Merged
Conversation
Most of these APIs take in a timezone string or a zoned datetime. I plan to make timezone strings something that can be generated in a future CL. I think with this the Temporal API surface is fully covered. Bug: 439921647 Change-Id: I6a6a6964d8ecaa0c4f2f828a254387488b8f49ab Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8593480 Auto-Submit: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
The Operation.Attributes.isPure option was removed as part of commit a2a7e95. Change-Id: I7e6e293d48f99804b03c579f8cc0eb0765d0b0c4 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8598616 Auto-Submit: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Dominik Klemba <tacet@google.com> Reviewed-by: Dominik Klemba <tacet@google.com>
This adds a new concept: "named strings", which are string-typed objects that are expected to have greater structure. Like options bags, producing generators can be registered for these. Unfortunately I don't have a good way of testing this since I can't see any way to trawl through the generated code other than parsing the output of dumpCurrentProgram(). Seems to work, though. Change-Id: I6a6a6964fef394af4595f0302d785a9c6da27de3 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8593716 Reviewed-by: Carl Smith <cffsmith@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com>
This is the very first step in allowing "full" wasm-gc signatures with indexed reference types as parameters and output types. This only adds an option to define such signatures inside a Wasm type group and use them in a few selected statements like `ref.null` but doesn't adapt any of the complex statements like wasm function definitions, blocks, loops, ... It also doesn't add code generators for signature types, so as a first step they are "ProgramBuilder vaporware" for writing test cases. Bug: 445356784 Change-Id: I5b9d2ff4791fcb09c4c41d4685949d2b6b460685 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8595216 Commit-Queue: Matthias Liedtke <mliedtke@google.com> Reviewed-by: Manos Koukoutos <manoskouk@google.com>
Enums are now tagged with a name. If they are registered on the environment, their type info can even be recovered. This does not make the mutator attempt to stick within the enum. Worth experimenting with separately. Change-Id: I6a6a696493e097d348b58fada0a850881269d064 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8603428 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com>
This adds the necessary logic to resolve self and forward references inside Wasm signatures. Due to the missing usages of these signature types, there aren't great ways to test these features, yet. Bug: 445356784 Change-Id: Icb5b99eff1872d301e6775a64546004d07b046fb Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8602557 Reviewed-by: Manos Koukoutos <manoskouk@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
CodeGenerators are now annotated with the types they produce and the Contexts they provide. This allows us to pick an (almost) arbitrary CodeGenerator and nest it in others such that we can definitely execute it. Add a ContextGraph that makes this assembly possible. Because we now have explicit yield points in CodeGenerators we can remove the buildRecursive method. Bug: 408966832 Change-Id: I0320bdd5fa64bd687cea87075b6607ceb61d779d Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8386801 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Carl Smith <cffsmith@google.com>
These contexts were never required by anything, as such we can just remove them. Change-Id: Ied21ed55ef8c4a0cf860b635fdb2b9b1ea448d86 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8570516 Reviewed-by: Samuel Groß <saelo@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Carl Smith <cffsmith@google.com>
Custom enumerations in Profiles are now registered on the Environment at startup. Change-Id: Id95da20c7ef81a7d1f7377f87c408df27ab086c0 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8609376 Commit-Queue: Carl Smith <cffsmith@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
The BuildLog in the ProgramBuilder needs to be initialized in the initializer. Change-Id: I236abcea185b89de3df09abdc777914e7dd8f619 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8609377 Commit-Queue: Matthias Liedtke <mliedtke@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Carl Smith <cffsmith@google.com> Commit-Queue: Carl Smith <cffsmith@google.com>
This enables parsing and importing some of the syntax provided by the explicit-resource-management feature. The first stage is to parse `using` and `await using` statements and add them to the AST for the fuzzIL compiler. The second stage is to represent them with named variables, similar to other (const, let, var) named variables. We cannot just extend the existing named variables with a few more declaration types, since (async) disposable variables are also separate instructions, to enforce their respective syntactic constraints. This does not yet enable many useful examples though. We do not yet support disposable variables in loops. Nor does the fuzzIL compiler support computed properties yet, which are typically used in conjunction with disposable variables. Bug: 441669678 Change-Id: I63bcf8a8e2ed250c23a3017aab396d777ef9c900 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8552137 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Michael Achenbach <machenbach@google.com>
After a discussion, we are adjusting the flag probabilities. The stable version of Turbolev (--turbolev) is now enabled with a 50% probability. In 82% of those cases, the future version (--turbolev-future) is also enabled, as a result it is never used alone. Change-Id: I8b19b0f16414fd7928040020c9b4045820ef6b41 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8609477 Commit-Queue: Dominik Klemba <tacet@google.com> Auto-Submit: Dominik Klemba <tacet@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Reviewed-by: Darius Mercadier <dmercadier@google.com>
…ed strings Not quite sure if this is the best way to do it. For custom strings we might want to register string-producing generators that can be used here. Change-Id: I6a6a69642074dbd56b8ea52c9d8fe6fab07cf514 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8603432 Commit-Queue: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
With all of the Temporal work done, Intl becomes much, much easier to implement following a similar pattern. Intl generally has more complicated options bags, but relatively simple APIs. Most other Intl APIs can be expected to look like DateTimeFormat: a constructor that takes a locale and an options bag, with a small handful of APIs that return simple things like strings and arrays. These types do not have the annoying cyclic generation problems like Temporal. As usual I added a codegenerator for this since by default it takes a couple steps for ApiMethodCallGenerator to figure out how to find these "namespaced" builtins. Change-Id: I6a6a6964c3995facc844c82dbfa69e03da573c2f Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8601526 Commit-Queue: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Bug: 340777103 Change-Id: I0946794f9517b4839db6f8a303c63bd8ceea3ad3 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8614796 Auto-Submit: Omer Katz <omerkatz@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Omer Katz <omerkatz@google.com>
Change-Id: I6a6a69646624421925b8d0af081e41b41b3676c1 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8613470 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com>
Change-Id: I6a6a6964caab8ab9a9c97b37949bd90cd5bb1561 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8613471 Auto-Submit: Manish Goregaokar <manishearth@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Change-Id: I6a6a696400523afcfcd69f958b9b4c80e624abd2 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8613685 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Manish Goregaokar <manishearth@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com>
MinorMS is on hold for the foreseeable future, there is no active work on it, and the fuzzers haven't found a new issue in it in a ling time. Therefore MinorMS no longer requires extensive fuzzer coverage. Change-Id: I35743813569287ae2bf3fbd52443aadff64ee884 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8620756 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Omer Katz <omerkatz@google.com> Commit-Queue: Omer Katz <omerkatz@google.com>
Change-Id: I6a6a6964954f0f5cf274273760551698663c2b7b Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8616123 Auto-Submit: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
Change-Id: I6a6a69649cf1fd43510fa9a501bf0addb27c2414 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8616124 Auto-Submit: Manish Goregaokar <manishearth@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Change-Id: I6a6a696485ee44adbbbe1b5c7e137e7164d477f9 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8616074 Auto-Submit: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com>
After this we just need to do DisplayNames, which unfortunately needs another custom string generator so I saved it for last. Change-Id: I6a6a69642b4316bd94ea39e92a675bf517202b48 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8616075 Auto-Submit: Manish Goregaokar <manishearth@google.com> Commit-Queue: Manish Goregaokar <manishearth@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Change-Id: I0ed4abed4a3ef0c7e150971ec58f0aae7e5b0982 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8591236 Auto-Submit: Matthias Liedtke <mliedtke@google.com> Reviewed-by: Carl Smith <cffsmith@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
This reverts commit 80ad045. Reason for revert: Crashes when compiling with -c release on 6.0.3. Passes with 6.1.2, so this is likely a swift compiler bug. Reverting for now. Original change's description: > Simplify constrained string generation in code generators > > Change-Id: I0ed4abed4a3ef0c7e150971ec58f0aae7e5b0982 > Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8591236 > Auto-Submit: Matthias Liedtke <mliedtke@google.com> > Reviewed-by: Carl Smith <cffsmith@google.com> > Commit-Queue: Matthias Liedtke <mliedtke@google.com> No-Presubmit: true No-Tree-Checks: true No-Try: true Change-Id: I9a247d5e37c858633ba02d3a540de42853f68a53 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8632856 Commit-Queue: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Matthias Liedtke <mliedtke@google.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
This introduces the PretenureAllocationSiteGenerator to stress V8's garbage collector. The new generator calls the %PretenureAllocationSite intrinsic which promotes the passed object into the old generation heap. Bug: 441469179 Change-Id: Ie764c7e9d2391f319b138c6f0f4f4f8eff529bd9 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8633736 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Dominik Klemba <tacet@google.com>
This adds support for computed class method (static and instance)
to fuzzIL and to the compiler for imports.
Supporting computed getters/setters and indexed methods + indexed
getters/setters is still future work. However, this adds a compiler
test file with the full array of cases that we could support,
not-yet-supported cases commented out for now.
This slightly refactors the compiler AST and shares property keys
for methods and properties, which can have the same structure.
In general, most of the boiler-plate code is similar to the existing
code for BeginClass{Instance|Static}Method with changes for computed
properties similar to BeginClassComputedProperty or
BeginObjectLiteralComputedMethod.
Similar to computed object methods, a caveat is that the typer might
not be able to compute available method names to be called.
Bug: 446634535
BYPASS_LARGE_CHANGE_WARNING: tests for completeness are large
Change-Id: I30a85eadbc0fe466a9fbc7dbfa3bb7aad5b51f7d
Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8614819
Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Commit-Queue: Michael Achenbach <machenbach@google.com>
Some stack-limit-sensitive issues might also run into timeouts more likely. This reduces the stack limit in 10% of the runs to tickle out these situations faster. Change-Id: I5e7c2d4b52a71d34055bb77ce55d8112bc960fdd Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8635956 Commit-Queue: Michael Achenbach <machenbach@google.com> Reviewed-by: Matthias Liedtke <mliedtke@google.com>
Bug: 446634535 Change-Id: I74620e37096f98a1fc9d9e0e71d5ec1d2fd8baca Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8634697 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Michael Achenbach <machenbach@google.com> Commit-Queue: Michael Achenbach <machenbach@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
Change-Id: I899267f93d6eefc6fe77de094987c5ce091816fb Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8634698 Reviewed-by: Michael Achenbach <machenbach@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com> Auto-Submit: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Michael Achenbach <machenbach@google.com>
and document those globals that aren't registered, yet. Change-Id: Iea9be27be5f2f7cdeebb1621d98fe3949ab7b7c5 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8635957 Reviewed-by: Michael Achenbach <machenbach@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
Also upgrade necesary dependencies. Change-Id: I814feab19cf152bef72fe2f71694d4139eaa76f7 Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8636576 Reviewed-by: Matthias Liedtke <mliedtke@google.com> Commit-Queue: Danylo Mocherniuk <mdanylo@google.com>
Author
|
(Force pushed to force it to run GitHub actions, as they weren't enabled until after) |
Author
|
ALL GREEN :-) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.