Commits · daf0799828c249f4fd313e811f469539c07423cf · Linshizhi / V8

29 Jun, 2020 1 commit

[foozzie] Refactoring - several code clean-ups · c220a05c

This simplifies the lengthy main method by extracting some code and
by replacing the scattered returns with exceptions.

We introduce two exceptions for early bail-out. This enables helper
methods on multiple layers. The early bail-out on time-out is
moved to the point where it is detected.

Previously on timeout and crash we also printed out the step number.
Clusterfuzz doesn't parse this, it was only for statistical purposes,
and the latest version of the experimental workbench only parses
crashes and timeouts, not the step in which they happened. Hence,
this CL removes those step numbers.

Except the change described in the last paragraph, this CL doesn't
intend to change behavior.

No-Try: true
Bug: chromium:1100114
Change-Id: Ie8c18f183e4fc538577f3eb49aaf6df1acd1e4e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270547Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68576}

c220a05c

24 Jun, 2020 1 commit

[foozzie] Bail out on timeouts during validity checks · dd584721

Michael Achenbach authored 4 years ago

If we pass flags that make runs very slow, also the validity checks
might time out. Previously this wasn't checked and output was just
cut off.

This also tightens the timeout on validity checks as they are
expected to run very fast.

No-Try: true
Bug: chromium:1098646
Change-Id: Iea9a932be86e84040b72a2311aaa1d44100b3378
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2262915Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68510}

dd584721

20 Apr, 2020 1 commit

[foozzie] Ensure we use forgiving natives for correctness fuzzing · b4984de1

Michael Achenbach authored 4 years ago

NOTRY=true

Bug: v8:10249
Change-Id: I349d877688c6ea86db9974f28c32b02014b58ba2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154791Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67229}

b4984de1

28 Mar, 2020 1 commit

[foozzie] Fix more Python3 incompatibilities · 54048444

Michael Achenbach authored 4 years ago

NOTRY=true
TBR=tmrts@chromium.org

Bug: chromium:1065624
Change-Id: I6e49c48bb95e10b7fad1ff2c589a2dd459fff562
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124326Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66900}

54048444

04 Feb, 2020 2 commits

[foozzie] Add option to skip suppressions · 28abde86

Michael Achenbach authored 5 years ago

This will allow uploading repro test cases to clusterfuzz for
already suppressed known issues. This will allow tracking if those
issues still reproduce and that suppressions don't become stale.

No-Try: true
Bug: chromium:1044942
Change-Id: I997f11293c51836b97d143b0fea992055b39955e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2036083
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66114}

28abde86

[foozzie] Mock out WebAssembly when comparing with jitless · 9fbb56f5

Michael Achenbach authored 5 years ago

No-Try: true
Bug: chromium:1048620
Change-Id: I399144a9d8075efe40125dfcbe1dbbd0aabe0fe9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2036080Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66112}

9fbb56f5

03 Feb, 2020 1 commit

[foozzie] Compare output before crashes · 3fd58c66

Michael Achenbach authored 5 years ago

Crashes in the presence of RangeError happen often during differential
fuzzing. Until now we have ignored such cases completely.

After this change we compare as much output as possible when one or
both runs have crashed, dramatically increasing the coverage.

No-Try: true
Bug: chromium:1048099
Change-Id: I923c10e9064b5dc6cae1e39a254e221d2867e0e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2030914
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66085}

3fd58c66

31 Jan, 2020 1 commit

Whitelist natives for fuzzing · 2ee598ae

Michael Achenbach authored 5 years ago

This adds two flags for whitelisting natives on fuzzers:
--allow-natives-for-fuzzing:
Enables a small subset of runtime functions and replaces others with
undefined.
--allow-natives-for-differential-fuzzing
Restricts the allowed runtime functions even further, excluding the
ones that break differential fuzzing.

Bug: chromium:1044942
Change-Id: I890bd4a6ff7c2e483dd74155290a7ace06f85239
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2020773Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66068}

2ee598ae

15 Nov, 2019 1 commit

[foozzie] Refactor argument abstraction · dce12b63

Michael Achenbach authored 5 years ago

This adds an abstraction for command-line arguments for each of the
two comparison runs done in correctness fuzzing. No functional
changes intended.

No-Try: true
Bug: chromium:1023091
Change-Id: I9421715c4904416b9aaf53848954a5248c79ffd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906372
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64979}

dce12b63

14 Nov, 2019 1 commit

Reland "[foozzie] Refactor command abstraction" · 2475c91b

Michael Achenbach authored 5 years ago

This is a reland of 1d493d31

Original change's description:
> [foozzie] Refactor command abstraction
> 
> This moves code for running d8 into its own class. No functional
> changes intended.
> 
> No-Try: true
> Bug: chromium:1023091
> Change-Id: I7cbfeebd2911dc758322f89cf93666550f2956d9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906378
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64928}

Bug: chromium:1023091
Change-Id: I7df6e12084e20510a400ce209827c2bba8325f86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914209Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64966}

2475c91b

13 Nov, 2019 2 commits

Revert "[foozzie] Refactor command abstraction" · 53201194

Michael Achenbach authored 5 years ago

This reverts commit 1d493d31.

Reason for revert: Fails on clusterfuzz:
https://crbug.com/1024241

Original change's description:
> [foozzie] Refactor command abstraction
> 
> This moves code for running d8 into its own class. No functional
> changes intended.
> 
> No-Try: true
> Bug: chromium:1023091
> Change-Id: I7cbfeebd2911dc758322f89cf93666550f2956d9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906378
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64928}

TBR=machenbach@chromium.org,tmrts@chromium.org,almuthanna@google.com,liviurau@chromium.org

Change-Id: I22aede0d2c8bd3cde48c45f4663b43caa4d60b65
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1023091,chromium:1024241
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914208Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64933}

53201194

[foozzie] Refactor command abstraction · 1d493d31

Michael Achenbach authored 5 years ago

This moves code for running d8 into its own class. No functional
changes intended.

No-Try: true
Bug: chromium:1023091
Change-Id: I7cbfeebd2911dc758322f89cf93666550f2956d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906378
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64928}

1d493d31

22 Feb, 2018 1 commit

[foozzie] Rename folder to account for new clusterfuzz configs · 22fb961b

Michael Achenbach authored 7 years ago

We'll soon also host other configurations for general fuzzing, not only
correctness fuzzing in the new tools/clusterfuzz folder.

TBR=yangguo@chromium.org

Bug: chromium:813833
Change-Id: Icd966bfec91cc547522bad5d1a842500b554754f
Reviewed-on: https://chromium-review.googlesource.com/930331Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51480}

22fb961b

19 Dec, 2016 1 commit

[foozzie] Initial correctness fuzzer harness. · e669816e

machenbach authored 8 years ago

Initial version of the correctness fuzzer harness for manual testing
and experiments.

For automated usage, some outstanding TODOs are left in the code. E.g.
- Hash source file names in error case
- Bundle script in out directory with executables
- Some suppressions are tied to already fixed bugs. We'll keep it like that for now to test
removing those suppressions in production later.

BUG=chromium:673246
NOTRY=true

Review-Url: https://codereview.chromium.org/2578503003
Cr-Commit-Position: refs/heads/master@{#41789}

e669816e