1. 22 Sep, 2020 1 commit
  2. 31 Jul, 2020 1 commit
    • Michael Achenbach's avatar
      Open source js-fuzzer · 320d9870
      Michael Achenbach authored
      This is a JavaScript fuzzer originally authored by Oliver Chang. It
      is a mutation based fuzzer using Babel code transformations. For more
      information see the included README.md.
      
      The original code was altered:
      - Add new V8 copyright headers.
      - Make the test expectation generator aware of the headers.
      - Fix file endings for presubmit checks.
      - Fix `npm test` on fresh checkout with a new fake DB.
      - Make test skipping work with new v8/tools location.
      - OWNERS file.
      - New title section in README.md.
      
      No-Try: true
      Bug: chromium:1109770
      Change-Id: Ie71752c0a37491a50500c49060a3c526716ef933
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2320330
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#69164}
      320d9870
  3. 27 Jul, 2020 1 commit
  4. 22 Jul, 2020 1 commit
  5. 03 Jul, 2020 1 commit
  6. 30 Jun, 2020 2 commits
    • Michael Achenbach's avatar
      [foozzie] Reduce probability of some extra flags · 9dd7a303
      Michael Achenbach authored
      Mostly gc-related flags didn't flush out any bugs yet, but often reduce
      test performance and lead to timeouts.
      
      No-Try: true
      Bug: chromium:1044942
      Change-Id: I2a7b55f78bfa3d597de1a5674658829e0812d01a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273861Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68608}
      9dd7a303
    • Michael Achenbach's avatar
      [foozzie] Compare baseline/default in every run · cca29094
      Michael Achenbach authored
      Previously we ran baseline (e.g. ignition) and one random secondary
      comparison configuration (e.g. turbofan) from the list of experiments.
      But Clusterfuzz imposes limitations on the total amount of fuzz tests.
      Therefore this change enables more throughput by always running the
      default configuration (ignition_turbofan like V8 is shipped)
      additionally to the baseline and the secondary configuration.
      
      This, hence, doubles the number of comparisons we run, with less than
      50% additional runtime, since the slow baseline configuration is only
      run once.
      
      The experiments table is updated accordingly. Explicit entries running
      ignition_turbofan are removed (as it always runs now), instead some
      of the other configurations are increased in their relative
      percentage. We also get a few new configurations that didn't run
      before (e.g. forcing the slow path on x86).
      
      No-Try: true
      Bug: chromium:1100114
      Change-Id: I69b2a41d78c06e556b309743a2aace1053c22f91
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270307Reviewed-by: 's avatarLiviu Rau <liviurau@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68607}
      cca29094
  7. 29 Jun, 2020 5 commits
  8. 24 Jun, 2020 1 commit
  9. 22 Jun, 2020 1 commit
  10. 19 Jun, 2020 1 commit
  11. 17 Jun, 2020 1 commit
  12. 28 May, 2020 1 commit
    • Michael Achenbach's avatar
      [foozzie] Defeat the CrashTests loop · 9036662f
      Michael Achenbach authored
      This prepares using ochang_js_fuzzer with foozzie. The fuzzer uses
      tests from CrashTests in the corpus. This leads to a loop when
      used with differential fuzzing, as foozzie dedupes failures based
      on the original file path. Foozzie finds a new failure for the
      existing failure in CrashTests, for which clusterfuzz creates a new
      crash test and so on.
      
      This subsumes all failures from CrashTests under the same key.
      Once such a failure is reported, a developer can add it to a
      mapping in foozzie.py, after which the global key can be used
      again by clusterfuzz to report another failure.
      
      No-Try: true
      Bug: chromium:1044942
      Change-Id: I801a23faeb0c672d6ad64b4100c463f53e36cbc2
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2214837
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68053}
      9036662f
  13. 06 May, 2020 1 commit
  14. 25 Apr, 2020 1 commit
  15. 24 Apr, 2020 1 commit
  16. 20 Apr, 2020 1 commit
  17. 19 Apr, 2020 1 commit
  18. 16 Apr, 2020 1 commit
  19. 28 Mar, 2020 2 commits
  20. 26 Mar, 2020 1 commit
  21. 24 Feb, 2020 1 commit
  22. 20 Feb, 2020 1 commit
  23. 18 Feb, 2020 1 commit
  24. 17 Feb, 2020 2 commits
  25. 12 Feb, 2020 3 commits
  26. 11 Feb, 2020 1 commit
  27. 05 Feb, 2020 1 commit
  28. 04 Feb, 2020 4 commits