgs: [vb1]) + b.createNamedVariable("c", declarationMode: .global, initialValue: i2) + let vb2 = b.createNamedVariable("b", declarationMode: .var, initialValue: i2) + b.reassign(vb2, to: i1) + let vc = b.createNamedVariable("c", declarationMode: .none) b.callFunction(print, withArgs: [vc]) + let undefined = b.loadUndefined() + let vd = b.createNamedVariable("d", declarationMode: .let, initialValue: undefined) + b.callFunction(print, withArgs: [vd]) let program = b.finalize() let actual = fuzzer.lifter.lift(program) let expected = """ - var a = 42; + let a = 42; + print(a); print(b); c = 1337; var b = 1337; b = 42; print(c); + let d; + print(d); """ @@ -2048,7 +2055,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let shouldContinue = b.loadBuiltin("shouldContinue") + let shouldContinue = b.createNamedVariable(forBuiltin: "shouldContinue") b.buildWhileLoop({ b.callFunction(shouldContinue) }) { } @@ -2069,8 +2076,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let f = b.loadBuiltin("f") - let g = b.loadBuiltin("g") + let f = b.createNamedVariable(forBuiltin: "f") + let g = b.createNamedVariable(forBuiltin: "g") let loopVar = b.loadInt(10) b.buildWhileLoop({ b.callFunction(f); b.callFunction(g); return loopVar }) { b.unary(.PostDec, loopVar) @@ -2094,8 +2101,8 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") b.buildWhileLoop({ b.callFunction(f); let cond = b.callFunction(g); return cond }) { } @@ -2110,10 +2117,10 @@ class LifterTests: XCTestCase { XCTAssertEqual(actual, expected) - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") b.buildWhileLoop({ let cond = b.callFunction(f); b.callFunction(g); return cond }) { - b.callFunction(b.loadBuiltin("body")) + b.callFunction(b.createNamedVariable(forBuiltin: "body")) } program = b.finalize() @@ -2138,11 +2145,11 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildWhileLoop({ - let foobar = b.loadBuiltin("foobar") + let foobar = b.createNamedVariable(forBuiltin: "foobar") let v = b.callFunction(foobar) return b.binary(v, v, with: .Add) }) { - let doLoopBodyStuff = b.loadBuiltin("doLoopBodyStuff") + let doLoopBodyStuff = b.createNamedVariable(forBuiltin: "doLoopBodyStuff") b.callFunction(doLoopBodyStuff) } @@ -2166,10 +2173,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) b.buildWhileLoop({ b.callFunction(print, withArgs: [f]); return b.loadBool(false) }) { b.callFunction(print, withArgs: [g]) } @@ -2201,7 +2208,7 @@ class LifterTests: XCTestCase { let loopVar2 = b.loadInt(0) b.buildDoWhileLoop(do: { b.unary(.PostInc, loopVar2) - }, while: { b.callFunction(b.loadBuiltin("f"), withArgs: [loopVar2]) }) + }, while: { b.callFunction(b.createNamedVariable(forBuiltin: "f"), withArgs: [loopVar2]) }) b.unary(.PostInc, loopVar1) }, while: { b.compare(loopVar1, with: b.loadInt(42), using: .lessThan) }) @@ -2228,9 +2235,9 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildDoWhileLoop(do: { - let doSomething = b.loadBuiltin("doSomething") + let doSomething = b.createNamedVariable(forBuiltin: "doSomething") b.callFunction(doSomething) - }, while: { b.callFunction(b.loadBuiltin("f")); return b.callFunction(b.loadBuiltin("g")) }) + }, while: { b.callFunction(b.createNamedVariable(forBuiltin: "f")); return b.callFunction(b.createNamedVariable(forBuiltin: "g")) }) let program = b.finalize() let actual = fuzzer.lifter.lift(program) @@ -2249,10 +2256,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) b.buildDoWhileLoop(do: { b.callFunction(print, withArgs: [f]) }, while: { b.callFunction(print, withArgs: [g]); return b.loadBool(false) }) @@ -2281,7 +2288,7 @@ class LifterTests: XCTestCase { b.buildForLoop(i: { b.loadInt(0) }, { i in b.compare(i, with: b.loadInt(10), using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in b.buildForLoop(i: { b.loadInt(0) }, { j in b.compare(j, with: i, using: .lessThan) }, { j in b.unary(.PostInc, j) }) { j in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [i, j]) } } @@ -2326,10 +2333,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ return [b.callFunction(b.loadBuiltin("f1")), b.callFunction(b.loadBuiltin("f2"))] }, - { vars in b.callFunction(b.loadBuiltin("f3"), withArgs: [vars[0]]); return b.callFunction(b.loadBuiltin("f4"), withArgs: [vars[1]]) }, - { vars in b.callFunction(b.loadBuiltin("f5"), withArgs: [vars[1]]); b.callFunction(b.loadBuiltin("f6"), withArgs: [vars[0]]) }) { vars in - b.callFunction(b.loadBuiltin("f7"), withArgs: vars) + b.buildForLoop({ return [b.callFunction(b.createNamedVariable(forBuiltin: "f1")), b.callFunction(b.createNamedVariable(forBuiltin: "f2"))] }, + { vars in b.callFunction(b.createNamedVariable(forBuiltin: "f3"), withArgs: [vars[0]]); return b.callFunction(b.createNamedVariable(forBuiltin: "f4"), withArgs: [vars[1]]) }, + { vars in b.callFunction(b.createNamedVariable(forBuiltin: "f5"), withArgs: [vars[1]]); b.callFunction(b.createNamedVariable(forBuiltin: "f6"), withArgs: [vars[0]]) }) { vars in + b.callFunction(b.createNamedVariable(forBuiltin: "f7"), withArgs: vars) } let program = b.finalize() @@ -2348,10 +2355,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ let x = b.callFunction(b.loadBuiltin("f")); let y = b.callFunction(b.loadBuiltin("g")); b.callFunction(b.loadBuiltin("h")); return [x, y] }, + b.buildForLoop({ let x = b.callFunction(b.createNamedVariable(forBuiltin: "f")); let y = b.callFunction(b.createNamedVariable(forBuiltin: "g")); b.callFunction(b.createNamedVariable(forBuiltin: "h")); return [x, y] }, { vs in return b.compare(vs[0], with: vs[1], using: .lessThan) }, { vs in b.reassign(vs[0], to: vs[1], with: .Add) }) { vs in - b.callFunction(b.loadBuiltin("print"), withArgs: vs) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: vs) } let program = b.finalize() @@ -2378,10 +2385,10 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop({ b.callFunction(b.loadBuiltin("foo")); b.callFunction(b.loadBuiltin("bar")) }, + b.buildForLoop({ b.callFunction(b.createNamedVariable(forBuiltin: "foo")); b.callFunction(b.createNamedVariable(forBuiltin: "bar")) }, { - let shouldContinue = b.callFunction(b.loadBuiltin("shouldContinue")) - b.buildIf(b.callFunction(b.loadBuiltin("shouldNotContinue"))) { + let shouldContinue = b.callFunction(b.createNamedVariable(forBuiltin: "shouldContinue")) + b.buildIf(b.callFunction(b.createNamedVariable(forBuiltin: "shouldNotContinue"))) { b.reassign(shouldContinue, to: b.loadBool(false)) } return shouldContinue @@ -2415,7 +2422,7 @@ class LifterTests: XCTestCase { let b = fuzzer.makeBuilder() b.buildForLoop(i: { b.loadInt(0) }, { b.compare($0, with: b.loadInt(100), using: .lessThan) }, { b.reassign($0, to: b.loadInt(10), with: .Add) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) } let program = b.finalize() @@ -2435,7 +2442,7 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - b.buildForLoop(i: { b.callFunction(b.loadBuiltin("f")); return b.callFunction(b.loadBuiltin("g")) }, {_ in b.loadBool(true) }, { _ in }) { i in + b.buildForLoop(i: { b.callFunction(b.createNamedVariable(forBuiltin: "f")); return b.callFunction(b.createNamedVariable(forBuiltin: "g")) }, {_ in b.loadBool(true) }, { _ in }) { i in b.loopBreak() } @@ -2483,12 +2490,12 @@ class LifterTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let print = b.loadBuiltin("print") - let f = b.callFunction(b.loadBuiltin("f")) - let g = b.callFunction(b.loadBuiltin("g")) - let h = b.callFunction(b.loadBuiltin("h")) - let i = b.callFunction(b.loadBuiltin("i")) - let j = b.callFunction(b.loadBuiltin("j")) + let print = b.createNamedVariable(forBuiltin: "print") + let f = b.callFunction(b.createNamedVariable(forBuiltin: "f")) + let g = b.callFunction(b.createNamedVariable(forBuiltin: "g")) + let h = b.callFunction(b.createNamedVariable(forBuiltin: "h")) + let i = b.callFunction(b.createNamedVariable(forBuiltin: "i")) + let j = b.callFunction(b.createNamedVariable(forBuiltin: "j")) b.buildForLoop({ b.callFunction(print, withArgs: [f]) }, { b.callFunction(print, withArgs: [g]) }, { b.callFunction(print, withArgs: [h]) }) { b.callFunction(print, withArgs: [i]) @@ -2552,7 +2559,7 @@ class LifterTests: XCTestCase { b.buildRepeatLoop(n: 1337) { i in b.reassign(s, to: i, with: .Add) } - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [s]) let program = b.finalize() @@ -2578,7 +2585,7 @@ class LifterTests: XCTestCase { let a2 = b.createArray(with: [b.loadInt(20), b.loadInt(21), b.loadInt(22), b.loadInt(23)]) let a3 = b.createArray(with: [b.loadInt(30), b.loadInt(31), b.loadInt(32)]) let a4 = b.createArray(with: [a1, a2, a3]) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.buildForOfLoop(a4, selecting: [0,2], hasRestElement: true) { args in b.callFunction(print, withArgs: [args[0]]) b.buildForOfLoop(args[1]) { v in @@ -2669,8 +2676,8 @@ class LifterTests: XCTestCase { } } - let p1 = b.loadBuiltin("proto1") - let p2 = b.loadBuiltin("proto2") + let p1 = b.createNamedVariable(forBuiltin: "proto1") + let p2 = b.createNamedVariable(forBuiltin: "proto2") let v = b.loadInt(42) b.buildObjectLiteral { obj in @@ -2681,7 +2688,7 @@ class LifterTests: XCTestCase { obj.addProperty("baz", as: v) } - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") let v2 = b.loadInt(43) let v3 = b.loadInt(44) b.buildSwitch(on: v) { swtch in @@ -2841,7 +2848,7 @@ class LifterTests: XCTestCase { b.binary(v0, v2, with: .Add) let v3 = b.loadInt(42) b.reassign(v3, to: v0) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [v0, v1, v2]) b.getProperty("foo", of: v1) b.getProperty("bar", of: v2) @@ -2897,14 +2904,14 @@ class LifterTests: XCTestCase { let f = b.buildPlainFunction(with: .parameters(n: 0)) { args in let v1 = b.loadInt(1) let v2 = b.loadInt(42) - let dispose = b.getProperty("dispose", of: b.loadBuiltin("Symbol")); + let dispose = b.getProperty("dispose", of: b.createNamedVariable(forBuiltin: "Symbol")); let disposableVariable = b.buildObjectLiteral { obj in obj.addProperty("value", as: v1) obj.addComputedMethod(dispose, with: .parameters(n:0)) { args in b.doReturn(v2) } } - let t = b.loadDisposableVariable(disposableVariable) + b.loadDisposableVariable(disposableVariable) } b.callFunction(f) @@ -2935,14 +2942,14 @@ class LifterTests: XCTestCase { let f = b.buildAsyncFunction(with: .parameters(n: 0)) { args in let v1 = b.loadInt(1) let v2 = b.loadInt(42) - let asyncDispose = b.getProperty("asyncDispose", of: b.loadBuiltin("Symbol")) + let asyncDispose = b.getProperty("asyncDispose", of: b.createNamedVariable(forBuiltin: "Symbol")) let asyncDisposableVariable = b.buildObjectLiteral { obj in obj.addProperty("value", as: v1) obj.addComputedMethod(asyncDispose, with: .parameters(n:0)) { args in b.doReturn(v2) } } - let t = b.loadAsyncDisposableVariable(asyncDisposableVariable) + b.loadAsyncDisposableVariable(asyncDisposableVariable) } let g = b.buildAsyncFunction(with: .parameters(n: 0)) { args in diff --git a/Tests/FuzzilliTests/MinimizerTest.swift b/Tests/FuzzilliTests/MinimizerTest.swift index d75e6c59f..75d54bb40 100644 --- a/Tests/FuzzilliTests/MinimizerTest.swift +++ b/Tests/FuzzilliTests/MinimizerTest.swift @@ -178,7 +178,7 @@ class MinimizerTests: XCTestCase { b.setProperty("bar", of: this, to: args[1]) } cls.addInstanceMethod("foo", with: .parameters(n: 0)) { args in - let importantFunction = b.loadBuiltin("ImportantFunction") + let importantFunction = b.createNamedVariable(forBuiltin: "ImportantFunction") evaluator.nextInstructionIsImportant(in: b) b.callFunction(importantFunction) } @@ -192,7 +192,7 @@ class MinimizerTests: XCTestCase { b.callMethod("foo", on: unusedInstance) // This class can be removed entirely - let supercls = b.loadBuiltin("SuperClass") + let supercls = b.createNamedVariable(forBuiltin: "SuperClass") let class3 = b.buildClassDefinition(withSuperclass: supercls) { cls in cls.addInstanceProperty("x", value: s) cls.addInstanceProperty("y") @@ -231,7 +231,7 @@ class MinimizerTests: XCTestCase { } } b.construct(class1) - let importantFunction = b.loadBuiltin("ImportantFunction") + let importantFunction = b.createNamedVariable(forBuiltin: "ImportantFunction") b.callFunction(importantFunction) let expectedProgram = b.finalize() @@ -453,7 +453,7 @@ class MinimizerTests: XCTestCase { } let k = b.loadString("code") b.setComputedProperty(k, of: o, to: c) - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [c]) b.deleteProperty("foo", of: o) @@ -698,12 +698,12 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - let f = b.loadBuiltin("f") + let f = b.createNamedVariable(forBuiltin: "f") let maxIterations = b.loadInt(10) let loopVar = b.loadInt(0) b.buildWhileLoop({ b.callFunction(f) }) { b.unary(.PostInc, loopVar) - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callMethod("bar", on: foo) let cond = b.compare(loopVar, with: maxIterations, using: .lessThan) @@ -715,7 +715,7 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callMethod("bar", on: foo) let expectedProgram = b.finalize() @@ -740,7 +740,7 @@ class MinimizerTests: XCTestCase { evaluator.nextInstructionIsImportant(in: b) b.loopBreak() } - let f = b.loadBuiltin("importantFunction") + let f = b.createNamedVariable(forBuiltin: "importantFunction") evaluator.nextInstructionIsImportant(in: b) b.callFunction(f) b.loopContinue() @@ -752,7 +752,7 @@ class MinimizerTests: XCTestCase { b.buildWhileLoop({ b.loadBool(true) }) { b.loopBreak() } - let f = b.loadBuiltin("importantFunction") + let f = b.createNamedVariable(forBuiltin: "importantFunction") b.callFunction(f) let expectedProgram = b.finalize() @@ -768,11 +768,11 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var d = b.loadBuiltin("d") - var e = b.loadBuiltin("e") - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var d = b.createNamedVariable(forBuiltin: "d") + var e = b.createNamedVariable(forBuiltin: "e") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") b.buildForLoop(i: { evaluator.nextInstructionIsImportant(in: b); return b.callFunction(d) }, { i in evaluator.nextInstructionIsImportant(in: b); b.callFunction(e); return b.compare(i, with: b.loadInt(100), using: .lessThan) }, { i in evaluator.nextInstructionIsImportant(in: b); b.callFunction(f); b.unary(.PostInc, i) }) { i in @@ -785,11 +785,11 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - d = b.loadBuiltin("d") - e = b.loadBuiltin("e") - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + d = b.createNamedVariable(forBuiltin: "d") + e = b.createNamedVariable(forBuiltin: "e") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") b.callFunction(d) b.buildRepeatLoop(n: 5) { i in b.callFunction(e) @@ -811,11 +811,11 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var d = b.loadBuiltin("d") - let e = b.loadBuiltin("e") - let f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var d = b.createNamedVariable(forBuiltin: "d") + let e = b.createNamedVariable(forBuiltin: "e") + let f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") // In this case, the for-loop is actually important (we emulate that by marking the EndForLoopAfterthought instruction as important b.buildForLoop(i: { evaluator.nextInstructionIsImportant(in: b); return b.callFunction(d) }, { i in b.callFunction(e); return b.compare(i, with: b.loadInt(100), using: .lessThan) }, @@ -829,9 +829,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - d = b.loadBuiltin("d") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + d = b.createNamedVariable(forBuiltin: "d") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") b.buildForLoop(i: { return b.callFunction(d) }, { i in b.compare(i, with: b.loadInt(100), using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in @@ -852,9 +852,9 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") var loopVar = b.loadInt(10) b.buildWhileLoop({ evaluator.nextInstructionIsImportant(in: b); b.callFunction(f); evaluator.nextInstructionIsImportant(in: b); return b.unary(.PostDec, loopVar) }) { evaluator.nextInstructionIsImportant(in: b) @@ -870,9 +870,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") loopVar = b.loadInt(10) b.buildRepeatLoop(n: 5) { b.callFunction(f) @@ -895,9 +895,9 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var f = b.loadBuiltin("f") - var g = b.loadBuiltin("g") - var h = b.loadBuiltin("h") + var f = b.createNamedVariable(forBuiltin: "f") + var g = b.createNamedVariable(forBuiltin: "g") + var h = b.createNamedVariable(forBuiltin: "h") var loopVar = b.loadInt(10) b.buildDoWhileLoop(do: { evaluator.nextInstructionIsImportant(in: b) @@ -913,9 +913,9 @@ class MinimizerTests: XCTestCase { let originalProgram = b.finalize() // Build expected output program. - f = b.loadBuiltin("f") - g = b.loadBuiltin("g") - h = b.loadBuiltin("h") + f = b.createNamedVariable(forBuiltin: "f") + g = b.createNamedVariable(forBuiltin: "g") + h = b.createNamedVariable(forBuiltin: "h") loopVar = b.loadInt(10) b.buildRepeatLoop(n: 5) { b.callFunction(f, withArgs: [loopVar]) @@ -938,7 +938,7 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 100) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) @@ -952,7 +952,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. // Five is currently the smallest iteration count tried by the LoopReducer. b.buildRepeatLoop(n: 5) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i]) b.loopContinue() } @@ -972,14 +972,14 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { b.buildRepeatLoop(n: 2) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") // The inner loop can't be deleted due to the data-flow dependency. evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) } // These instruction isn't needed and will be removed, allowing the loops to be merged. - let unimportant = b.loadBuiltin("unimportant") + let unimportant = b.createNamedVariable(forBuiltin: "unimportant") b.callFunction(unimportant) // Small hack: we force the outer loop to be kept by keeping the EndRepeatLoop instruction (which the loop merging won't change). @@ -990,7 +990,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. b.buildRepeatLoop(n: 4) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i]) } @@ -1009,11 +1009,11 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { i in // These instruction isn't needed and will be removed, allowing the loops to be merged. - let unimportant = b.loadBuiltin("unimportant") + let unimportant = b.createNamedVariable(forBuiltin: "unimportant") b.callFunction(unimportant) b.buildRepeatLoop(n: 2) { j in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i, j]) } @@ -1026,7 +1026,7 @@ class MinimizerTests: XCTestCase { // Build expected output program. b.buildRepeatLoop(n: 4) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo, withArgs: [i, i]) } @@ -1045,12 +1045,12 @@ class MinimizerTests: XCTestCase { // Build input program to be minimized. b.buildRepeatLoop(n: 2) { // In this case, the loops cannot be merged since there is code in between them. - let important = b.loadBuiltin("important") + let important = b.createNamedVariable(forBuiltin: "important") evaluator.nextInstructionIsImportant(in: b) b.callFunction(important) b.buildRepeatLoop(n: 2) { i in - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo, withArgs: [i]) } @@ -1102,18 +1102,18 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var o = b.loadBuiltin("TheObject") + var o = b.createNamedVariable(forBuiltin: "TheObject") let vars = b.destruct(o, selecting: ["foo", "bar", "baz"]) - var print = b.loadBuiltin("print") + var print = b.createNamedVariable(forBuiltin: "print") evaluator.nextInstructionIsImportant(in: b) b.callFunction(print, withArgs: [vars[1]]) let originalProgram = b.finalize() // Build expected output program. - o = b.loadBuiltin("TheObject") + o = b.createNamedVariable(forBuiltin: "TheObject") let bar = b.getProperty("bar", of: o) - print = b.loadBuiltin("print") + print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [bar]) let expectedProgram = b.finalize() @@ -1129,18 +1129,18 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var o = b.loadBuiltin("TheArray") + var o = b.createNamedVariable(forBuiltin: "TheArray") let vars = b.destruct(o, selecting: [0, 3, 4]) - var print = b.loadBuiltin("print") + var print = b.createNamedVariable(forBuiltin: "print") evaluator.nextInstructionIsImportant(in: b) b.callFunction(print, withArgs: [vars[2]]) let originalProgram = b.finalize() // Build expected output program. - o = b.loadBuiltin("TheArray") + o = b.createNamedVariable(forBuiltin: "TheArray") let bar = b.getElement(4, of: o) - print = b.loadBuiltin("print") + print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [bar]) let expectedProgram = b.finalize() @@ -1156,38 +1156,38 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - var foo = b.loadBuiltin("foo") + var foo = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo) - let foo2 = b.loadBuiltin("foo") + let foo2 = b.createNamedVariable(forBuiltin: "foo") evaluator.nextInstructionIsImportant(in: b) b.callFunction(foo2) - var bar = b.loadBuiltin("bar") + var bar = b.createNamedVariable(forBuiltin: "bar") evaluator.nextInstructionIsImportant(in: b) var cond = b.callFunction(bar) evaluator.nextInstructionIsImportant(in: b) b.buildIf(cond) { - let baz = b.loadBuiltin("baz") + let baz = b.createNamedVariable(forBuiltin: "baz") evaluator.nextInstructionIsImportant(in: b) b.callFunction(baz) } - var baz = b.loadBuiltin("baz") + var baz = b.createNamedVariable(forBuiltin: "baz") evaluator.nextInstructionIsImportant(in: b) b.callFunction(baz) let originalProgram = b.finalize() // Build expected output program. - foo = b.loadBuiltin("foo") + foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo) b.callFunction(foo) - bar = b.loadBuiltin("bar") + bar = b.createNamedVariable(forBuiltin: "bar") cond = b.callFunction(bar) b.buildIf(cond) { - let baz = b.loadBuiltin("baz") + let baz = b.createNamedVariable(forBuiltin: "baz") b.callFunction(baz) } - baz = b.loadBuiltin("baz") + baz = b.createNamedVariable(forBuiltin: "baz") b.callFunction(baz) let expectedProgram = b.finalize() @@ -1203,14 +1203,14 @@ class MinimizerTests: XCTestCase { let b = fuzzer.makeBuilder() // Build input program to be minimized. - let o = b.loadBuiltin("o") - let f = b.loadBuiltin("f") + let o = b.createNamedVariable(forBuiltin: "o") + let f = b.createNamedVariable(forBuiltin: "f") let v1 = b.getProperty("p1", of: o, guard: true) let v2 = b.getElement(2, of: o, guard: true) let v3 = b.getComputedProperty(b.loadString("p3"), of: o, guard: true) let v4 = b.callFunction(f, guard: true) let v5 = b.callMethod("m", on: o, guard: true) - let keepInputsAlive = b.loadBuiltin("keepInputsAlive") + let keepInputsAlive = b.createNamedVariable(forBuiltin: "keepInputsAlive") evaluator.nextInstructionIsImportant(in: b) b.callFunction(keepInputsAlive, withArgs: [v1, v2, v3, v4, v5]) diff --git a/Tests/FuzzilliTests/ProgramBuilderTest.swift b/Tests/FuzzilliTests/ProgramBuilderTest.swift index 918af4279..4dfe07a53 100644 --- a/Tests/FuzzilliTests/ProgramBuilderTest.swift +++ b/Tests/FuzzilliTests/ProgramBuilderTest.swift @@ -179,7 +179,7 @@ class ProgramBuilderTests: XCTestCase { // Now there's also a variable of unknown type, which may be anything. Since we don't have enough variables // of a known type, all queries will use a `MayBe` type query to find matches and so may return the unknown variable. - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssert([i, unknown].contains(b.randomVariable(forUseAs: .integer))) @@ -227,7 +227,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssertEqual(b.randomVariable(ofType: .integer), nil) XCTAssertEqual(b.randomVariable(ofType: .number), nil) @@ -235,7 +235,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() - let n = b.loadBuiltin("theNumber") + let n = b.createNamedVariable(forBuiltin: "theNumber") b.setType(ofVariable: n, to: .number) XCTAssertEqual(b.type(of: n), .number) XCTAssertEqual(b.randomVariable(ofType: .integer), nil) @@ -264,7 +264,7 @@ class ProgramBuilderTests: XCTestCase { XCTAssertEqual(b.randomVariable(preferablyNotOfType: .primitive), nil) XCTAssertEqual(b.randomVariable(preferablyNotOfType: .anything), nil) - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) XCTAssert([v, unknown].contains(b.randomVariable(preferablyNotOfType: .string))) XCTAssertEqual(b.randomVariable(preferablyNotOfType: .primitive), unknown) @@ -293,7 +293,7 @@ class ProgramBuilderTests: XCTestCase { let fuzzer = makeMockFuzzer() let b = fuzzer.makeBuilder() - let Math = b.loadBuiltin("Math") + let Math = b.createNamedVariable(forBuiltin: "Math") XCTAssert(b.visibleVariables.contains(Math)) XCTAssertEqual(b.numberOfVisibleVariables, 1) @@ -531,7 +531,7 @@ class ProgramBuilderTests: XCTestCase { let _ = b.finalize() // And another similar example, but this time with a union type: .number - let Number = b.loadBuiltin("Number") + let Number = b.createNamedVariable(forBuiltin: "Number") let n1 = b.getProperty("POSITIVE_INFINITY", of: Number) let n2 = b.getProperty("MIN_SAFE_INTEGER", of: Number) let n3 = b.getProperty("MAX_SAFE_INTEGER", of: Number) @@ -705,7 +705,7 @@ class ProgramBuilderTests: XCTestCase { let b = fuzzer.makeBuilder() let i = b.loadInt(42) - let v = b.loadBuiltin("v") + let v = b.createNamedVariable(forBuiltin: "v") b.buildSwitch(on: v) { swtch in XCTAssertIdentical(swtch, b.currentSwitchBlock) @@ -738,7 +738,7 @@ class ProgramBuilderTests: XCTestCase { var i2 = b.loadInt(0x42) let cond = b.compare(i1, with: i2, using: .lessThan) b.buildIfElse(cond, ifBody: { - let String = b.loadBuiltin("String") + let String = b.createNamedVariable(forBuiltin: "String") splicePoint = b.indexOfNextInstruction() b.callMethod("fromCharCode", on: String, withArgs: [i1]) b.callMethod("fromCharCode", on: String, withArgs: [i2]) @@ -757,7 +757,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // i2 = b.loadInt(0x41) - let String = b.loadBuiltin("String") + let String = b.createNamedVariable(forBuiltin: "String") b.callMethod("fromCharCode", on: String, withArgs: [i2]) let expected = b.finalize() @@ -903,7 +903,7 @@ class ProgramBuilderTests: XCTestCase { let f = b.buildPlainFunction(with: .parameters(n: 3)) { args in let t1 = b.binary(args[0], args[1], with: .Mul) let t2 = b.binary(t1, args[2], with: .Add) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") splicePoint = b.indexOfNextInstruction() b.callFunction(print, withArgs: [t2]) } @@ -925,7 +925,7 @@ class ProgramBuilderTests: XCTestCase { b.buildPlainFunction(with: .parameters(n: 3)) { args in let t1 = b.binary(args[0], args[1], with: .Mul) let t2 = b.binary(t1, args[2], with: .Add) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: [t2]) } let expected = b.finalize() @@ -1000,7 +1000,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildAsyncFunction(with: .parameters(n: 0)) { _ in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") splicePoint = b.indexOfNextInstruction() b.await(promise) } @@ -1022,7 +1022,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // b.buildAsyncFunction(with: .parameters(n: 1)) { args in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") b.await(promise) } let expected = b.finalize() @@ -1038,7 +1038,7 @@ class ProgramBuilderTests: XCTestCase { // // Original Program // - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") let f = b.buildAsyncFunction(with: .parameters(n: 0)) { _ in let v = b.await(promise) let zero = b.loadInt(0) @@ -1065,7 +1065,7 @@ class ProgramBuilderTests: XCTestCase { // b.buildAsyncFunction(with: .parameters(n: 2)) { _ in - let promise = b.loadBuiltin("ThePromise") + let promise = b.createNamedVariable(forBuiltin: "ThePromise") let v = b.await(promise) b.unary(.PostDec, v) } @@ -1243,10 +1243,10 @@ class ProgramBuilderTests: XCTestCase { // // Original Program // - let p = b.loadBuiltin("ThePromise") + let p = b.createNamedVariable(forBuiltin: "ThePromise") let f = b.buildAsyncFunction(with: .parameters(n: 0)) { args in let v = b.await(p) - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") splicePoint = b.indexOfNextInstruction() // We can only splice this if we replace |v| with another variable in the host program b.callFunction(print, withArgs: [v]) @@ -1356,7 +1356,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // let f = b.buildPlainFunction(with: .parameters(n: 3)) { args in - let Array = b.loadBuiltin("Array") + let Array = b.createNamedVariable(forBuiltin: "Array") splicePoint = b.indexOfNextInstruction() b.callMethod("of", on: Array, withArgs: args) } @@ -1460,7 +1460,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // var f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } var n = b.loadInt(1337) @@ -1523,7 +1523,7 @@ class ProgramBuilderTests: XCTestCase { // // Here we have a function with one parameter of type .anything. var f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } XCTAssertEqual(b.type(of: f).signature?.parameters, [.anything]) @@ -1559,7 +1559,7 @@ class ProgramBuilderTests: XCTestCase { } n = b.loadInt(42) f = b.buildPlainFunction(with: .parameters(n: 1)) { args in - let print = b.loadBuiltin("print") + let print = b.createNamedVariable(forBuiltin: "print") b.callFunction(print, withArgs: args) } b.callFunction(f, withArgs: [n]) @@ -1588,7 +1588,7 @@ class ProgramBuilderTests: XCTestCase { b.probabilityOfRemappingAnInstructionsOutputsDuringSplicing = 1.0 // For splicing, we will not use a variable of an unknown type as replacement. - let unknown = b.loadBuiltin("unknown") + let unknown = b.createNamedVariable(forBuiltin: "unknown") XCTAssertEqual(b.type(of: unknown), .anything) b.loadBool(true) // This should also never be used as replacement as it definitely has a different type b.splice(from: original, at: splicePoint, mergeDataFlow: true) @@ -1598,7 +1598,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // let expected: Program - b.loadBuiltin("unknown") + b.createNamedVariable(forBuiltin: "unknown") b.loadBool(true) i = b.loadInt(42) b.unary(.PostInc, i) @@ -1881,7 +1881,7 @@ class ProgramBuilderTests: XCTestCase { var f = b.buildPlainFunction(with: .parameters(n: 2)) { args in splicePoint = b.indexOfNextInstruction() b.buildForLoop(i: { args[0] }, { i in b.compare(i, with: args[1], using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) b.loopBreak() } } @@ -1902,7 +1902,7 @@ class ProgramBuilderTests: XCTestCase { f = b.buildPlainFunction(with: .parameters(n: 2)) { args in splicePoint = b.indexOfNextInstruction() b.buildForLoop(i: { args[0] }, { i in b.compare(i, with: args[1], using: .lessThan) }, { i in b.unary(.PostInc, i) }) { i in - b.callFunction(b.loadBuiltin("print"), withArgs: [i]) + b.callFunction(b.createNamedVariable(forBuiltin: "print"), withArgs: [i]) b.loopBreak() } } @@ -1929,11 +1929,11 @@ class ProgramBuilderTests: XCTestCase { let o2 = b.createObject(with: ["i": i, "f": f2]) b.binary(i, args[0], with: .Add) b.setProperty("f", of: o, to: f2) - let object = b.loadBuiltin("Object") + let object = b.createNamedVariable(forBuiltin: "Object") let descriptor = b.createObject(with: ["value": b.loadString("foobar")]) b.callMethod("defineProperty", on: object, withArgs: [o, b.loadString("s"), descriptor]) b.callMethod("defineProperty", on: object, withArgs: [o2, b.loadString("s"), descriptor]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } let original = b.finalize() @@ -1955,10 +1955,10 @@ class ProgramBuilderTests: XCTestCase { b.reassign(f2, to: b.loadFloat(133.7)) // (Possibly) mutating instruction must be included let o = b.createObject(with: ["i": i, "f": f]) b.setProperty("f", of: o, to: f2) // (Possibly) mutating instruction must be included - let object = b.loadBuiltin("Object") + let object = b.createNamedVariable(forBuiltin: "Object") let descriptor = b.createObject(with: ["value": b.loadString("foobar")]) b.callMethod("defineProperty", on: object, withArgs: [o, b.loadString("s"), descriptor]) // (Possibly) mutating instruction must be included - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) let expected = b.finalize() @@ -2045,7 +2045,7 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildAsyncGeneratorFunction(with: .parameters(n: 2)) { _ in - let p = b.loadBuiltin("thePromise") + let p = b.createNamedVariable(forBuiltin: "thePromise") b.buildDoWhileLoop(do: { let v0 = b.loadInt(42) let _ = b.createObject(with: ["foo": v0]) @@ -2070,7 +2070,7 @@ class ProgramBuilderTests: XCTestCase { // Expected Program // b.buildAsyncFunction(with: .parameters(n: 1)) { _ in - let p = b.loadBuiltin("thePromise") + let p = b.createNamedVariable(forBuiltin: "thePromise") let _ = b.await(p) } let expected = b.finalize() @@ -2148,7 +2148,7 @@ class ProgramBuilderTests: XCTestCase { splicePoint = b.indexOfNextInstruction() return c }) { - let foobar = b.loadBuiltin("foobar") + let foobar = b.createNamedVariable(forBuiltin: "foobar") b.callFunction(foobar) } let original = b.finalize() @@ -2171,11 +2171,11 @@ class ProgramBuilderTests: XCTestCase { // Original Program // b.buildDoWhileLoop(do: { - let foo = b.loadBuiltin("foo") + let foo = b.createNamedVariable(forBuiltin: "foo") b.callFunction(foo) }, while: { // Test that splicing out of the header works. - let bar = b.loadBuiltin("bar") + let bar = b.createNamedVariable(forBuiltin: "bar") splicePoint = b.indexOfNextInstruction() b.callFunction(bar) return b.loadBool(false) @@ -2191,7 +2191,7 @@ class ProgramBuilderTests: XCTestCase { // // Expected Program // - let bar = b.loadBuiltin("bar") + let bar = b.createNamedVariable(forBuiltin: "bar") b.callFunction(bar) let expected = b.finalize() @@ -2286,10 +2286,10 @@ class ProgramBuilderTests: XCTestCase { let code = b.buildCodeString() { let i = b.loadInt(42) let o = b.createObject(with: ["i": i]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") splicePoint = b.indexOfNextInstruction() b.callFunction(eval, withArgs: [code]) } @@ -2307,10 +2307,10 @@ class ProgramBuilderTests: XCTestCase { let code = b.buildCodeString() { let i = b.loadInt(42) let o = b.createObject(with: ["i": i]) - let json = b.loadBuiltin("JSON") + let json = b.createNamedVariable(forBuiltin: "JSON") b.callMethod("stringify", on: json, withArgs: [o]) } - let eval = b.loadBuiltin("eval") + let eval = b.createNamedVariable(forBuiltin: "eval") b.callFunction(eval, withArgs: [code]) let expected = b.finalize() @@ -2404,7 +2404,7 @@ class ProgramBuilderTests: XCTestCase { b.loadInt(42) - let constructor = b.loadBuiltin("DataView") + let constructor = b.createNamedVariable(forBuiltin: "DataView") let signature = env.type(ofBuiltin: "DataView").signature! let variables = b.findOrGenerateArguments(forSignature: signature)