Changeset 252978 in webkit
- Timestamp:
- Dec 1, 2019 10:44:16 PM (4 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 3 added
- 7 edited
- 5 copied
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r252975 r252978 1 2019-12-01 Tuomas Karkkainen <tuomas.webkit@apple.com> 2 3 Add FuzzerAgent that reads predictions from a file 4 https://bugs.webkit.org/show_bug.cgi?id=203898 5 6 Reviewed by Mark Lam. 7 8 This patch adds a FuzzerAgent that reads predictions from a file. The predictions in the file are 9 correlated with the prediction sites using the name of the JavaScript source file, the opcode, and 10 start and end offsets in the source. There is also a separate FuzzerAgent that can be used to create 11 the prediction files. 12 13 * JavaScriptCore.xcodeproj/project.pbxproj: 14 * Sources.txt: 15 * runtime/FileBasedFuzzerAgent.cpp: Added. 16 * runtime/FileBasedFuzzerAgent.h: Copied from Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp. 17 * runtime/FileBasedFuzzerAgentBase.cpp: Added. 18 * runtime/FileBasedFuzzerAgentBase.h: Copied from Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp. 19 * runtime/FuzzerPredictions.cpp: Added. 20 * runtime/FuzzerPredictions.h: Copied from Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp. 21 * runtime/Options.cpp: 22 * runtime/OptionsList.h: 23 * runtime/PredictionFileCreatingFuzzerAgent.cpp: Copied from Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp. 24 * runtime/PredictionFileCreatingFuzzerAgent.h: Copied from Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp. 25 * runtime/RandomizingFuzzerAgent.cpp: 26 * runtime/VM.cpp: 27 1 28 2019-12-01 Caio Lima <ticaiolima@gmail.com> 2 29 -
trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
r252843 r252978 1740 1740 C4F4B6F51A05C984005CAB76 /* generate_objc_protocol_types_implementation.py in Headers */ = {isa = PBXBuildFile; fileRef = C4F4B6D71A05C76F005CAB76 /* generate_objc_protocol_types_implementation.py */; settings = {ATTRIBUTES = (Private, ); }; }; 1741 1741 C4F4B6F61A05C984005CAB76 /* objc_generator_templates.py in Headers */ = {isa = PBXBuildFile; fileRef = C4F4B6D81A05C76F005CAB76 /* objc_generator_templates.py */; settings = {ATTRIBUTES = (Private, ); }; }; 1742 CE20BD05237D3E230046E520 /* FileBasedFuzzerAgentBase.h in Headers */ = {isa = PBXBuildFile; fileRef = CE20BD03237D3AD40046E520 /* FileBasedFuzzerAgentBase.h */; }; 1743 CE20BD07237D3E480046E520 /* PredictionFileCreatingFuzzerAgent.h in Headers */ = {isa = PBXBuildFile; fileRef = CE20BD01237D3AD40046E520 /* PredictionFileCreatingFuzzerAgent.h */; }; 1742 1744 CEAE7D7B889B477BA93ABA6C /* ScriptFetcher.h in Headers */ = {isa = PBXBuildFile; fileRef = 8852151A9C3842389B3215B7 /* ScriptFetcher.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1745 CECFAD362372DAD000291599 /* FuzzerPredictions.h in Headers */ = {isa = PBXBuildFile; fileRef = CECFAD342372DAA700291599 /* FuzzerPredictions.h */; }; 1746 CECFAD372372DAD400291599 /* FileBasedFuzzerAgent.h in Headers */ = {isa = PBXBuildFile; fileRef = CECFAD322372DAA700291599 /* FileBasedFuzzerAgent.h */; }; 1743 1747 D9722752DC54459B9125B539 /* JSModuleLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = 77B25CB2C3094A92A38E1DB3 /* JSModuleLoader.h */; }; 1744 1748 DC00039319D8BE6F00023EB0 /* DFGPreciseLocalClobberize.h in Headers */ = {isa = PBXBuildFile; fileRef = DC00039019D8BE6F00023EB0 /* DFGPreciseLocalClobberize.h */; }; … … 4822 4826 C4F4B6D71A05C76F005CAB76 /* generate_objc_protocol_types_implementation.py */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.script.python; path = generate_objc_protocol_types_implementation.py; sourceTree = "<group>"; }; 4823 4827 C4F4B6D81A05C76F005CAB76 /* objc_generator_templates.py */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.script.python; path = objc_generator_templates.py; sourceTree = "<group>"; }; 4828 CE20BD01237D3AD40046E520 /* PredictionFileCreatingFuzzerAgent.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = PredictionFileCreatingFuzzerAgent.h; sourceTree = "<group>"; }; 4829 CE20BD02237D3AD40046E520 /* PredictionFileCreatingFuzzerAgent.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = PredictionFileCreatingFuzzerAgent.cpp; sourceTree = "<group>"; }; 4830 CE20BD03237D3AD40046E520 /* FileBasedFuzzerAgentBase.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = FileBasedFuzzerAgentBase.h; sourceTree = "<group>"; }; 4831 CE20BD04237D3AD40046E520 /* FileBasedFuzzerAgentBase.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = FileBasedFuzzerAgentBase.cpp; sourceTree = "<group>"; }; 4832 CECFAD322372DAA700291599 /* FileBasedFuzzerAgent.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = FileBasedFuzzerAgent.h; sourceTree = "<group>"; }; 4833 CECFAD332372DAA700291599 /* FileBasedFuzzerAgent.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = FileBasedFuzzerAgent.cpp; sourceTree = "<group>"; }; 4834 CECFAD342372DAA700291599 /* FuzzerPredictions.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = FuzzerPredictions.h; sourceTree = "<group>"; }; 4835 CECFAD352372DAA700291599 /* FuzzerPredictions.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = FuzzerPredictions.cpp; sourceTree = "<group>"; }; 4824 4836 D21202280AD4310C00ED79B6 /* DateConversion.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = DateConversion.cpp; sourceTree = "<group>"; }; 4825 4837 D21202290AD4310C00ED79B6 /* DateConversion.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = DateConversion.h; sourceTree = "<group>"; }; … … 7084 7096 147341CB1DC02D7200AA29BA /* ExecutableBase.h */, 7085 7097 E35A0B9C220AD87A00AC4474 /* ExecutableBaseInlines.h */, 7098 CECFAD332372DAA700291599 /* FileBasedFuzzerAgent.cpp */, 7099 CECFAD322372DAA700291599 /* FileBasedFuzzerAgent.h */, 7100 CE20BD04237D3AD40046E520 /* FileBasedFuzzerAgentBase.cpp */, 7101 CE20BD03237D3AD40046E520 /* FileBasedFuzzerAgentBase.h */, 7086 7102 A7A8AF2917ADB5F3005AB174 /* Float32Array.h */, 7087 7103 A7A8AF2A17ADB5F3005AB174 /* Float64Array.h */, … … 7101 7117 E33A94952255322A00D42B06 /* FuzzerAgent.cpp */, 7102 7118 E33A94922255322900D42B06 /* FuzzerAgent.h */, 7119 CECFAD352372DAA700291599 /* FuzzerPredictions.cpp */, 7120 CECFAD342372DAA700291599 /* FuzzerPredictions.h */, 7103 7121 70B791851C024432002481E2 /* GeneratorFunctionConstructor.cpp */, 7104 7122 70B791861C024432002481E2 /* GeneratorFunctionConstructor.h */, … … 7421 7439 FE3842312324D51B009DD445 /* OptionsList.h */, 7422 7440 37C738D11EDB5672003F2B0B /* ParseInt.h */, 7441 CE20BD02237D3AD40046E520 /* PredictionFileCreatingFuzzerAgent.cpp */, 7442 CE20BD01237D3AD40046E520 /* PredictionFileCreatingFuzzerAgent.h */, 7423 7443 868916A9155F285400CB2B9A /* PrivateName.h */, 7424 7444 147341DF1DC2CE9600AA29BA /* ProgramExecutable.cpp */, … … 9587 9607 A1587D6E1B4DC14100D69849 /* IntlDateTimeFormat.h in Headers */, 9588 9608 A1587D701B4DC14100D69849 /* IntlDateTimeFormatConstructor.h in Headers */, 9609 CE20BD05237D3E230046E520 /* FileBasedFuzzerAgentBase.h in Headers */, 9589 9610 A1587D751B4DC1C600D69849 /* IntlDateTimeFormatConstructor.lut.h in Headers */, 9590 9611 A1587D721B4DC14100D69849 /* IntlDateTimeFormatPrototype.h in Headers */, … … 9883 9904 141448CB13A176EC00F5BA1A /* MarkedBlockSet.h in Headers */, 9884 9905 14D2F3DB139F4BE200491031 /* MarkedSpace.h in Headers */, 9906 CE20BD07237D3E480046E520 /* PredictionFileCreatingFuzzerAgent.h in Headers */, 9885 9907 0F7DF1351E2970DC0095951B /* MarkedSpaceInlines.h in Headers */, 9886 9908 0F660E381E0517BB0031462C /* MarkingConstraint.h in Headers */, … … 9999 10021 79B00CBD1C6AB07E0088C65D /* ProxyConstructor.h in Headers */, 10000 10022 79B00CBF1C6AB07E0088C65D /* ProxyObject.h in Headers */, 10023 CECFAD372372DAD400291599 /* FileBasedFuzzerAgent.h in Headers */, 10001 10024 79160DBE1C8E3EC8008C085A /* ProxyRevoke.h in Headers */, 10002 10025 0F5780A218FE1E98001E72D9 /* PureNaN.h in Headers */, … … 10077 10100 0F4D8C781FCA3CFA001D32AC /* SimpleMarkingConstraint.h in Headers */, 10078 10101 0F2B670517B6B5AB00A7AE3F /* SimpleTypedArrayController.h in Headers */, 10102 CECFAD362372DAD000291599 /* FuzzerPredictions.h in Headers */, 10079 10103 14BA78F113AAB88F005B7C2C /* SlotVisitor.h in Headers */, 10080 10104 C2160FE715F7E95E00942DFC /* SlotVisitorInlines.h in Headers */, -
trunk/Source/JavaScriptCore/Sources.txt
r252843 r252978 767 767 runtime/ExceptionScope.cpp 768 768 runtime/ExecutableBase.cpp 769 runtime/FileBasedFuzzerAgent.cpp 770 runtime/FileBasedFuzzerAgentBase.cpp 769 771 runtime/FunctionConstructor.cpp 770 772 runtime/FunctionExecutable.cpp … … 774 776 runtime/FunctionRareData.cpp 775 777 runtime/FuzzerAgent.cpp 778 runtime/FuzzerPredictions.cpp 776 779 runtime/GeneratorFunctionConstructor.cpp 777 780 runtime/GeneratorFunctionPrototype.cpp … … 904 907 runtime/Operations.cpp 905 908 runtime/Options.cpp 909 runtime/PredictionFileCreatingFuzzerAgent.cpp 906 910 runtime/ProgramExecutable.cpp 907 911 runtime/PromiseTimer.cpp -
trunk/Source/JavaScriptCore/runtime/FileBasedFuzzerAgent.h
r252977 r252978 24 24 */ 25 25 26 #include "config.h" 27 #include "RandomizingFuzzerAgent.h" 26 #pragma once 28 27 29 #include "CodeBlock.h" 30 #include <wtf/Locker.h> 28 #include "FileBasedFuzzerAgentBase.h" 31 29 32 30 namespace JSC { 33 31 34 RandomizingFuzzerAgent::RandomizingFuzzerAgent(VM&) 35 : m_random(Options::seedOfRandomizingFuzzerAgent()) 36 { 37 } 32 class VM; 38 33 39 SpeculatedType RandomizingFuzzerAgent::getPrediction(CodeBlock* codeBlock, const CodeOrigin& codeOrigin, SpeculatedType original) 40 { 41 auto locker = holdLock(m_lock); 42 uint32_t high = m_random.getUint32(); 43 uint32_t low = m_random.getUint32(); 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dumpRandomizingFuzzerAgentPredictions()) 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 return generated; 48 } 34 class FileBasedFuzzerAgent final : public FileBasedFuzzerAgentBase { 35 WTF_MAKE_FAST_ALLOCATED; 36 37 public: 38 FileBasedFuzzerAgent(VM&); 39 40 protected: 41 SpeculatedType getPredictionInternal(CodeBlock*, PredictionTarget&, SpeculatedType original) override; 42 }; 49 43 50 44 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/FileBasedFuzzerAgentBase.h
r252977 r252978 24 24 */ 25 25 26 #include "config.h" 27 #include "RandomizingFuzzerAgent.h" 26 #pragma once 28 27 29 #include "CodeBlock.h" 30 #include <wtf/Locker.h> 28 #include "FuzzerAgent.h" 29 #include "Opcode.h" 30 #include <wtf/Lock.h> 31 31 32 32 namespace JSC { 33 33 34 RandomizingFuzzerAgent::RandomizingFuzzerAgent(VM&) 35 : m_random(Options::seedOfRandomizingFuzzerAgent()) 36 { 37 } 34 class VM; 38 35 39 SpeculatedType RandomizingFuzzerAgent::getPrediction(CodeBlock* codeBlock, const CodeOrigin& codeOrigin, SpeculatedType original) 40 { 41 auto locker = holdLock(m_lock); 42 uint32_t high = m_random.getUint32(); 43 uint32_t low = m_random.getUint32(); 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dumpRandomizingFuzzerAgentPredictions()) 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 return generated; 48 } 36 struct PredictionTarget { 37 BytecodeIndex bytecodeIndex; 38 int divot; 39 int startOffset; 40 int endOffset; 41 unsigned line; 42 unsigned column; 43 OpcodeID opcodeId; 44 String sourceFilename; 45 String lookupKey; 46 }; 47 48 class FileBasedFuzzerAgentBase : public FuzzerAgent { 49 WTF_MAKE_FAST_ALLOCATED; 50 51 public: 52 FileBasedFuzzerAgentBase(VM&); 53 54 protected: 55 Lock m_lock; 56 virtual SpeculatedType getPredictionInternal(CodeBlock*, PredictionTarget&, SpeculatedType original) = 0; 57 58 public: 59 SpeculatedType getPrediction(CodeBlock*, const CodeOrigin&, SpeculatedType original) final; 60 61 protected: 62 static String createLookupKey(const String& sourceFilename, OpcodeID, int startLocation, int endLocation); 63 static OpcodeID opcodeAliasForLookupKey(const OpcodeID&); 64 }; 49 65 50 66 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/FuzzerPredictions.h
r252977 r252978 24 24 */ 25 25 26 #include "config.h" 27 #include "RandomizingFuzzerAgent.h" 26 #pragma once 28 27 29 #include "CodeBlock.h" 30 #include <wtf/Locker.h> 28 #include <bytecode/CodeBlock.h> 29 #include <wtf/HashMap.h> 30 #include <wtf/text/WTFString.h> 31 31 32 32 namespace JSC { 33 33 34 RandomizingFuzzerAgent::RandomizingFuzzerAgent(VM&) 35 : m_random(Options::seedOfRandomizingFuzzerAgent()) 36 { 37 } 34 class FuzzerPredictions { 35 public: 36 JS_EXPORT_PRIVATE FuzzerPredictions(const char*); 38 37 39 SpeculatedType RandomizingFuzzerAgent::getPrediction(CodeBlock* codeBlock, const CodeOrigin& codeOrigin, SpeculatedType original) 40 { 41 auto locker = holdLock(m_lock); 42 uint32_t high = m_random.getUint32(); 43 uint32_t low = m_random.getUint32(); 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dumpRandomizingFuzzerAgentPredictions()) 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 return generated; 48 } 38 Optional<SpeculatedType> predictionFor(const String&); 39 40 private: 41 HashMap<String, SpeculatedType> m_predictions; 42 }; 43 44 JS_EXPORT_PRIVATE FuzzerPredictions& ensureGlobalFuzzerPredictions(); 49 45 50 46 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/Options.cpp
r252618 r252978 449 449 || Options::verboseDFGFailure() 450 450 || Options::verboseFTLFailure() 451 || Options::dump RandomizingFuzzerAgentPredictions())451 || Options::dumpFuzzerAgentPredictions()) 452 452 Options::alwaysComputeHash() = true; 453 453 -
trunk/Source/JavaScriptCore/runtime/OptionsList.h
r252825 r252978 395 395 v(Bool, useRandomizingFuzzerAgent, false, Normal, nullptr) \ 396 396 v(Unsigned, seedOfRandomizingFuzzerAgent, 1, Normal, nullptr) \ 397 v(Bool, dump RandomizingFuzzerAgentPredictions, false, Normal, nullptr) \397 v(Bool, dumpFuzzerAgentPredictions, false, Normal, nullptr) \ 398 398 v(Bool, useDoublePredictionFuzzerAgent, false, Normal, nullptr) \ 399 v(Bool, useFileBasedFuzzerAgent, false, Normal, nullptr) \ 400 v(Bool, usePredictionFileCreatingFuzzerAgent, false, Normal, nullptr) \ 401 v(Bool, requirePredictionForFileBasedFuzzerAgent, false, Normal, nullptr) \ 402 v(OptionString, fuzzerPredictionsFile, nullptr, Normal, "file with list of predictions for FileBasedFuzzerAgent") \ 399 403 \ 400 404 v(Bool, logPhaseTimes, false, Normal, nullptr) \ -
trunk/Source/JavaScriptCore/runtime/PredictionFileCreatingFuzzerAgent.cpp
r252977 r252978 25 25 26 26 #include "config.h" 27 #include "RandomizingFuzzerAgent.h" 28 29 #include "CodeBlock.h" 30 #include <wtf/Locker.h> 27 #include "PredictionFileCreatingFuzzerAgent.h" 31 28 32 29 namespace JSC { 33 30 34 RandomizingFuzzerAgent::RandomizingFuzzerAgent(VM&)35 : m_random(Options::seedOfRandomizingFuzzerAgent())31 PredictionFileCreatingFuzzerAgent::PredictionFileCreatingFuzzerAgent(VM& vm) 32 : FileBasedFuzzerAgentBase(vm) 36 33 { 37 34 } 38 35 39 SpeculatedType RandomizingFuzzerAgent::getPrediction(CodeBlock* codeBlock, const CodeOrigin& codeOrigin, SpeculatedType original)36 SpeculatedType PredictionFileCreatingFuzzerAgent::getPredictionInternal(CodeBlock*, PredictionTarget& predictionTarget, SpeculatedType original) 40 37 { 41 auto locker = holdLock(m_lock); 42 uint32_t high = m_random.getUint32(); 43 uint32_t low = m_random.getUint32(); 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dumpRandomizingFuzzerAgentPredictions()) 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 return generated; 38 switch (predictionTarget.opcodeId) { 39 case op_to_this: 40 case op_bitand: 41 case op_bitor: 42 case op_bitxor: 43 case op_bitnot: 44 case op_lshift: 45 case op_rshift: 46 case op_get_by_val: 47 case op_get_argument: 48 case op_get_from_arguments: 49 case op_get_from_scope: 50 case op_to_number: 51 case op_get_by_id: 52 case op_get_by_id_with_this: 53 case op_get_by_val_with_this: 54 case op_get_direct_pname: 55 case op_construct: 56 case op_construct_varargs: 57 case op_call: 58 case op_call_eval: 59 case op_call_varargs: 60 case op_tail_call: 61 case op_tail_call_varargs: 62 dataLogF("%s:%llx\n", predictionTarget.lookupKey.utf8().data(), original); 63 break; 64 65 default: 66 RELEASE_ASSERT_WITH_MESSAGE(false, "unhandled opcode: %s", toString(predictionTarget.opcodeId).utf8().data()); 67 } 68 return original; 48 69 } 49 70 -
trunk/Source/JavaScriptCore/runtime/PredictionFileCreatingFuzzerAgent.h
r252977 r252978 24 24 */ 25 25 26 #include "config.h" 27 #include "RandomizingFuzzerAgent.h" 26 #pragma once 28 27 29 #include "CodeBlock.h" 30 #include <wtf/Locker.h> 28 #include "FileBasedFuzzerAgentBase.h" 31 29 32 30 namespace JSC { 33 31 34 RandomizingFuzzerAgent::RandomizingFuzzerAgent(VM&) 35 : m_random(Options::seedOfRandomizingFuzzerAgent()) 36 { 37 } 32 class VM; 38 33 39 SpeculatedType RandomizingFuzzerAgent::getPrediction(CodeBlock* codeBlock, const CodeOrigin& codeOrigin, SpeculatedType original) 40 { 41 auto locker = holdLock(m_lock); 42 uint32_t high = m_random.getUint32(); 43 uint32_t low = m_random.getUint32(); 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dumpRandomizingFuzzerAgentPredictions()) 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 return generated; 48 } 34 class PredictionFileCreatingFuzzerAgent final : public FileBasedFuzzerAgentBase { 35 WTF_MAKE_FAST_ALLOCATED; 36 37 public: 38 PredictionFileCreatingFuzzerAgent(VM&); 39 40 protected: 41 SpeculatedType getPredictionInternal(CodeBlock*, PredictionTarget&, SpeculatedType original) override; 42 }; 49 43 50 44 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/RandomizingFuzzerAgent.cpp
r243885 r252978 43 43 uint32_t low = m_random.getUint32(); 44 44 SpeculatedType generated = static_cast<SpeculatedType>((static_cast<uint64_t>(high) << 32) | low) & SpecFullTop; 45 if (Options::dump RandomizingFuzzerAgentPredictions())45 if (Options::dumpFuzzerAgentPredictions()) 46 46 dataLogLn("getPrediction name:(", codeBlock->inferredName(), "#", codeBlock->hashAsStringIfPossible(), "),bytecodeIndex:(", codeOrigin.bytecodeIndex(), "),original:(", SpeculationDump(original), "),generated:(", SpeculationDump(generated), ")"); 47 47 return generated; -
trunk/Source/JavaScriptCore/runtime/VM.cpp
r252885 r252978 51 51 #include "FTLThunks.h" 52 52 #include "FastMallocAlignedMemoryAllocator.h" 53 #include "FileBasedFuzzerAgent.h" 53 54 #include "FunctionCodeBlock.h" 54 55 #include "FunctionConstructor.h" … … 118 119 #include "ObjCCallbackFunction.h" 119 120 #include "Parser.h" 121 #include "PredictionFileCreatingFuzzerAgent.h" 120 122 #include "ProfilerDatabase.h" 121 123 #include "ProgramCodeBlock.h" … … 464 466 if (Options::useDoublePredictionFuzzerAgent()) 465 467 setFuzzerAgent(makeUnique<DoublePredictionFuzzerAgent>(*this)); 468 if (Options::useFileBasedFuzzerAgent()) 469 setFuzzerAgent(makeUnique<FileBasedFuzzerAgent>(*this)); 470 if (Options::usePredictionFileCreatingFuzzerAgent()) 471 setFuzzerAgent(makeUnique<PredictionFileCreatingFuzzerAgent>(*this)); 466 472 467 473 if (Options::alwaysGeneratePCToCodeOriginMap())
Note: See TracChangeset
for help on using the changeset viewer.