types-fuzz.h 11.1 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
// Copyright 2014 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
//     * Redistributions of source code must retain the above copyright
//       notice, this list of conditions and the following disclaimer.
//     * Redistributions in binary form must reproduce the above
//       copyright notice, this list of conditions and the following
//       disclaimer in the documentation and/or other materials provided
//       with the distribution.
//     * Neither the name of Google Inc. nor the names of its
//       contributors may be used to endorse or promote products derived
//       from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

#ifndef V8_TEST_CCTEST_TYPES_H_
#define V8_TEST_CCTEST_TYPES_H_

31
#include "src/base/utils/random-number-generator.h"
32 33 34 35 36 37 38 39
#include "src/v8.h"

namespace v8 {
namespace internal {


class Types {
 public:
40 41 42 43 44
  Types(Zone* zone, Isolate* isolate, v8::base::RandomNumberGenerator* rng)
      : zone_(zone), isolate_(isolate), rng_(rng) {
#define DECLARE_TYPE(name, value) \
  name = Type::name();            \
  types.push_back(name);
45 46 47
    PROPER_BITSET_TYPE_LIST(DECLARE_TYPE)
    #undef DECLARE_TYPE

48 49
    SignedSmall = Type::SignedSmall();
    UnsignedSmall = Type::UnsignedSmall();
50

51 52 53 54 55 56 57
    object_map = isolate->factory()->NewMap(
        JS_OBJECT_TYPE, JSObject::kHeaderSize);
    array_map = isolate->factory()->NewMap(
        JS_ARRAY_TYPE, JSArray::kSize);
    number_map = isolate->factory()->NewMap(
        HEAP_NUMBER_TYPE, HeapNumber::kSize);
    uninitialized_map = isolate->factory()->uninitialized_map();
58 59 60 61
    ObjectClass = Type::Class(object_map, zone);
    ArrayClass = Type::Class(array_map, zone);
    NumberClass = Type::Class(number_map, zone);
    UninitializedClass = Type::Class(uninitialized_map, zone);
62 63 64 65 66

    maps.push_back(object_map);
    maps.push_back(array_map);
    maps.push_back(uninitialized_map);
    for (MapVector::iterator it = maps.begin(); it != maps.end(); ++it) {
67
      types.push_back(Type::Class(*it, zone));
68 69 70 71 72 73 74 75
    }

    smi = handle(Smi::FromInt(666), isolate);
    signed32 = isolate->factory()->NewHeapNumber(0x40000000);
    object1 = isolate->factory()->NewJSObjectFromMap(object_map);
    object2 = isolate->factory()->NewJSObjectFromMap(object_map);
    array = isolate->factory()->NewJSArray(20);
    uninitialized = isolate->factory()->uninitialized_value();
76 77
    SmiConstant = Type::Constant(smi, zone);
    Signed32Constant = Type::Constant(signed32, zone);
78

79 80 81 82
    ObjectConstant1 = Type::Constant(object1, zone);
    ObjectConstant2 = Type::Constant(object2, zone);
    ArrayConstant = Type::Constant(array, zone);
    UninitializedConstant = Type::Constant(uninitialized, zone);
83 84 85 86 87 88 89 90

    values.push_back(smi);
    values.push_back(signed32);
    values.push_back(object1);
    values.push_back(object2);
    values.push_back(array);
    values.push_back(uninitialized);
    for (ValueVector::iterator it = values.begin(); it != values.end(); ++it) {
91
      types.push_back(Type::Constant(*it, zone));
92 93
    }

94 95
    integers.push_back(isolate->factory()->NewNumber(-V8_INFINITY));
    integers.push_back(isolate->factory()->NewNumber(+V8_INFINITY));
96 97 98 99 100 101 102 103 104
    integers.push_back(isolate->factory()->NewNumber(-rng_->NextInt(10)));
    integers.push_back(isolate->factory()->NewNumber(+rng_->NextInt(10)));
    for (int i = 0; i < 10; ++i) {
      double x = rng_->NextInt();
      integers.push_back(isolate->factory()->NewNumber(x));
      x *= rng_->NextInt();
      if (!IsMinusZero(x)) integers.push_back(isolate->factory()->NewNumber(x));
    }

105
    Integer = Type::Range(-V8_INFINITY, +V8_INFINITY, zone);
106

107 108 109
    NumberArray = Type::Array(Number, zone);
    StringArray = Type::Array(String, zone);
    AnyArray = Type::Array(Any, zone);
110

111 112 113 114
    SignedFunction1 = Type::Function(SignedSmall, SignedSmall, zone);
    NumberFunction1 = Type::Function(Number, Number, zone);
    NumberFunction2 = Type::Function(Number, Number, Number, zone);
    MethodFunction = Type::Function(String, Object, 0, zone);
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132

    for (int i = 0; i < 30; ++i) {
      types.push_back(Fuzz());
    }
  }

  Handle<i::Map> object_map;
  Handle<i::Map> array_map;
  Handle<i::Map> number_map;
  Handle<i::Map> uninitialized_map;

  Handle<i::Smi> smi;
  Handle<i::HeapNumber> signed32;
  Handle<i::JSObject> object1;
  Handle<i::JSObject> object2;
  Handle<i::JSArray> array;
  Handle<i::Oddball> uninitialized;

133
#define DECLARE_TYPE(name, value) Type* name;
134
  PROPER_BITSET_TYPE_LIST(DECLARE_TYPE)
135
  #undef DECLARE_TYPE
136

137
#define DECLARE_TYPE(name, value) Type* Mask##name##ForTesting;
138 139
  MASK_BITSET_TYPE_LIST(DECLARE_TYPE)
#undef DECLARE_TYPE
140 141
  Type* SignedSmall;
  Type* UnsignedSmall;
142

143 144 145 146
  Type* ObjectClass;
  Type* ArrayClass;
  Type* NumberClass;
  Type* UninitializedClass;
147

148 149 150 151 152 153
  Type* SmiConstant;
  Type* Signed32Constant;
  Type* ObjectConstant1;
  Type* ObjectConstant2;
  Type* ArrayConstant;
  Type* UninitializedConstant;
154

155
  Type* Integer;
156

157 158 159
  Type* NumberArray;
  Type* StringArray;
  Type* AnyArray;
160

161 162 163 164
  Type* SignedFunction1;
  Type* NumberFunction1;
  Type* NumberFunction2;
  Type* MethodFunction;
165

166
  typedef std::vector<Type*> TypeVector;
167 168 169 170 171 172 173 174
  typedef std::vector<Handle<i::Map> > MapVector;
  typedef std::vector<Handle<i::Object> > ValueVector;

  TypeVector types;
  MapVector maps;
  ValueVector values;
  ValueVector integers;  // "Integer" values used for range limits.

175
  Type* Of(Handle<i::Object> value) { return Type::Of(value, zone_); }
176

177
  Type* NowOf(Handle<i::Object> value) { return Type::NowOf(value, zone_); }
178

179
  Type* Class(Handle<i::Map> map) { return Type::Class(map, zone_); }
180

181 182
  Type* Constant(Handle<i::Object> value) {
    return Type::Constant(value, zone_);
183 184
  }

185
  Type* Range(double min, double max) { return Type::Range(min, max, zone_); }
186

187
  Type* Context(Type* outer) { return Type::Context(outer, zone_); }
188

189
  Type* Array1(Type* element) { return Type::Array(element, zone_); }
190

191 192
  Type* Function0(Type* result, Type* receiver) {
    return Type::Function(result, receiver, 0, zone_);
193 194
  }

195 196
  Type* Function1(Type* result, Type* receiver, Type* arg) {
    Type* type = Type::Function(result, receiver, 1, zone_);
197 198 199 200
    type->AsFunction()->InitParameter(0, arg);
    return type;
  }

201 202
  Type* Function2(Type* result, Type* arg1, Type* arg2) {
    return Type::Function(result, arg1, arg2, zone_);
203 204
  }

205
  Type* Union(Type* t1, Type* t2) { return Type::Union(t1, t2, zone_); }
206

207
  Type* Intersect(Type* t1, Type* t2) { return Type::Intersect(t1, t2, zone_); }
208

209
  Type* Representation(Type* t) { return Type::Representation(t, zone_); }
210

211
  // Type* Semantic(Type* t) { return Intersect(t,
212
  // MaskSemanticForTesting); }
213
  Type* Semantic(Type* t) { return Type::Semantic(t, zone_); }
214

215
  Type* Random() {
216 217 218
    return types[rng_->NextInt(static_cast<int>(types.size()))];
  }

219
  Type* Fuzz(int depth = 4) {
220 221 222 223 224 225
    switch (rng_->NextInt(depth == 0 ? 3 : 20)) {
      case 0: {  // bitset
        #define COUNT_BITSET_TYPES(type, value) + 1
        int n = 0 PROPER_BITSET_TYPE_LIST(COUNT_BITSET_TYPES);
        #undef COUNT_BITSET_TYPES
        // Pick a bunch of named bitsets and return their intersection.
226
        Type* result = Type::Any();
227 228
        for (int i = 0, m = 1 + rng_->NextInt(3); i < m; ++i) {
          int j = rng_->NextInt(n);
229 230 231 232 233 234 235 236 237 238
#define PICK_BITSET_TYPE(type, value)                         \
  if (j-- == 0) {                                             \
    Type* tmp = Type::Intersect(result, Type::type(), zone_); \
    if (tmp->Is(Type::None()) && i != 0) {                    \
      break;                                                  \
    } else {                                                  \
      result = tmp;                                           \
      continue;                                               \
    }                                                         \
  }
239 240 241 242 243 244 245
          PROPER_BITSET_TYPE_LIST(PICK_BITSET_TYPE)
          #undef PICK_BITSET_TYPE
        }
        return result;
      }
      case 1: {  // class
        int i = rng_->NextInt(static_cast<int>(maps.size()));
246
        return Type::Class(maps[i], zone_);
247 248 249
      }
      case 2: {  // constant
        int i = rng_->NextInt(static_cast<int>(values.size()));
250
        return Type::Constant(values[i], zone_);
251 252 253 254
      }
      case 3: {  // range
        int i = rng_->NextInt(static_cast<int>(integers.size()));
        int j = rng_->NextInt(static_cast<int>(integers.size()));
255 256 257
        double min = integers[i]->Number();
        double max = integers[j]->Number();
        if (min > max) std::swap(min, max);
258
        return Type::Range(min, max, zone_);
259 260 261
      }
      case 4: {  // context
        int depth = rng_->NextInt(3);
262 263
        Type* type = Type::Internal();
        for (int i = 0; i < depth; ++i) type = Type::Context(type, zone_);
264 265 266
        return type;
      }
      case 5: {  // array
267 268
        Type* element = Fuzz(depth / 2);
        return Type::Array(element, zone_);
269 270 271
      }
      case 6:
      case 7: {  // function
272 273
        Type* result = Fuzz(depth / 2);
        Type* receiver = Fuzz(depth / 2);
274
        int arity = rng_->NextInt(3);
275
        Type* type = Type::Function(result, receiver, arity, zone_);
276
        for (int i = 0; i < type->AsFunction()->Arity(); ++i) {
277
          Type* parameter = Fuzz(depth / 2);
278 279 280 281
          type->AsFunction()->InitParameter(i, parameter);
        }
        return type;
      }
282 283 284
      case 8: {  // simd
        static const int num_simd_types =
            #define COUNT_SIMD_TYPE(NAME, Name, name, lane_count, lane_type) +1
285
            SIMD128_TYPES(COUNT_SIMD_TYPE);
286
            #undef COUNT_SIMD_TYPE
287
        Type* (*simd_constructors[num_simd_types])(Isolate*, Zone*) = {
288 289
          #define COUNT_SIMD_TYPE(NAME, Name, name, lane_count, lane_type) \
          &Type::Name,
290
            SIMD128_TYPES(COUNT_SIMD_TYPE)
291 292
          #undef COUNT_SIMD_TYPE
        };
293 294
        return simd_constructors[rng_->NextInt(num_simd_types)](isolate_,
                                                                zone_);
295
      }
296 297
      default: {  // union
        int n = rng_->NextInt(10);
298
        Type* type = None;
299
        for (int i = 0; i < n; ++i) {
300 301
          Type* operand = Fuzz(depth - 1);
          type = Type::Union(type, operand, zone_);
302 303 304 305 306 307 308
        }
        return type;
      }
    }
    UNREACHABLE();
  }

309
  Zone* zone() { return zone_; }
310 311

 private:
312
  Zone* zone_;
313
  Isolate* isolate_;
314 315 316 317
  v8::base::RandomNumberGenerator* rng_;
};


318 319
}  // namespace internal
}  // namespace v8
320 321

#endif