The initial support for low level exception handling in Wasm will not
support finally blocks. This decision is taken for both simplicity (
handling finallys is not straightforward if we want try blocks to yield
values), and lack of good use case (clang++ does not need them.) They
may be added in the future once we understand the implications of
having them.

BUG=

Review-Url: https://codereview.chromium.org/2336303002
Cr-Commit-Position: refs/heads/master@{#39393}

With this CL the AstDecoder produces an error if it encounters a
grow_memory instruction in an asmjs module. Additionally asmjs
instructions are not allowed anymore in wasm modules.

BUG=chromium:644674
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2324733002
Cr-Commit-Position: refs/heads/master@{#39339}

BUG=chromium:644182
R=titzer@chromium.org
TEST=module-decoder-unittest.cc:ExportNameWithInvalidStringLength

Review-Url: https://codereview.chromium.org/2310023002
Cr-Commit-Position: refs/heads/master@{#39199}

According to the WebAssembly specification the alignment of load and
store instructions has to be less or equal to natural alignment.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2285643002
Cr-Commit-Position: refs/heads/master@{#39131}

BUG=chromium:642867
R=titzer@chromium.org
TEST=loop-assignment-analysis-unittest.cc:regress_642867

Review-Url: https://codereview.chromium.org/2290233008
Cr-Commit-Position: refs/heads/master@{#39089}

BUG=chromium:642987
R=titzer@chromium.org
TEST=module-decoder-unittest.cc:GlobalWithInvalidNameLength

Review-Url: https://codereview.chromium.org/2301873002
Cr-Commit-Position: refs/heads/master@{#39071}

on architectures that do not support missaligned memory access

BUG=unittests/AstDecoderTest.Float64Const, unittests/AstDecoderTest.Float32Const

Review-Url: https://codereview.chromium.org/2275323002
Cr-Commit-Position: refs/heads/master@{#38941}

This CL fixes the first bug I found with the new fuzzing. The problem is
that the number of locals is unbounded. This CL bounds the number of
locals of one type with 8000000, an arbitrary number.

R=titzer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2271803004
Cr-Commit-Position: refs/heads/master@{#38936}

R=ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2253543003
Cr-Commit-Position: refs/heads/master@{#38658}

------------------------------------------------------------------------

This CL adds support for decoding eh-related wasm opcodes:
* Throw: used for raising an exception; the thrown value lives on top of
         the evaluation stack;
* TryCatch: used to start a try block that has a catch clause;
* TryFinally: used to start a try block that has a finally clause;
* TryCatchFinally: used to start a try block that has both catch and
                   finally clauses;
* Catch <local>: used to start the catch block of a
                 TryCatch/TryCatchFinally block; the thrown value is
                 stored in local <local>; and
* Finally: used to start a finally block of TryFinally/TryCatchFinally.

Three different opcodes are used to start a try block to simplify the
AST construction during bytecode parsing.

BUG=

Review-Url: https://codereview.chromium.org/2222193004
Cr-Commit-Position: refs/heads/master@{#38579}

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2209433002
Cr-Commit-Position: refs/heads/master@{#38262}

This patch updates internal data structures used by V8 to support
multiple indirect function tables (WebAssembly/design#682). But, since
this feature is post-MVP, the functionality is not directly exposed and
parsing/generation of WebAssembly is left unchanged. Nevertheless, it
is being used in an experiment to implement fine-grained control flow
integrity based on C/C++ types.

BUG=

Review-Url: https://codereview.chromium.org/2174123002
Cr-Commit-Position: refs/heads/master@{#38110}

R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2165633006
Cr-Commit-Position: refs/heads/master@{#37945}

R=ahaas@chromium.org, rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2170773003
Cr-Commit-Position: refs/heads/master@{#37939}

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer
LOG=N
R=jpp@chromium.org

Review-Url: https://codereview.chromium.org/2147113002
Cr-Commit-Position: refs/heads/master@{#37733}

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer
LOG=N

Review-Url: https://codereview.chromium.org/2148073002
Cr-Commit-Position: refs/heads/master@{#37731}

R=ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2135693002
Cr-Commit-Position: refs/heads/master@{#37642}

Directs 'use asm' traffic through asm-wasm conversion when --validate-asm is passed.

Adds a builtin that handles the fallback to JS.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=asm-wasm
R=mstarzinger@chromium.org,titzer@chromium.org
LOG=N

Review-Url: https://codereview.chromium.org/2057403003
Cr-Commit-Position: refs/heads/master@{#37470}

Mircea and Andreas have been making changes to wasm.

R=titzer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2103793006
Cr-Commit-Position: refs/heads/master@{#37401}

R=ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2110053002
Cr-Commit-Position: refs/heads/master@{#37387}

When reading malformed input, the length of variable-length types can be very large. Computing operand length with this and adding it to PC will overflow and screw up decode.

This patch switches to unsigned int for arity and lengths, terminates loop analysis on error, adds overflow checking to BranchTableOperand, and adds a unit test.

Review-Url: https://codereview.chromium.org/2052623003
Cr-Commit-Position: refs/heads/master@{#37301}

Implements:
- WebAssembly object,
- WebAssembly.Module constructor,
- WebAssembly.Instance constructor,
- WebAssembly.compile async method,
- and Module and Instance instance objects.

Also, changes ErrorThrower to support capturing errors in a promise reject.

Since we cannot yet compile without fixing the Wasm memory, and cannot validate a module without compiling, the Module constructor and compile method don't do anything yet but checking that their argument is a suitable BufferSource. Instead of a compiled module, the hidden state of a Module object currently is just that buffer.

BUG=

Review-Url: https://codereview.chromium.org/2084573002
Cr-Commit-Position: refs/heads/master@{#37143}

BUG=

Review-Url: https://codereview.chromium.org/2078053002
Cr-Commit-Position: refs/heads/master@{#37110}

Compilation of wasm functions happens before instantiation. Imports are linked afterwards, at instantiation time. Globals and memory are also
allocated and then tied in via relocation at instantiation time.

This paves the way for implementing Wasm.compile, a prerequisite to
offering the compiled code serialization feature.

Currently, the WasmModule::Compile method just returns a fixed array
containing the code objects. More appropriate modeling of the compiled module to come.

Opportunistically centralized the logic on how to update memory
references, size, and globals, since that logic is the exact same on each
architecture, except for the actual storing of values back in the
instruction stream.

BUG=v8:5072

Review-Url: https://codereview.chromium.org/2056633002
Cr-Commit-Position: refs/heads/master@{#37086}

The modifications were necessary to properly represent asm types:

1) fround is no longer an overloaded function.

2) the constructor for MinMaxTypes now takes a return type.

3) Adds pseudo-types for representing the Load/Store types for fp heap views.
BUG=

Review-Url: https://codereview.chromium.org/2069443002
Cr-Commit-Position: refs/heads/master@{#36980}

This CL introduces the new type system for the ASM
type-checker/validator.

BUG=

Review-Url: https://codereview.chromium.org/2045703007
Cr-Commit-Position: refs/heads/master@{#36942}

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=chromium:617884

Review-Url: https://codereview.chromium.org/2044833002
Cr-Commit-Position: refs/heads/master@{#36779}

This removes the last use of the old_functions section, which greatly
simplifies encoding.

R=bradnelson@chromium.org,aseemgarg@chromium.org,mtrofin@chromium.org

BUG=

Review-Url: https://codereview.chromium.org/2014533003
Cr-Commit-Position: refs/heads/master@{#36523}

This interpreter directly decodes and executes WASM binary code for
the purpose of supporting low-level debugging. It is not currently
integrated into the main WASM implementation.

R=ahaas@chromium.org,clemensh@chromium.org,rossberg@chromium.org,binji@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1972153002
Cr-Commit-Position: refs/heads/master@{#36497}

Moved globals offsets calculation to the wasm module decoder, since
this is a property of the module, not of each instance.

Qualified as "const" references to WasmModule outside of the decoder
and some test situations.

BUG=

Review-Url: https://codereview.chromium.org/2005933003
Cr-Commit-Position: refs/heads/master@{#36484}

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1980543002
Cr-Commit-Position: refs/heads/master@{#36292}

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1980483002
Cr-Commit-Position: refs/heads/master@{#36239}

This is a first step to removing the support for the OldFunctions
section altogether, which will greatly simplify the encoder and remove
the need to do local variable remapping in asm->wasm.

R=bradnelson@chromium.org,aseemgarg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1974933002
Cr-Commit-Position: refs/heads/master@{#36228}

R=ahaas@chromium.org,mstarzinger@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1970543003
Cr-Commit-Position: refs/heads/master@{#36174}

R=ahaas@chromium.org,rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1960143002
Cr-Commit-Position: refs/heads/master@{#36112}

This catches malformed code like the following example:

<expr>
<block begin>
<expr>
<binop>
<end>

Which is illegal because the inputs to the binop cross the block boundary.

R=rossberg@chromium.org,ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1961853002
Cr-Commit-Position: refs/heads/master@{#36103}

Because not initializing fields can be, you know, dangerous.

Review-Url: https://codereview.chromium.org/1952703002
Cr-Commit-Position: refs/heads/master@{#36071}

R=ahaas@chromium.org,binji@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1942873002
Cr-Commit-Position: refs/heads/master@{#35964}

R=rossberg@chromium.org,ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1937083002
Cr-Commit-Position: refs/heads/master@{#35941}

[wasm] Binary 11: Swap the order of section name / section length.
[wasm] Binary 11: Shorter section names.
[wasm] Binary 11: Add a prefix for function type declarations.
[wasm] Binary 11: Function types encoded as pcount, p*, rcount, r*
[wasm] Fix numeric names for functions.

R=rossberg@chromium.org,jfb@chromium.org,ahaas@chromium.org
BUG=chromium:575167
LOG=Y

Review-Url: https://codereview.chromium.org/1896863003
Cr-Commit-Position: refs/heads/master@{#35897}