Commit Graph

31 Commits

Author SHA1 Message Date
Mythri A
18fcd0b4ee [clusterfuzz] Teach clusterfuzz to use --no-lazy-feedback-allocation
To correctly fuzz the behaviour of optimized code and ICs we need to
allocate feedback vectors. So for the configurations testing these we
should turn off lazy feedback allocation.

It is also good to fuzz without lazy feedback allocation on other
configurations to flush out any other issues. So we also fuzz this with
0.35 chance. We also fuzz aggressive lazy feedback allocation (allocate
feedback vectors on first branch / return) with 0.05 chance to test
corner cases related to lazy feedback allocation.

Bug: v8:9342
Change-Id: Id0761d1396bfc0866988abb8fb20168b86a5da20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672939
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62347}
2019-06-25 09:20:19 +00:00
Michael Achenbach
d4191cdc9a [foozzie] Reduce no-ic experiment until bugs are fixed
We have too many dupes in the no-ic comparisons. We'll increase the
experiment size again once bugs are fixed.

TBR=jarin@chromium.org
NOTRY=true

Bug: chromium:961709
Change-Id: Ic946100b45fd73e1bee59f188a766384836bcdcf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660624
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62212}
2019-06-17 12:17:39 +00:00
Yang Guo
8f4845117b Remove 'set noparent' from OWNERS files where reasonable
R=rmcilroy@chromium.org
NOPRESUBMIT=true

Bug: v8:9247
Change-Id: I355ac92c323ab34e1898c0764856ebadc3357dcc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635691
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61960}
2019-06-03 10:18:22 +00:00
Michael Achenbach
45bfa681f9 [foozzie] Add interrupt-budget trial
NOTRY=true

Bug: v8:9276
Change-Id: Ifd0ec8d86d880ce29101260833528e1aa230de01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624205
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61728}
2019-05-22 09:49:40 +00:00
Michael Achenbach
6207d75e91 [foozzie] Add no-ic configurations
NOTRY=true

Bug: v8:9277
Change-Id: If385439e2bdd8146fe3ba5734920b2096b6c1789
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622853
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61724}
2019-05-22 08:28:53 +00:00
Yang Guo
078cf26ac1 Clean up infra owners
R=tmrts@chromium.org

Bug: v8:9247
Change-Id: I9b34ee96e03d3cbca165452fc8427679cf6e7582
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1612900
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61518}
2019-05-15 11:18:43 +00:00
Michael Achenbach
b3b6b5c655 [foozzie] Ignore error messages in correctness fuzzing
Error messages are unspecified in JavaScript and occasional small
differences in the compared configurations lead to an unjustified
maintenance burden of correctness-fuzzing issues.

This CL replaces most error messages with a fixed suppression
message during correctness fuzzing (behind a flag).

The flag covering all extra behavior for correctness fuzzing is now
renamed to --correctness-fuzzer-suppressions.

Bug: chromium:958668,chromium:946476
Change-Id: Iba1197f765138a962d5bbb176730322e5a411707
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594730
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61249}
2019-05-06 16:11:37 +00:00
Michael Starzinger
6957e23b54 [asm.js] Exported functions diverge from wasm js-api spec.
The WebAssembly JavaScript Interface specifies[1] that exported
functions are not constructors, hence do not have the "prototype"
property. This is not true for asm.js exported functions which are
expected to look like normal functions (or constructors).

[1] https://webassembly.github.io/spec/js-api/index.html#exported-function-exotic-objects

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-crbug-935800
BUG=chromium:935800

Change-Id: Idecacfb7f5d4668540589af95fd59872334c21a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578499
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60943}
2019-04-23 11:54:01 +00:00
Clemens Hammacher
ac8c78e01d [cleanup] Replace underscore by minus in d8 flags
Reading --verify_predictable makes me sad, whereas --verify-predictable
makes me happy. This CL introduces more happiness.

R=machenbach@chromium.org

Bug: v8:8834
Change-Id: Id51a75f32e6d5a2f87aed81e058a8b6dff189758
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1550399
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60599}
2019-04-03 12:32:08 +00:00
Clemens Hammacher
0a703c5b93 [foozzie] Disable async compilation of WebAssembly
Async compilation introduces nondeterminism, thus disable it for
foozzie.

R=ahaas@chromium.org, machenbach@chromium.org

Bug: v8:8949, chromium:942941
Change-Id: Ieeb92c530de299cdd34f0d9cc3a1293b2dc5e139
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526194
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60287}
2019-03-18 12:41:08 +00:00
Michael Achenbach
47608ce626 [foozzie] Add sanity checks to avoid bug flooding
This lets foozzie call d8 with sanity output before doing the actual
correctness comparisons. This will make clusterfuzz dedupe cases on
the difference found in the sanity checks.

Also adding missing OWNERS file.

NOTRY=true

Bug: chromium:933076
Change-Id: I4229183726064cc0ad76da8fe432e1dbb601a7ba
Reviewed-on: https://chromium-review.googlesource.com/c/1491221
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59938}
2019-02-28 11:27:32 +00:00
Vadim Gorbachev (bmsdave)
7315d7b3d7 Preparing v8 to use with python3 /tools
There are now less that 400 days until the end of life
of Python 2(aka _legacy_ Python) https://pythonclock.org/ .
The code compatibility check for python2 and python3
used the following tools: futurize, flake8
You can see the reports here: https://travis-ci.com/bmsdave/v8/builds

This CL was uploaded by git cl split.

Bug: v8:8594
Change-Id: I661c52a70527e8ddde841fee6d4dcba282b4a938
Reviewed-on: https://chromium-review.googlesource.com/c/1470123
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59675}
2019-02-19 09:12:07 +00:00
Michael Achenbach
4dca523b09 [foozzie] Remove obsolete asm comparison
NOTRY=true

Change-Id: I71c5fbfbb58cd13613506acabf446d9cffc6d23b
Reviewed-on: https://chromium-review.googlesource.com/c/1451837
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59333}
2019-02-04 12:05:13 +00:00
Michael Achenbach
8981735e8b [foozzie] Add more stress experiments
NOTRY=true

Bug: v8:8278
Change-Id: I0f6c5ca3766ce6a9ffa2a97082b875b2a3fb357f
Reviewed-on: https://chromium-review.googlesource.com/c/1450122
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59326}
2019-02-04 10:21:13 +00:00
Michael Achenbach
026ef7237d [foozzie] Compare running jitless
This replaces the "trusted" with the "jitless" correctness-fuzzing experiment.
The former is a no-op already.

NOTRY=true

Bug: v8:8778
Change-Id: Ie9b490df27071980b2049148844b8f716bbbb1f7
Reviewed-on: https://chromium-review.googlesource.com/c/1450120
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59313}
2019-02-04 07:54:08 +00:00
Michael Achenbach
fdcaa3d452 [foozzie] Properly stub out typed array constructor
When using correctness fuzzing, this makes sure all non-object
arguments to typed array constructors are bound by 1MiB when
interpreted as numbers.

NOTRY=true

Bug: chromium:910962
Change-Id: I66e87ece27aae7c5fa88429c5d1f1f478de702ae
Reviewed-on: https://chromium-review.googlesource.com/c/1369959
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58144}
2018-12-11 09:14:40 +00:00
Jakob Kummerow
109fec8ce0 [foozzie] Add Big*64Array to mock file
To prevent correctness fuzzers from finding spurious differences
between architectures, we need to mock out the maximum length of
all TypedArrays. This patch adds the two new types BigInt64Array
and BigUint64Array to the existing list.

Bug: chromium:894864
Change-Id: I5cdeeafa597b09aee2d9b4d368c07f10008baf58
Reviewed-on: https://chromium-review.googlesource.com/c/1285399
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56710}
2018-10-17 06:24:06 +00:00
Clemens Hammacher
a6a727357e [foozzie] Move --suppress-asm-messages flag to FLAGS
Instead of repeating it in every configuration, just add it to the
common FLAGS.

R=machenbach@chromium.org

Change-Id: I93e7ef0f0ad55bfe0a0e24f50d5a73d4658d7554
Reviewed-on: https://chromium-review.googlesource.com/1141733
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54552}
2018-07-19 10:39:37 +00:00
Clemens Hammacher
605f94b700 [foozzie] Update existing configs for liftoff
Instead of having a separate liftoff config, which is tested against
the default (which currently means tier-up from liftoff to turbofan),
just choose reasonable liftoff configs for the existing configs.
'ignition' now implies pure liftoff execution.
'ignition_turbo_opt' always compiles with turbofan.
Other configs use the default (tier up).

R=machenbach@chromium.org

Bug: chromium:824098, v8:6600
Change-Id: I92c008fc1b1fa54d3161fb5695a095127d6ac263
Reviewed-on: https://chromium-review.googlesource.com/1141731
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54548}
2018-07-19 09:51:06 +00:00
Clemens Hammacher
76ac6372fa [wasm] Prepare enabling liftoff by default on ia32 and x64
Before flipping the flag, some tests need to be adapted. This CL
prepares these tests, such that the flag flip CL really just flips a
flag.

R=titzer@chromium.org, hablich@chromium.org

Bug: v8:6600, chromium:787421
Change-Id: I8030df69cda5f3fb81354350a37f65c0d1c669bd
Reviewed-on: https://chromium-review.googlesource.com/1110363
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53959}
2018-06-22 11:06:26 +00:00
Michael Achenbach
ba5b4a3235 [foozzie] Make correctness runs deterministic
NOTRY=true

Bug: chromium:829681
Change-Id: Iccf9b190e77b1c27fedec74d67f5948803dd1fa9
Reviewed-on: https://chromium-review.googlesource.com/998355
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52437}
2018-04-06 12:16:36 +00:00
Michael Achenbach
adf7ee1791 [foozzie] Add trial for --noanalyze-environment-liveness
NOTRY=true

Bug: chromium:827067
Change-Id: I05073fd85b8b1b1545d5c2be55676aed237d1c10
Reviewed-on: https://chromium-review.googlesource.com/997292
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52376}
2018-04-05 07:22:34 +00:00
Clemens Hammacher
49f23ce642 [foozzie] Add Liftoff testing
This adds 5% testing of 'ignition' vs 'liftoff', which tests Turbofan vs
Liftoff for wasm code, and tests Ignition vs Turbofan for javascript
code.
It also adds 3% testing of 'liftoff' (x64) vs 'liftoff' (ia32), which
does standard x64 vs ia32 testing for javascript code.

R=machenbach@chromium.org

Bug: chromium:824098, v8:6600
Change-Id: I6a6afae0300efc33f3535541a11695a7bb32dcc5
Reviewed-on: https://chromium-review.googlesource.com/973161
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52111}
2018-03-21 12:56:18 +00:00
Michael Achenbach
f24b9271de [foozzie] Fix errors in adjusted harness
TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: I51780d467d9e57ed0621741da7b9fb215c3233c5
Reviewed-on: https://chromium-review.googlesource.com/955082
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51797}
2018-03-08 08:17:12 +00:00
Michael Achenbach
3f10c65f26 [foozzie] Suppress optimization status for correctness fuzzing
TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: If9694bebc6576549feb00cbf035c4a5e92a70976
Reviewed-on: https://chromium-review.googlesource.com/936442
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51542}
2018-02-24 18:32:35 +00:00
Michael Achenbach
03f203bdf3 [foozzie] Fix Date proxy mocking
Fuzzers after switching to ToT mjsunit.js, which accesses
Date.prototype, while for correctness fuzzing it's mocked out as a
proxy.

This makes the proxy return the property correctly.

TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: Ic4b6412063f42c4e75905fbd568b7f81bc54daff
Reviewed-on: https://chromium-review.googlesource.com/936046
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51539}
2018-02-24 02:10:02 +00:00
Michael Achenbach
5f0a4422df [foozzie] Override more mjsunit.js methods for better output comparison
TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: I8f687d27981a54234c37ba2e4b22060696f6dee7
Reviewed-on: https://chromium-review.googlesource.com/936006
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51538}
2018-02-24 01:39:41 +00:00
Michael Achenbach
ce286f2106 [foozzie] Migrate more harness adjustments to V8 repo
This adds printing on failures to compare output when correctness fuzzing.

TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: I0280561392f6614960608db4e93341552c716142
Reviewed-on: https://chromium-review.googlesource.com/934843
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51529}
2018-02-23 17:12:07 +00:00
Michael Achenbach
34ba47dae9 [foozzie] Remove async suppressions
NOTRY=true
TBR=gsathya@chromium.org

Bug: chromium:800651
Change-Id: I9e978c430cbeef0fcf004d1cfbd1e64f15983155
Reviewed-on: https://chromium-review.googlesource.com/933294
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51490}
2018-02-23 00:20:48 +00:00
Michael Achenbach
8d889e390b [foozzie] Migrate mjsunit harness adjustments to V8 repo
This migrates harness adjustments, to be loaded after mjsunit.js on
fuzzers for correctness fuzzing.

This is the first step adding deeper pretty printing. Other
adjustments will be added in follow ups.

Bug: chromium:813833
Change-Id: I51168a31e733d54808cb8853a1c90e897acf3791
Reviewed-on: https://chromium-review.googlesource.com/930565
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51481}
2018-02-22 18:33:59 +00:00
Michael Achenbach
22fb961b70 [foozzie] Rename folder to account for new clusterfuzz configs
We'll soon also host other configurations for general fuzzing, not only
correctness fuzzing in the new tools/clusterfuzz folder.

TBR=yangguo@chromium.org

Bug: chromium:813833
Change-Id: Icd966bfec91cc547522bad5d1a842500b554754f
Reviewed-on: https://chromium-review.googlesource.com/930331
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51480}
2018-02-22 17:42:39 +00:00