@pth...@chromium.org: PTAL. Are there any known issues left where shared-strings are an issue without shared-string-table?
@paw...@google.com: FYI. Creating shared objects via Wasm is complicated, creating shared JS objects (e.g. `HeapNumber`) via Wasm and passing them back to JS is even more complicated, so this will be a shortcut to start getting some basic coverage for the shared heap. I'll also prepare a Fuzzilli change for this once it has landed. This isn't directly related to the fuzzing of shared-everything-threads which will also cover all the Wasm bits and pieces.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Auto-Submit | +1 |
Commit-Queue | +1 |
[test] Expose %ShareObject() for fuzzing
Fuzzilli-side change: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8695756
I've had 2 instances running for 1 hour each and so far they haven't run into any issues with `--shared-heap` enabled.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
If we want to expose sharing objects to the fuzzer, but only require `--shared-heap`, we should check if `--shared-strings` is enabled in `Object::Share()` if we attempt to share a string (oterhwise we will hit check failures all around).
Are there any known issues left where shared-strings are an issue without shared-string-table?
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Auto-Submit | +1 |
Commit-Queue | +1 |
If we want to expose sharing objects to the fuzzer, but only require `--shared-heap`, we should check if `--shared-strings` is enabled in `Object::Share()` if we attempt to share a string (oterhwise we will hit check failures all around).
Are there any known issues left where shared-strings are an issue without shared-string-table?
No *known* issues.
Ah, yeah, I guess I'll just bake the assumption into the native function? IIUC using only `--shared-heap` is kind of an uninteresting configuration and my Fuzzilli change will always set either `--shared-strings` or `--shared-string-table` whenever it sets `--shared-heap`. (I don't think we care much about `--shared-string-table` right now but that's already being fuzzed by Fuzzilli, so I don't see a reason to reduce the coverage there.)
No *known* issues.
That's what the fuzzing is for. 😊
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Fuzzilli-side change: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8695756
I've had 2 instances running for 1 hour each and so far they haven't run into any issues with `--shared-heap` enabled.
Resolving.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Code-Review | +1 |
CHECK_UNLESS_FUZZING(v8_flags.shared_string_table || v8_flags.shared_strings);
nit: `shared_string_table` will always imply `shared_strings`, as `shared_strings` is a requirement for `shared_string_table`, so checking for only `shared_strings` here would be enough.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Auto-Submit | +1 |
Commit-Queue | +2 |
CHECK_UNLESS_FUZZING(v8_flags.shared_string_table || v8_flags.shared_strings);
nit: `shared_string_table` will always imply `shared_strings`, as `shared_strings` is a requirement for `shared_string_table`, so checking for only `shared_strings` here would be enough.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
3 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: src/runtime/runtime-test.cc
Insertions: 3, Deletions: 4.
@@ -2122,10 +2122,9 @@
HandleScope scope(isolate);
CHECK_UNLESS_FUZZING(args.length() == 1);
CHECK_UNLESS_FUZZING(v8_flags.shared_heap);
- // String sharing requires either a shared string table or at least shared
- // strings. For simplicity, this runtime function only shares any object if
- // one of the two flags are present.
- CHECK_UNLESS_FUZZING(v8_flags.shared_string_table || v8_flags.shared_strings);
+ // String sharing needs to be enabled explicitly. For simplicity, this runtime
+ // function only shares any object if shared strings are enabled.
+ CHECK_UNLESS_FUZZING(v8_flags.shared_strings);
if (IsSmi(args[0])) return args[0];
CHECK_UNLESS_FUZZING(IsHeapObject(args[0]));
Handle<HeapObject> obj = args.at<HeapObject>(0);
```
[test] Expose %ShareObject() for fuzzing
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |