This will add three gc fuzzing flags with 5% likelihood each to the second
correctness fuzzing config. The random checks are determined by the
top-level random-seed passed to the script.
This change depends on setting the fuzzer random seed as default to the
standard random seed, since the former isn't explicitly passed by
clusterfuzz.
NOTRY=true
TBR=hpayer@chromium.org
Bug: v8:7012
Change-Id: I794dc48bb953b6a95bbc4fc4305ad561bc13b6ee
Reviewed-on: https://chromium-review.googlesource.com/865912
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50577}
The current_cpu value was erroneously removed from the build config json.
In multi-arch builds, each toolchain subdirectory in the build-product
output emits its own build-config json, where current_cpu determines
the architecture type of the sub-build.
Correctness-fuzzer runs could wrongly determined x86 sub-builds as x64.
Bug: chromium:777285
Change-Id: I5104630cd8ebbd263d557fb29771a31a2a1d78c2
Reviewed-on: https://chromium-review.googlesource.com/737797
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48950}
Now that the maximum string length varies between platforms, the
correctness fuzzer is unhappy. It will ignore crashes, so when we know
we have reached platform-dependant behavior just crash if
--abort_on_stack_overflow is enabled.
Also rename abort_on_stack_overflow to
abort_on_stack_or_string_length_overflow.
Bug: chromium:748137
Change-Id: Ie4e96709b90029b5ce3c8408064d928f841b3b9f
Reviewed-on: https://chromium-review.googlesource.com/589269
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47007}
1. Replaces --crankshaft with --opt in tests.
2. Also fixes presubmit to check for --opt flag when
assertOptimized is used.
3. Updates testrunner/local/variants.py and
v8_foozie.py to use --opt flag.
This would mean, nooptimize variant means there are
no optimizations. Not even with %OptimizeFunctionOnNextCall.
Bug:v8:6325
Change-Id: I638e743d0773a6729c6b9749e2ca1e2537f12ce6
Reviewed-on: https://chromium-review.googlesource.com/490206
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44985}
This adds a new "ignition_asm" configuration for the correctness fuzzer.
It is intended to compare execution behavior of asm.js modules (either
valid or invalid) that are translated to WASM, against baseline Ignition
execution. There should be no observable difference between these two
configurations.
R=machenbach@chromium.org
BUG=v8:6127
NOTRY=true
Change-Id: Id3bf8ef8251bf60391876d560f35ddd89818898f
Reviewed-on: https://chromium-review.googlesource.com/479653
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44686}
Removes the --ignition-staging flag since it is no longer used
by anything and won't be a shipping configuration. Also removes
ignition_turbo variant from testrunner, since it is now
the same as the turbofan variant.
BUG=v8:4280
Change-Id: I3b96e986879fc70b8e202fe9496334828acdd0ba
Reviewed-on: https://chromium-review.googlesource.com/452621
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43806}
Also format flags in single lines to make configs easier to read and modify.
BUG=chromium:673246
NOTRY=true
R=mstarzinger@chromium.org,titzer@chromium.org,rmcilroy@chromium.org
Change-Id: If37486c98af161467b639271b035207c3ae1077a
Reviewed-on: https://chromium-review.googlesource.com/452579
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43719}
This should make http://crbug.com/694535 quiet.
BUG=chromium:694535
NOTRY=true
TBR=mstarzinger@chromium.org,jarin@chromium.org
Change-Id: I268c810662b274b45842aa22d840330b5c984277
Reviewed-on: https://chromium-review.googlesource.com/445645
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43349}
With the old logic, a suppression shows up in the statistics independent if the test cases caused a difference or not. This doesn't give a signal if a suppression is useful. The new logic will help cleaning up suppressions that never apply.
BUG=chromium:673246
NOTRY=true
R=tandrii@chromium.orgTBR=mstarzinger@chromium.org,jarin@chromium.org
Change-Id: Iaebdac475f408f7d2649a34ccaa580c8d91e34a5
Reviewed-on: https://chromium-review.googlesource.com/437264
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#42932}
This adds optional multi-architecture builds, allowing to compile
x86 and x64 in one build. The correctness fuzzer can be configured to
compare the two executables, e.g. to compare x86 to x64 run the
launcher with: --second-d8=clang_x86/d8 in an x64 build.
Configuring the executable's architecture is now simplified and
inferred from the gn build configuration.
Building for clusterfuzz has now a new canonical target that can be
used by the infrastructure (defaults to d8).
The clusterfuzz release builder is now defined to compile
multi-arch builds, which will have an effect as soon as the
infrastructure refers to the new clusterfuzz target.
BUG=chromium:673246
NOTRY=true
TBR=mstarzinger,jarin
Review-Url: https://codereview.chromium.org/2649133010
Cr-Commit-Position: refs/heads/master@{#42884}
The results are too noisy ATM. This switches off validate-asm for
default comparisons. We can add back dedicated jobs later that switch
it on.
BUG=chromium:663714
NOTRY=true
TBR=bradnelson@chromium.org,titzer@chromium.org
Review-Url: https://codereview.chromium.org/2640743004
Cr-Commit-Position: refs/heads/master@{#42467}
The new ignition config will be used as baseline comparison in new
jobs, e.g. against ignition_turbo. We'll keep --validate-asm off
in ignition_turbo for now as it is very chatty.
BUG=chromium:673246
NOTRY=true
Review-Url: https://codereview.chromium.org/2640043002
Cr-Commit-Position: refs/heads/master@{#42464}
Continuation of:
https://codereview.chromium.org/2620343005/
This removes usage of metadata files entirely. Instead we extract
the instrumentation about source files from the test cases.
This also adds extra output of the original source file in the
detailed failure text for easier debugging. The hashes alone
made it hard to reason.
BUG=chromium:673246
NOTRY=true
TBR=tandrii@chromium.org,mbarbella@chromium.org
Review-Url: https://codereview.chromium.org/2634743004
Cr-Commit-Position: refs/heads/master@{#42371}
The fuzz test cases now print the original test paths during execution.
This exploits this extra information and reports a hash of only one
original source file from the section that caused a difference.
The hash size is now limited to 3 to avoid possible duplicate
explosion, in case this doesn't work out as expected.
This prepares for patch 3 of:
https://chromereviews.googleplex.com/550337016/
BUG=chromium:673246
NOTRY=true
TBR=tandrii@chromium.org,mbarbella@chromium.org
Review-Url: https://codereview.chromium.org/2620343005
Cr-Commit-Position: refs/heads/master@{#42305}
Reason for revert:
Setting the BAD_BUILDS_CHECK env variable should
be enough. Lets revert this as the code doesn't
look particularly good. There must be another
problem still that needs investigation.
Original issue's description:
> [foozzie] Pass startup test
>
> This makes sure the harness passes when called without test case.
>
> BUG=chromium:673246
> NOTRY=true
> TBR=tandrii@chromium.org,mbarbella@chromium.org
>
> Review-Url: https://codereview.chromium.org/2623743004
> Cr-Commit-Position: refs/heads/master@{#42183}
> Committed: ede2fc1ff0TBR=tandrii@chromium.org,mbarbella@chromium.org,mmoroz@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:673246
Review-Url: https://codereview.chromium.org/2628493003
Cr-Commit-Position: refs/heads/master@{#42189}
This makes sure the metadata is found during minimization. Also renames
the test files to fit the naming pattern.
BUG=chromium:673246
NOTRY=true
TBR=tandrii@chromium.org,mbarbella@chromium.org
Review-Url: https://codereview.chromium.org/2622653002
Cr-Commit-Position: refs/heads/master@{#42150}
Initial version of the correctness fuzzer harness for manual testing
and experiments.
For automated usage, some outstanding TODOs are left in the code. E.g.
- Hash source file names in error case
- Bundle script in out directory with executables
- Some suppressions are tied to already fixed bugs. We'll keep it like that for now to test
removing those suppressions in production later.
BUG=chromium:673246
NOTRY=true
Review-Url: https://codereview.chromium.org/2578503003
Cr-Commit-Position: refs/heads/master@{#41789}