1. 17 Nov, 2021 2 commits
  2. 16 Nov, 2021 1 commit
    • Clemens Backes's avatar
      [fuzzer][wasm] Explicitly test mid-tier register allocation · 97390bdc
      Clemens Backes authored
      This CL refactors how the first byte(s) of the input are used to set
      internal configuration, like which compiler to use and whether Liftoff
      will be used as reference instead of the interpreter.
      
      We now always use exactly one byte, and use it for all internal
      configuration. If more bits are needed in the future we can either
      extend to two bytes, or use the same bits for multiple things, while
      avoiding to lose coverage of all interesting configurations.
      
      For now, we use the first byte to derive
      - which compiler to use per function,
      - whether to use Liftoff as reference, and
      - (new) whether to globally enable the mid-tier register allocator.
      
      R=thibaudm@chromium.org
      
      Bug: v8:12330
      Change-Id: I2cae6628554ca8f7e08115015b36f9f0a6b8c34f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253156
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#77929}
      97390bdc
  3. 05 Nov, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm][fuzzer] Complex init. expressions in JS testcase · 74d9a764
      Manos Koukoutos authored
      We enable struct.new and array.init initializer expressions in the JS
      testcase generated by --wasm-fuzzer-gen-test. We needed to make some
      changes in the WasmInitExpr class, and to implement a new interface for
      the WasmFullDecoder, which constructs a WasmInitExpr.
      Changes:
      - Make WasmInitExpr a ZoneObject. Use a pointer for its operands_ field.
        This is needed so WasmInitExpr is trivially copiable, and thus usable
        as a Value type in WasmFullDecoder.
      - Implement a WasmFullDecoder interface in wasm-fuzzer-common that
        constructs a WasmInitExpr. Use it to decode initializers in the
        module generated by the fuzzer.
      - Change AppendInitExpr to take a WasmInitExpr as argument.
      - Fix an issue with printing of struct definitions.
      - Change initializer expression used for structs to struct.new_with_rtt.
        This is consistent with the currently used structural types.
      
      Bug: v8:11954
      Change-Id: I65a87cc98701a54f32500be192b3b6eef2ff6c8c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257712Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#77730}
      74d9a764
  4. 02 Nov, 2021 2 commits
  5. 26 Oct, 2021 1 commit
  6. 18 Oct, 2021 1 commit
  7. 13 Oct, 2021 2 commits
  8. 12 Oct, 2021 1 commit
  9. 08 Oct, 2021 1 commit
  10. 07 Oct, 2021 1 commit
  11. 04 Oct, 2021 1 commit
  12. 01 Oct, 2021 1 commit
  13. 28 Sep, 2021 2 commits
  14. 27 Sep, 2021 1 commit
  15. 23 Sep, 2021 2 commits
  16. 20 Sep, 2021 4 commits
  17. 15 Sep, 2021 1 commit
  18. 09 Sep, 2021 1 commit
  19. 08 Sep, 2021 1 commit
  20. 07 Sep, 2021 1 commit
  21. 06 Sep, 2021 2 commits
  22. 01 Sep, 2021 1 commit
  23. 31 Aug, 2021 2 commits
    • Manos Koukoutos's avatar
      [wasm] Support reftypes tables in WasmModuleBuilder · 797e4afe
      Manos Koukoutos authored
      WasmModuleBuilder is a class that is used to build Wasm modules in the
      asm.js parser, in the fuzzer, as well as some tests. When it comes to
      Wasm tables, WasmModuleBuilder currently supports only basic tables
      (before the reftypes proposal) using an ad-hoc indirect-function index
      vector.
      This CL adds proper support for element sections and tables that use
      them in the full potential of the reftypes extension. The new
      functionality will only be used in the fuzzer and potentially some tests
      in the future. Along this, we drop some functionality from
      WasmModuleBuilder that was only used in tests and is redundant with the
      new architecture.
      Additionally, we remove tables other than externref and funcref from the
      fuzzer (which were not supported properly or used anyway). We will
      reintroduce them at a later time.
      
      Bug: v8:11954
      Change-Id: I0a4f6e7b63b6e3d9f7da03b5202fbf14d8678332
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3122162
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#76597}
      797e4afe
    • Milad Fa's avatar
      [wasm][fuzzer] Fix compilation error on gcc · 8377d19a
      Milad Fa authored
      template specialisations must be defined
      outside of class body to prevent the following compilation error:
      
      error: explicit specialization in non-namespace scope
      
      Change-Id: Ic4b74a28cd21d96991ad784fbd3c598668ffc476
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129881Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Commit-Queue: Milad Fa <mfarazma@redhat.com>
      Cr-Commit-Position: refs/heads/main@{#76591}
      8377d19a
  24. 30 Aug, 2021 1 commit
    • Clemens Backes's avatar
      [wasm][fuzzer] Simplify boolean decisions · 9c5a434b
      Clemens Backes authored
      The wasm-compile fuzzer sometimes needs to generate a boolean flag from
      the input bytes. Since the general {DataRange::get} method results in
      undefined behaviour if instantiated with the {bool} type, we are getting
      an 8-bit value instead and looking at the least significant bit only.
      This CL improves this situation by implementing a template
      specialization for {bool} which uses the same trick, and uses that
      instead of hand-coding the modulo operation at the call sites.
      
      R=manoskouk@chromium.org
      
      Bug: v8:11879
      Change-Id: I6f9ce02dd8d9cd0998b83e081e4c6ca773e6cb53
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129429Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#76588}
      9c5a434b
  25. 27 Aug, 2021 3 commits
  26. 25 Aug, 2021 3 commits