1. 01 Jun, 2021 1 commit
  2. 30 Jan, 2019 1 commit
  3. 10 Dec, 2018 1 commit
    • Sven Sauleau's avatar
      [wasm] fix js-api Memory and Table constructor · ff6544c5
      Sven Sauleau authored
      Fix and re-enable tests for WebAssembly's memory/constructor and
      table/constructor js-api.
      
      It introduces the '[EnforceRange] unsigned long' algorithm used
      to validate initial and maximum properties.
      
      The initial property is now required, by the switch to the Web IDL
      specification. Most of the input validations errors are now considered
      TypeError instead of RangeError.
      
      The WasmTableObject and WasmMemoryObject APIs use more consistently uint32_t
      to ensure integer range and remove the need for bounds checks.
      
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Bug: v8:8319
      Change-Id: Iedd3ee6484ef688a5e96f93006eb6ca66d805a48
      Reviewed-on: https://chromium-review.googlesource.com/c/1354043
      Commit-Queue: Adam Klein <adamk@chromium.org>
      Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58138}
      ff6544c5
  4. 17 Oct, 2017 1 commit
  5. 26 Jun, 2017 1 commit
    • Clemens Hammacher's avatar
      [wasm] Fix wrong implication · 08fc24b9
      Clemens Hammacher authored
      The implication was actually in the wrong direction: If there is no
      memory start address, then the size must be 0.
      If the size is 0 though, we might allocate nevertheless to have guard
      pages around the accessible memory.
      
      R=ahaas@chromium.org
      BUG=chromium:736584
      
      Change-Id: I297dece658d5eaf69c58ecb109ff21d3ca0b8a8d
      Reviewed-on: https://chromium-review.googlesource.com/548635Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#46221}
      08fc24b9
  6. 23 May, 2017 1 commit
  7. 22 May, 2017 1 commit
    • Clemens Hammacher's avatar
      [wasm] Stricter max memory check · a5449b0f
      Clemens Hammacher authored
      If the maximum number of memory pages is raised using
      --wasm-max-mem-pages, we might allocate more than kMaxInt bytes for
      wasm memory. The byte length is stored as int in JSArrayBuffer, hence
      this can lead to failures.
      Thus, we now additially check against kMaxInt, and fail instantiation
      if this check fails.
      
      Drive-by: Add/fix more bounds checks.
      
      R=ahaas@chromium.org
      BUG=chromium:724846
      
      Change-Id: Id8e1a1e13e15f4aa355ab9414b4b950510e5e88a
      Reviewed-on: https://chromium-review.googlesource.com/509255Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#45465}
      a5449b0f