Bug 138544

Summary: Exception fuzz helper generates incorrect target range
Product: WebKit Reporter: Akos Kiss <akiss>
Component: Tools / TestsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: buildbot, commit-queue, darin, fpizlo, rniwa
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Proposed patch.
darin: commit-queue-
Updated patch none

Akos Kiss
Reported 2014-11-09 09:32:20 PST
Currently, the jsc-stress-test-helpers/js-exception-fuzz script generates targets in the range of 0..($checkCount-1). However, target 0 is never hit, while target 1 is always outside of the outermost try block of the tests, which therefore prints unexpected output and results in false failures when fired at. Additionally, target $checkCount is never generated. An example failure report for target 1: exceptionFuzz.yaml/exceptionFuzz/3d-cube.js.exception-fuzz: iteration(62) target(1): Exception: Error: Exception Fuzz exceptionFuzz.yaml/exceptionFuzz/3d-cube.js.exception-fuzz: iteration(62) target(1): global code@3d-cube.js:7:18 exceptionFuzz.yaml/exceptionFuzz/3d-cube.js.exception-fuzz: Failure for command ../../../.vm/JavaScriptCore.framework/Resources/jsc 3d-cube.js with seed 1415502219, repeat 100: Unexpected state thrown at end for target 1 at ../../../.helpers/js-exception-fuzz line 67, <$testInput> line 4. exceptionFuzz.yaml/exceptionFuzz/3d-cube.js.exception-fuzz: ERROR: Unexpected exit code: 255 The above output is for 3d-cube.js, but all 3 tests in tests/exceptionFuzz can fail like this. Target 1 can be manually triggered by the command: WebKitBuild/Debug/bin/jsc --enableExceptionFuzz=true --fireExceptionFuzzAt=1 Source/JavaScriptCore/tests/exceptionFuzz/3d-cube.js
Attachments
Proposed patch. (1.57 KB, patch)
2014-11-09 09:33 PST, Akos Kiss 		darin: commit-queue-
DetailsFormatted DiffDiff
Updated patch (1.59 KB, patch)
2014-11-09 11:01 PST, Akos Kiss 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Akos Kiss
Comment 1 2014-11-09 09:33:58 PST
Created attachment 241254 [details] Proposed patch.
WebKit Commit Bot
Comment 2 2014-11-09 09:35:46 PST
Attachment 241254 [details] did not pass style-queue: ERROR: Tools/ChangeLog:1: ChangeLog entry has no bug number [changelog/bugnumber] [5] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Darin Adler
Comment 3 2014-11-09 09:56:34 PST
Comment on attachment 241254 [details] Proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=241254&action=review > Tools/ChangeLog:4 > + Need the bug URL (OOPS!). I don’t think we can land this with the commit queue with this line like this. > Tools/ChangeLog:12 > + Currently, the script generates exception fuzz targets in the range of > + 0..($checkCount-1). However, target 0 is never hit, while target 1 is > + always outside of the outermost try block of the tests, which therefore > + prints unexpected output and results in false failures when fired at. > + Additionally, target $checkCount is never generated. This looks right to me, but I am not sufficiently familiar with the exception system to check if this paragraph is correct or not. The code does correctly implement what this paragraph describes.
Akos Kiss
Comment 4 2014-11-09 11:01:49 PST
Created attachment 241256 [details] Updated patch Fixed the ChangeLog. My bad. Sorry.
WebKit Commit Bot
Comment 5 2014-11-09 23:59:30 PST
Comment on attachment 241256 [details] Updated patch Clearing flags on attachment: 241256 Committed r175801: <http://trac.webkit.org/changeset/175801>
WebKit Commit Bot
Comment 6 2014-11-09 23:59:33 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.