<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[171350] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/171350">171350</a></dd>
<dt>Author</dt> <dd>fpizlo@apple.com</dd>
<dt>Date</dt> <dd>2014-07-22 11:27:17 -0700 (Tue, 22 Jul 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Extend exception fuzzing to the LLInt
https://bugs.webkit.org/show_bug.cgi?id=135076
Reviewed by Oliver Hunt.
Source/JavaScriptCore:
* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* jit/JITOperations.cpp:
(JSC::numberOfExceptionFuzzChecks): Deleted.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::setUpCall):
* runtime/CommonSlowPaths.cpp:
* runtime/ExceptionFuzz.cpp: Added.
(JSC::numberOfExceptionFuzzChecks):
(JSC::doExceptionFuzzing):
* runtime/ExceptionFuzz.h: Added.
(JSC::doExceptionFuzzingIfEnabled):
Tools:
* Scripts/jsc-stress-test-helpers/js-exception-fuzz:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreCMakeListstxt">trunk/Source/JavaScriptCore/CMakeLists.txt</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxproj">trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationscpp">trunk/Source/JavaScriptCore/jit/JITOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathscpp">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp">trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp</a></li>
<li><a href="#trunkToolsChangeLog">trunk/Tools/ChangeLog</a></li>
<li><a href="#trunkToolsScriptsjscstresstesthelpersjsexceptionfuzz">trunk/Tools/Scripts/jsc-stress-test-helpers/js-exception-fuzz</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreruntimeExceptionFuzzcpp">trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeExceptionFuzzh">trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreCMakeListstxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/CMakeLists.txt (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/CMakeLists.txt 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/CMakeLists.txt 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -380,7 +380,8 @@
</span><span class="cx"> runtime/ErrorHandlingScope.cpp
</span><span class="cx"> runtime/ErrorInstance.cpp
</span><span class="cx"> runtime/ErrorPrototype.cpp
</span><del>- runtime/ExceptionHelpers.cpp
</del><ins>+ runtime/ExceptionFuzz.cpp
+ runtime/ExceptionHelpers.cpp
</ins><span class="cx"> runtime/Executable.cpp
</span><span class="cx"> runtime/FunctionConstructor.cpp
</span><span class="cx"> runtime/FunctionExecutableDump.cpp
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/ChangeLog 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -1,3 +1,24 @@
</span><ins>+2014-07-18 Filip Pizlo <fpizlo@apple.com>
+
+ Extend exception fuzzing to the LLInt
+ https://bugs.webkit.org/show_bug.cgi?id=135076
+
+ Reviewed by Oliver Hunt.
+
+ * CMakeLists.txt:
+ * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
+ * JavaScriptCore.xcodeproj/project.pbxproj:
+ * jit/JITOperations.cpp:
+ (JSC::numberOfExceptionFuzzChecks): Deleted.
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::setUpCall):
+ * runtime/CommonSlowPaths.cpp:
+ * runtime/ExceptionFuzz.cpp: Added.
+ (JSC::numberOfExceptionFuzzChecks):
+ (JSC::doExceptionFuzzing):
+ * runtime/ExceptionFuzz.h: Added.
+ (JSC::doExceptionFuzzingIfEnabled):
+
</ins><span class="cx"> 2014-07-21 Mark Lam <mark.lam@apple.com>
</span><span class="cx">
</span><span class="cx"> Refactor ArrayPrototype to use getLength() and putLength() utility functions.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -667,6 +667,7 @@
</span><span class="cx"> <ClCompile Include="..\runtime\ErrorHandlingScope.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\ErrorInstance.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\ErrorPrototype.cpp" />
</span><ins>+ <ClCompile Include="..\runtime\ExceptionFuzz.cpp" />
</ins><span class="cx"> <ClCompile Include="..\runtime\ExceptionHelpers.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\Executable.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\FunctionConstructor.cpp" />
</span><span class="lines">@@ -1378,6 +1379,7 @@
</span><span class="cx"> <ClInclude Include="..\runtime\ErrorHandlingScope.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\ErrorInstance.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\ErrorPrototype.h" />
</span><ins>+ <ClInclude Include="..\runtime\ExceptionFuzz.h" />
</ins><span class="cx"> <ClInclude Include="..\runtime\ExceptionHelpers.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\Executable.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\Float32Array.h" />
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -92,6 +92,8 @@
</span><span class="cx"> 0F0CD4C215F1A6070032F1C0 /* PutDirectIndexMode.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F0CD4C015F1A6040032F1C0 /* PutDirectIndexMode.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 0F0CD4C415F6B6BB0032F1C0 /* SparseArrayValueMap.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F0CD4C315F6B6B50032F1C0 /* SparseArrayValueMap.cpp */; };
</span><span class="cx"> 0F0FC45A14BD15F500B81154 /* LLIntCallLinkInfo.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F0FC45814BD15F100B81154 /* LLIntCallLinkInfo.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><ins>+ 0F12DE0F1979D5FD0006FF4E /* ExceptionFuzz.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F12DE0D1979D5FD0006FF4E /* ExceptionFuzz.cpp */; };
+ 0F12DE101979D5FD0006FF4E /* ExceptionFuzz.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F12DE0E1979D5FD0006FF4E /* ExceptionFuzz.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx"> 0F136D4D174AD69E0075B354 /* DeferGC.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F136D4B174AD69B0075B354 /* DeferGC.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 0F13912916771C33009CCB07 /* ProfilerBytecodeSequence.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F13912416771C30009CCB07 /* ProfilerBytecodeSequence.cpp */; };
</span><span class="cx"> 0F13912A16771C36009CCB07 /* ProfilerBytecodeSequence.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F13912516771C30009CCB07 /* ProfilerBytecodeSequence.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="lines">@@ -1902,6 +1904,8 @@
</span><span class="cx"> 0F0CD4C015F1A6040032F1C0 /* PutDirectIndexMode.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PutDirectIndexMode.h; sourceTree = "<group>"; };
</span><span class="cx"> 0F0CD4C315F6B6B50032F1C0 /* SparseArrayValueMap.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SparseArrayValueMap.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F0FC45814BD15F100B81154 /* LLIntCallLinkInfo.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LLIntCallLinkInfo.h; sourceTree = "<group>"; };
</span><ins>+ 0F12DE0D1979D5FD0006FF4E /* ExceptionFuzz.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ExceptionFuzz.cpp; sourceTree = "<group>"; };
+ 0F12DE0E1979D5FD0006FF4E /* ExceptionFuzz.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ExceptionFuzz.h; sourceTree = "<group>"; };
</ins><span class="cx"> 0F136D4B174AD69B0075B354 /* DeferGC.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DeferGC.h; sourceTree = "<group>"; };
</span><span class="cx"> 0F13912416771C30009CCB07 /* ProfilerBytecodeSequence.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = ProfilerBytecodeSequence.cpp; path = profiler/ProfilerBytecodeSequence.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F13912516771C30009CCB07 /* ProfilerBytecodeSequence.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ProfilerBytecodeSequence.h; path = profiler/ProfilerBytecodeSequence.h; sourceTree = "<group>"; };
</span><span class="lines">@@ -4231,6 +4235,8 @@
</span><span class="cx"> 0FFC99D0184EC8AD009C10AB /* ConstantMode.h */,
</span><span class="cx"> BCA62DFF0E2826310004F30D /* ConstructData.cpp */,
</span><span class="cx"> BC8F3CCF0DAF17BA00577A80 /* ConstructData.h */,
</span><ins>+ 2A111243192FCE79005EE18D /* CustomGetterSetter.cpp */,
+ 2A111244192FCE79005EE18D /* CustomGetterSetter.h */,
</ins><span class="cx"> 0F2B66B017B6B5AB00A7AE3F /* DataView.cpp */,
</span><span class="cx"> 0F2B66B117B6B5AB00A7AE3F /* DataView.h */,
</span><span class="cx"> BCD203450E17135E002C7E82 /* DateConstructor.cpp */,
</span><span class="lines">@@ -4254,6 +4260,8 @@
</span><span class="cx"> BC02E98B0E183E38000F9297 /* ErrorInstance.h */,
</span><span class="cx"> BC02E9060E1839DB000F9297 /* ErrorPrototype.cpp */,
</span><span class="cx"> BC02E9070E1839DB000F9297 /* ErrorPrototype.h */,
</span><ins>+ 0F12DE0D1979D5FD0006FF4E /* ExceptionFuzz.cpp */,
+ 0F12DE0E1979D5FD0006FF4E /* ExceptionFuzz.h */,
</ins><span class="cx"> 1429D8770ED21ACD00B89619 /* ExceptionHelpers.cpp */,
</span><span class="cx"> A72701B30DADE94900E548D7 /* ExceptionHelpers.h */,
</span><span class="cx"> 86CA032D1038E8440028A609 /* Executable.cpp */,
</span><span class="lines">@@ -4279,9 +4287,9 @@
</span><span class="cx"> 0FB7F38F15ED8E3800F167B2 /* IndexingType.h */,
</span><span class="cx"> E178636C0D9BEEC300D74E75 /* InitializeThreading.cpp */,
</span><span class="cx"> E178633F0D9BEC0000D74E75 /* InitializeThreading.h */,
</span><ins>+ A7A8AF2B17ADB5F3005AB174 /* Int8Array.h */,
</ins><span class="cx"> A7A8AF2C17ADB5F3005AB174 /* Int16Array.h */,
</span><span class="cx"> A7A8AF2D17ADB5F3005AB174 /* Int32Array.h */,
</span><del>- A7A8AF2B17ADB5F3005AB174 /* Int8Array.h */,
</del><span class="cx"> A78853F717972629001440E4 /* IntendedStructureChain.cpp */,
</span><span class="cx"> A78853F817972629001440E4 /* IntendedStructureChain.h */,
</span><span class="cx"> BC9BB95B0E19680600DF8855 /* InternalFunction.cpp */,
</span><span class="lines">@@ -4340,9 +4348,9 @@
</span><span class="cx"> A59455911824744700CC3843 /* JSGlobalObjectDebuggable.h */,
</span><span class="cx"> BC756FC60E2031B200DE7D12 /* JSGlobalObjectFunctions.cpp */,
</span><span class="cx"> BC756FC70E2031B200DE7D12 /* JSGlobalObjectFunctions.h */,
</span><ins>+ 0F2B66C917B6B5AB00A7AE3F /* JSInt8Array.h */,
</ins><span class="cx"> 0F2B66CA17B6B5AB00A7AE3F /* JSInt16Array.h */,
</span><span class="cx"> 0F2B66CB17B6B5AB00A7AE3F /* JSInt32Array.h */,
</span><del>- 0F2B66C917B6B5AB00A7AE3F /* JSInt8Array.h */,
</del><span class="cx"> 65EA4C99092AF9E20093D800 /* JSLock.cpp */,
</span><span class="cx"> 65EA4C9A092AF9E20093D800 /* JSLock.h */,
</span><span class="cx"> A700873F17CBE8EB00C3E643 /* JSMap.cpp */,
</span><span class="lines">@@ -4396,10 +4404,10 @@
</span><span class="cx"> 0F2B66D017B6B5AB00A7AE3F /* JSTypedArrays.cpp */,
</span><span class="cx"> 0F2B66D117B6B5AB00A7AE3F /* JSTypedArrays.h */,
</span><span class="cx"> 6507D2970E871E4A00D7D896 /* JSTypeInfo.h */,
</span><ins>+ 0F2B66D217B6B5AB00A7AE3F /* JSUint8Array.h */,
+ 0F2B66D317B6B5AB00A7AE3F /* JSUint8ClampedArray.h */,
</ins><span class="cx"> 0F2B66D417B6B5AB00A7AE3F /* JSUint16Array.h */,
</span><span class="cx"> 0F2B66D517B6B5AB00A7AE3F /* JSUint32Array.h */,
</span><del>- 0F2B66D217B6B5AB00A7AE3F /* JSUint8Array.h */,
- 0F2B66D317B6B5AB00A7AE3F /* JSUint8ClampedArray.h */,
</del><span class="cx"> BC22A39A0E16E14800AF21C8 /* JSVariableObject.cpp */,
</span><span class="cx"> 14F252560D08DD8D004ECFFF /* JSVariableObject.h */,
</span><span class="cx"> A7CA3AE117DA41AE006538AF /* JSWeakMap.cpp */,
</span><span class="lines">@@ -4541,11 +4549,11 @@
</span><span class="cx"> 0F2B66DB17B6B5AB00A7AE3F /* TypedArrays.h */,
</span><span class="cx"> 0F2B66DC17B6B5AB00A7AE3F /* TypedArrayType.cpp */,
</span><span class="cx"> 0F2B66DD17B6B5AB00A7AE3F /* TypedArrayType.h */,
</span><ins>+ A7A8AF3017ADB5F3005AB174 /* Uint8Array.h */,
+ A7A8AF3117ADB5F3005AB174 /* Uint8ClampedArray.h */,
</ins><span class="cx"> A7A8AF3217ADB5F3005AB174 /* Uint16Array.h */,
</span><span class="cx"> 866739D113BFDE710023D87C /* Uint16WithFraction.h */,
</span><span class="cx"> A7A8AF3317ADB5F3005AB174 /* Uint32Array.h */,
</span><del>- A7A8AF3017ADB5F3005AB174 /* Uint8Array.h */,
- A7A8AF3117ADB5F3005AB174 /* Uint8ClampedArray.h */,
</del><span class="cx"> E18E3A570DF9278C00D90B34 /* VM.cpp */,
</span><span class="cx"> E18E3A560DF9278C00D90B34 /* VM.h */,
</span><span class="cx"> FE5932A5183C5A2600A1ECCC /* VMEntryScope.cpp */,
</span><span class="lines">@@ -4563,8 +4571,6 @@
</span><span class="cx"> 1420BE7A10AA6DDB00F455D2 /* WeakRandom.h */,
</span><span class="cx"> A7DCB77912E3D90500911940 /* WriteBarrier.h */,
</span><span class="cx"> C2B6D75218A33793004A9301 /* WriteBarrierInlines.h */,
</span><del>- 2A111243192FCE79005EE18D /* CustomGetterSetter.cpp */,
- 2A111244192FCE79005EE18D /* CustomGetterSetter.h */,
</del><span class="cx"> );
</span><span class="cx"> path = runtime;
</span><span class="cx"> sourceTree = "<group>";
</span><span class="lines">@@ -6166,6 +6172,7 @@
</span><span class="cx"> A785F6BC18C553FE00F10626 /* SpillRegistersMode.h in Headers */,
</span><span class="cx"> BC18C4550E16F5CD00B34460 /* PropertySlot.h in Headers */,
</span><span class="cx"> 0FB7F39C15ED8E4600F167B2 /* PropertyStorage.h in Headers */,
</span><ins>+ 0F12DE101979D5FD0006FF4E /* ExceptionFuzz.h in Headers */,
</ins><span class="cx"> BC18C4560E16F5CD00B34460 /* Protect.h in Headers */,
</span><span class="cx"> 1474C33B16AA2D950062F01D /* PrototypeMap.h in Headers */,
</span><span class="cx"> 0F9332A414CA7DD90085F3C6 /* PutByIdStatus.h in Headers */,
</span><span class="lines">@@ -6849,6 +6856,7 @@
</span><span class="cx"> A7A8AF3417ADB5F3005AB174 /* ArrayBuffer.cpp in Sources */,
</span><span class="cx"> 0FFC99D4184EE318009C10AB /* ArrayBufferNeuteringWatchpoint.cpp in Sources */,
</span><span class="cx"> A7A8AF3617ADB5F3005AB174 /* ArrayBufferView.cpp in Sources */,
</span><ins>+ 0F12DE0F1979D5FD0006FF4E /* ExceptionFuzz.cpp in Sources */,
</ins><span class="cx"> 147F39BF107EC37600427A48 /* ArrayConstructor.cpp in Sources */,
</span><span class="cx"> A7BDAEC617F4EA1400F6140C /* ArrayIteratorConstructor.cpp in Sources */,
</span><span class="cx"> A7BDAEC817F4EA1400F6140C /* ArrayIteratorPrototype.cpp in Sources */,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.cpp (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -38,6 +38,7 @@
</span><span class="cx"> #include "Debugger.h"
</span><span class="cx"> #include "Error.h"
</span><span class="cx"> #include "ErrorHandlingScope.h"
</span><ins>+#include "ExceptionFuzz.h"
</ins><span class="cx"> #include "GetterSetter.h"
</span><span class="cx"> #include "HostCallReturnValue.h"
</span><span class="cx"> #include "JIT.h"
</span><span class="lines">@@ -56,9 +57,6 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><del>-static unsigned s_numberOfExceptionFuzzChecks;
-unsigned numberOfExceptionFuzzChecks() { return s_numberOfExceptionFuzzChecks; }
-
</del><span class="cx"> extern "C" {
</span><span class="cx">
</span><span class="cx"> #if COMPILER(MSVC)
</span><span class="lines">@@ -1810,21 +1808,11 @@
</span><span class="cx"> // testing.
</span><span class="cx"> void JIT_OPERATION operationExceptionFuzz()
</span><span class="cx"> {
</span><del>- ASSERT(Options::enableExceptionFuzz());
-
</del><span class="cx"> // This probably "just works" for GCC also, but I haven't tried.
</span><span class="cx"> #if COMPILER(CLANG)
</span><span class="cx"> ExecState* exec = static_cast<ExecState*>(__builtin_frame_address(1));
</span><del>- DeferGCForAWhile deferGC(exec->vm().heap);
-
- s_numberOfExceptionFuzzChecks++;
-
- unsigned fireTarget = Options::fireExceptionFuzzAt();
- if (fireTarget == s_numberOfExceptionFuzzChecks) {
- printf("JSC EXCEPTION FUZZ: Throwing fuzz exception with call frame %p and return address %p.\n", exec, __builtin_return_address(0));
- exec->vm().throwException(
- exec, createError(exec->lexicalGlobalObject(), ASCIILiteral("Exception Fuzz")));
- }
</del><ins>+ void* returnPC = __builtin_return_address(0);
+ doExceptionFuzzing(exec, "JITOperations", returnPC);
</ins><span class="cx"> #endif // COMPILER(CLANG)
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -31,6 +31,7 @@
</span><span class="cx"> #include "CommonSlowPaths.h"
</span><span class="cx"> #include "CommonSlowPathsExceptions.h"
</span><span class="cx"> #include "ErrorHandlingScope.h"
</span><ins>+#include "ExceptionFuzz.h"
</ins><span class="cx"> #include "GetterSetter.h"
</span><span class="cx"> #include "HostCallReturnValue.h"
</span><span class="cx"> #include "Interpreter.h"
</span><span class="lines">@@ -90,6 +91,7 @@
</span><span class="cx"> } while (false)
</span><span class="cx">
</span><span class="cx"> #define LLINT_CHECK_EXCEPTION() do { \
</span><ins>+ doExceptionFuzzingIfEnabled(exec, "LLIntSlowPaths", pc); \
</ins><span class="cx"> if (UNLIKELY(vm.exception())) { \
</span><span class="cx"> pc = returnToThrow(exec); \
</span><span class="cx"> LLINT_END_IMPL(); \
</span><span class="lines">@@ -147,17 +149,20 @@
</span><span class="cx"> LLINT_CALL_END_IMPL(0, callToThrow(__ct_exec)); \
</span><span class="cx"> } while (false)
</span><span class="cx">
</span><del>-#define LLINT_CALL_CHECK_EXCEPTION(exec) do { \
</del><ins>+#define LLINT_CALL_CHECK_EXCEPTION(exec, execCallee) do { \
</ins><span class="cx"> ExecState* __cce_exec = (exec); \
</span><ins>+ ExecState* __cce_execCallee = (execCallee); \
+ doExceptionFuzzingIfEnabled(__cce_exec, "LLIntSlowPaths/call", nullptr); \
</ins><span class="cx"> if (UNLIKELY(vm.exception())) \
</span><del>- LLINT_CALL_END_IMPL(0, callToThrow(__cce_exec)); \
</del><ins>+ LLINT_CALL_END_IMPL(0, callToThrow(__cce_execCallee)); \
</ins><span class="cx"> } while (false)
</span><span class="cx">
</span><del>-#define LLINT_CALL_RETURN(exec, callTarget) do { \
</del><ins>+#define LLINT_CALL_RETURN(exec, execCallee, callTarget) do { \
</ins><span class="cx"> ExecState* __cr_exec = (exec); \
</span><ins>+ ExecState* __cr_execCallee = (execCallee); \
</ins><span class="cx"> void* __cr_callTarget = (callTarget); \
</span><del>- LLINT_CALL_CHECK_EXCEPTION(__cr_exec); \
- LLINT_CALL_END_IMPL(__cr_exec, __cr_callTarget); \
</del><ins>+ LLINT_CALL_CHECK_EXCEPTION(__cr_exec, __cr_execCallee); \
+ LLINT_CALL_END_IMPL(__cr_execCallee, __cr_callTarget); \
</ins><span class="cx"> } while (false)
</span><span class="cx">
</span><span class="cx"> #define LLINT_RETURN_CALLEE_FRAME(execCallee) do { \
</span><span class="lines">@@ -1041,7 +1046,7 @@
</span><span class="cx"> execCallee->setCallee(asObject(callee));
</span><span class="cx"> vm.hostCallReturnValue = JSValue::decode(callData.native.function(execCallee));
</span><span class="cx">
</span><del>- LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</del><ins>+ LLINT_CALL_RETURN(execCallee, execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if LLINT_SLOW_PATH_TRACING
</span><span class="lines">@@ -1064,7 +1069,7 @@
</span><span class="cx"> execCallee->setCallee(asObject(callee));
</span><span class="cx"> vm.hostCallReturnValue = JSValue::decode(constructData.native.function(execCallee));
</span><span class="cx">
</span><del>- LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</del><ins>+ LLINT_CALL_RETURN(execCallee, execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if LLINT_SLOW_PATH_TRACING
</span><span class="lines">@@ -1077,10 +1082,12 @@
</span><span class="cx">
</span><span class="cx"> inline SlowPathReturnType setUpCall(ExecState* execCallee, Instruction* pc, CodeSpecializationKind kind, JSValue calleeAsValue, LLIntCallLinkInfo* callLinkInfo = 0)
</span><span class="cx"> {
</span><ins>+ ExecState* exec = execCallee->callerFrame();
+
</ins><span class="cx"> #if LLINT_SLOW_PATH_TRACING
</span><del>- dataLogF("Performing call with recorded PC = %p\n", execCallee->callerFrame()->currentVPC());
</del><ins>+ dataLogF("Performing call with recorded PC = %p\n", exec->currentVPC());
</ins><span class="cx"> #endif
</span><del>-
</del><ins>+
</ins><span class="cx"> JSCell* calleeAsFunctionCell = getJSFunction(calleeAsValue);
</span><span class="cx"> if (!calleeAsFunctionCell)
</span><span class="cx"> return handleHostCall(execCallee, pc, calleeAsValue, kind);
</span><span class="lines">@@ -1100,7 +1107,7 @@
</span><span class="cx"> JSObject* error = functionExecutable->prepareForExecution(execCallee, callee, &scope, kind);
</span><span class="cx"> execCallee->setScope(scope);
</span><span class="cx"> if (error)
</span><del>- LLINT_CALL_THROW(execCallee->callerFrame(), error);
</del><ins>+ LLINT_CALL_THROW(exec, error);
</ins><span class="cx"> codeBlock = functionExecutable->codeBlockFor(kind);
</span><span class="cx"> ASSERT(codeBlock);
</span><span class="cx"> ArityCheckMode arity;
</span><span class="lines">@@ -1114,9 +1121,7 @@
</span><span class="cx"> ASSERT(!!codePtr);
</span><span class="cx">
</span><span class="cx"> if (!LLINT_ALWAYS_ACCESS_SLOW && callLinkInfo) {
</span><del>- ExecState* execCaller = execCallee->callerFrame();
-
- CodeBlock* callerCodeBlock = execCaller->codeBlock();
</del><ins>+ CodeBlock* callerCodeBlock = exec->codeBlock();
</ins><span class="cx">
</span><span class="cx"> ConcurrentJITLocker locker(callerCodeBlock->m_lock);
</span><span class="cx">
</span><span class="lines">@@ -1126,10 +1131,10 @@
</span><span class="cx"> callLinkInfo->lastSeenCallee.set(vm, callerCodeBlock->ownerExecutable(), callee);
</span><span class="cx"> callLinkInfo->machineCodeTarget = codePtr;
</span><span class="cx"> if (codeBlock)
</span><del>- codeBlock->linkIncomingCall(execCaller, callLinkInfo);
</del><ins>+ codeBlock->linkIncomingCall(exec, callLinkInfo);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- LLINT_CALL_RETURN(execCallee, codePtr.executableAddress());
</del><ins>+ LLINT_CALL_RETURN(exec, execCallee, codePtr.executableAddress());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> inline SlowPathReturnType genericCall(ExecState* exec, Instruction* pc, CodeSpecializationKind kind)
</span><span class="lines">@@ -1172,7 +1177,7 @@
</span><span class="cx">
</span><span class="cx"> ExecState* execCallee = sizeFrameForVarargs(exec, &vm.interpreter->stack(),
</span><span class="cx"> LLINT_OP_C(4).jsValue(), pc[5].u.operand, pc[6].u.operand);
</span><del>- LLINT_CALL_CHECK_EXCEPTION(exec);
</del><ins>+ LLINT_CALL_CHECK_EXCEPTION(exec, exec);
</ins><span class="cx">
</span><span class="cx"> vm.newCallFrameReturnValue = execCallee;
</span><span class="cx">
</span><span class="lines">@@ -1191,7 +1196,7 @@
</span><span class="cx"> ExecState* execCallee = vm.newCallFrameReturnValue;
</span><span class="cx">
</span><span class="cx"> loadVarargs(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue(), pc[6].u.operand);
</span><del>- LLINT_CALL_CHECK_EXCEPTION(exec);
</del><ins>+ LLINT_CALL_CHECK_EXCEPTION(exec, exec);
</ins><span class="cx">
</span><span class="cx"> execCallee->uncheckedR(JSStack::Callee) = calleeAsValue;
</span><span class="cx"> execCallee->setCallerFrame(exec);
</span><span class="lines">@@ -1212,7 +1217,7 @@
</span><span class="cx"> ExecState* execCallee = vm.newCallFrameReturnValue;
</span><span class="cx">
</span><span class="cx"> loadVarargs(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue(), pc[6].u.operand);
</span><del>- LLINT_CALL_CHECK_EXCEPTION(exec);
</del><ins>+ LLINT_CALL_CHECK_EXCEPTION(exec, exec);
</ins><span class="cx">
</span><span class="cx"> execCallee->uncheckedR(JSStack::Callee) = calleeAsValue;
</span><span class="cx"> execCallee->setCallerFrame(exec);
</span><span class="lines">@@ -1240,7 +1245,7 @@
</span><span class="cx"> return setUpCall(execCallee, pc, CodeForCall, calleeAsValue);
</span><span class="cx">
</span><span class="cx"> vm.hostCallReturnValue = eval(execCallee);
</span><del>- LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</del><ins>+ LLINT_CALL_RETURN(exec, execCallee, LLInt::getCodePtr(getHostCallReturnValue));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> LLINT_SLOW_PATH_DECL(slow_path_tear_off_activation)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -32,6 +32,7 @@
</span><span class="cx"> #include "CodeProfiling.h"
</span><span class="cx"> #include "CommonSlowPathsExceptions.h"
</span><span class="cx"> #include "ErrorHandlingScope.h"
</span><ins>+#include "ExceptionFuzz.h"
</ins><span class="cx"> #include "GetterSetter.h"
</span><span class="cx"> #include "HostCallReturnValue.h"
</span><span class="cx"> #include "Interpreter.h"
</span><span class="lines">@@ -92,6 +93,7 @@
</span><span class="cx"> } while (false)
</span><span class="cx">
</span><span class="cx"> #define CHECK_EXCEPTION() do { \
</span><ins>+ doExceptionFuzzingIfEnabled(exec, "CommonSlowPaths", pc); \
</ins><span class="cx"> if (UNLIKELY(vm.exception())) { \
</span><span class="cx"> RETURN_TO_THROW(exec, pc); \
</span><span class="cx"> END_IMPL(); \
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeExceptionFuzzcpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.cpp (0 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.cpp 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -0,0 +1,57 @@
</span><ins>+/*
+ * Copyright (C) 2014 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "ExceptionFuzz.h"
+
+#include "Error.h"
+#include "JSCInlines.h"
+#include "TestRunnerUtils.h"
+
+namespace JSC {
+
+static unsigned s_numberOfExceptionFuzzChecks;
+unsigned numberOfExceptionFuzzChecks() { return s_numberOfExceptionFuzzChecks; }
+
+// Call this only if you know that exception fuzzing is enabled.
+void doExceptionFuzzing(ExecState* exec, const char* where, void* returnPC)
+{
+ ASSERT(Options::enableExceptionFuzz());
+
+ DeferGCForAWhile deferGC(exec->vm().heap);
+
+ s_numberOfExceptionFuzzChecks++;
+
+ unsigned fireTarget = Options::fireExceptionFuzzAt();
+ if (fireTarget == s_numberOfExceptionFuzzChecks) {
+ printf("JSC EXCEPTION FUZZ: Throwing fuzz exception with call frame %p, seen in %s and return address %p.\n", exec, where, returnPC);
+ exec->vm().throwException(
+ exec, createError(exec->lexicalGlobalObject(), ASCIILiteral("Exception Fuzz")));
+ }
+}
+
+} // namespace JSC
+
+
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeExceptionFuzzh"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.h (0 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.h (rev 0)
+++ trunk/Source/JavaScriptCore/runtime/ExceptionFuzz.h 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -0,0 +1,49 @@
</span><ins>+/*
+ * Copyright (C) 2014 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef ExceptionFuzz_h
+#define ExceptionFuzz_h
+
+#include "Options.h"
+
+namespace JSC {
+
+class ExecState;
+
+// Call this only if you know that exception fuzzing is enabled.
+void doExceptionFuzzing(ExecState* exec, const char* where, void* returnPC);
+
+// This is what you should call if you don't know if fuzzing is enabled.
+ALWAYS_INLINE void doExceptionFuzzingIfEnabled(ExecState* exec, const char* where, void* returnPC)
+{
+ if (LIKELY(!Options::enableExceptionFuzz()))
+ return;
+ doExceptionFuzzing(exec, where, returnPC);
+}
+
+} // namespace JSC
+
+#endif // ExceptionFuzz_h
+
</ins></span></pre></div>
<a id="trunkToolsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Tools/ChangeLog (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/ChangeLog 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Tools/ChangeLog 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -1,3 +1,12 @@
</span><ins>+2014-07-18 Filip Pizlo <fpizlo@apple.com>
+
+ Extend exception fuzzing to the LLInt
+ https://bugs.webkit.org/show_bug.cgi?id=135076
+
+ Reviewed by Oliver Hunt.
+
+ * Scripts/jsc-stress-test-helpers/js-exception-fuzz:
+
</ins><span class="cx"> 2014-07-22 Jochen Eisinger <jochen@chromium.org>
</span><span class="cx">
</span><span class="cx"> Fix my email address in contributors.json
</span></span></pre></div>
<a id="trunkToolsScriptsjscstresstesthelpersjsexceptionfuzz"></a>
<div class="modfile"><h4>Modified: trunk/Tools/Scripts/jsc-stress-test-helpers/js-exception-fuzz (171349 => 171350)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/Scripts/jsc-stress-test-helpers/js-exception-fuzz 2014-07-22 18:13:46 UTC (rev 171349)
+++ trunk/Tools/Scripts/jsc-stress-test-helpers/js-exception-fuzz 2014-07-22 18:27:17 UTC (rev 171350)
</span><span class="lines">@@ -67,6 +67,10 @@
</span><span class="cx"> die "Failure for command $commandString with seed $seed, repeat $repeat: $context";
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+if (shift @ARGV) {
+ die "Ignoring garbage arguments; only the first non-option argument is used as the command string.";
+}
+
</ins><span class="cx"> open (my $testInput, "$commandString --enableExceptionFuzz=true |") or fail("Cannot execute initial command when getting check count");
</span><span class="cx"> while (my $inputLine = <$testInput>) {
</span><span class="cx"> chomp($inputLine);
</span></span></pre>
</div>
</div>
</body>
</html>