Skip to content

V
V8
Switch branch/tag
  1. 07 Jul, 2022 1 commit
  3. 06 Jul, 2022 2 commits
    • Clemens Backes's avatar
      [wasm][streaming] Check section order of code section · e4f07c09
      Clemens Backes authored 
      The streaming decoder did not properly check the ordering of sections
relative to the code section.
This CL fixes that for both empty and non-empty code sections.
The special path for empty code sections is not actually needed, so
remove it to simplify code paths.

Drive-by:
1. Refactor the existing code for checking section ordering to make it
   more structured and readable.
2. Ensure that we either call {DecodeCodeSection} or {StartCodeSection},
   but not both.
3. Remove {set_code_section}, merge it into {StartCodeSection}.
4. Simplify calls to {CalculateGlobalOffsets} (make them unconditional
   and remove one redundant one).

R=ahaas@chromium.org

Bug: chromium:1336380
Change-Id: Ia2c5c115d43d2b5315e3b3c9e4a21175a36aa326
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747860Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81554}
      e4f07c09
    • Jakob Kummerow's avatar
      [wasm] Fix linking of "SectionName()" · d1a6638a
      Jakob Kummerow authored 
      Speculative fix as I can't repro the failures locally.

Change-Id: I0a06ee02435e5131c44c7b4bef142cb4385d3243
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747861
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81549}
      d1a6638a
  5. 05 Jul, 2022 3 commits
  7. 01 Jul, 2022 1 commit
  9. 30 Jun, 2022 2 commits
    • Jakob Kummerow's avatar
      [wasm] AdaptiveMap for DecodedNameSection · 838a220c
      Jakob Kummerow authored 
      This is a performance improvement; no change in functional
behavior is intended.
AdaptiveMap is an abstraction over a std::map or a std::vector:
after being initialized iteratively with a set of entries, it
can switch to dense vector-based storage if that would be more
efficient.
The motivation is that we expect most name sections, if they
are present at all, to give fairly complete information, so the
dense mode will likely be the typical case. However, it's easy
enough to support sparse mode as well, and parsing the name
section into a std::map at first is particularly convenient for
cases where we can't guess the expected number of entries, such
as for function locals.

Change-Id: Ia17f27576a3061eb05c912f7081411d6f38137e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726150Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81474}
      838a220c
    • Manos Koukoutos's avatar
      [wasm] Simplify {Result} · 9d642b11
      Manos Koukoutos authored 
      Change-Id: I6e84533581917afe90796265c563868fa1ab4448
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3734810
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81464}
      9d642b11
  11. 29 Jun, 2022 1 commit
  13. 27 Jun, 2022 1 commit
  15. 16 Jun, 2022 1 commit
  17. 10 Jun, 2022 1 commit
    • Clemens Backes's avatar
      [wasm][streaming] Check for illegal section code · 436f0889
      Clemens Backes authored 
      Add a missing check to reject illegal sections.

The test is added in three forms, to give fuzzers more food: A fuzzer
regression test for the streaming fuzzer, a unit test for the streaming
decoder, and an mjsunit test for streaming compilation.

Drive-by: Remove a redundant line in the synchronous decoder (this is
already handled by the following statement.

R=ahaas@chromium.org

Bug: chromium:1335023
Change-Id: Ic8c3b301f1b58981c7d68eafcffc89531ed2c64c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3698549Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81071}
      436f0889
  19. 08 Jun, 2022 1 commit
  21. 07 Jun, 2022 1 commit
  23. 20 May, 2022 1 commit
  25. 13 May, 2022 2 commits
  27. 08 Apr, 2022 2 commits
  29. 31 Mar, 2022 1 commit
    • Manos Koukoutos's avatar
      Reland "[wasm-gc] Implement isorecursive canonicalization" · cfa8d0b3
      Manos Koukoutos authored 
      This is a reland of commit e76ad5c6

Changes compared to original:
- Move invocation of LAZY_INSTANCE_INITIALIZER to a static global
  variable, as some builds were failing with a function-level static.
- Drive-by: Improve documentation a bit.

Original change's description:
> [wasm-gc] Implement isorecursive canonicalization
>
> This implements isorecursive canonicalization for static types.
>
> Not implemented in this CL:
> - Runtime type canonicalization.
> - Cross-module signature canonicalization for purposes of call_indirect.
>
> Bug: v8:7748
> Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79665}

Bug: v8:7748
Change-Id: I493fba1906491762f7d8bae50108e3e4a743391d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560480Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79692}
      cfa8d0b3
  31. 30 Mar, 2022 2 commits
  33. 24 Mar, 2022 1 commit
  35. 01 Mar, 2022 1 commit
  37. 25 Feb, 2022 1 commit
  39. 31 Jan, 2022 1 commit
  41. 27 Jan, 2022 2 commits
    • Manos Koukoutos's avatar
      [wasm-gc] Implement iso-recursive types · fe531e1f
      Manos Koukoutos authored 
      This CL replaces the equirecursive type system for wasm-gc with the
isorecursive hybrid type system presented here:
https://github.com/WebAssembly/gc/issues/257.

In broad strokes, this includes the following changes:
- In the module decoder, remove equirecursive types. Implement recursive
  type groups, subtype definitions, and function/struct/array
  definitions. Treat nominal modules as syntactic sugar of an
  isorecursive module, where all types belong in the same recursive
  group.
- Remove rtt.sub and all related infrastructure.
- Change subtyping to work with explicit supertypes only.
- Add ValidSubtypeDefinition in subtyping, to check that subtype
  declarations are valid during decoding.
- Remove the subtyping cache.
- Add support for functions to have specific signature index in
  WasmModuleBuilder and in test-gc.cc.
- Adapt tests.

Current restrictions:
- Recursive groups are not stored beyond decoding.
- Type canonicalization is not implemented. No tests relying on types
  being considered identical post-canonicalization.
- No cross-module subtyping is possible. Tests relying on cross-module
  subtyping have been commented out.

Bug: v8:7748
Change-Id: I69fd04ecc5611f6230c95d5c89d1c520163fffae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416239Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78816}
      fe531e1f
    • Manos Koukoutos's avatar
      [wasm] Small refactoring for module types · 9566a6e3
      Manos Koukoutos authored 
      Changes:
- Introduce {TypeDefinition} for wasm modules.
- Introduce an enum {TypeDefinition::Kind} to represent the three
  different definition types.
- Collapse the {types}, {type_kinds} and {supertypes} vectors into a
  single vector of {TypeDefinition}s.
- Use {TypeDefinition} in WasmModuleBuilder.
- Drive-by: Remove {kNullIndex} in WasmModuleBuilder.
- Drive-by: Tidy-up wasm-module.h.

Change-Id: I97c2c268bcad745176243c693cf169bfa5714f94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416233Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78813}
      9566a6e3
  43. 24 Jan, 2022 1 commit
    • Manos Koukoutos's avatar
      [wasm-gc] Preliminary changes for array.init_from_data · 3f17f96f
      Manos Koukoutos authored 
      Changes:
- Rename kWasmTrapDataSegmentDropped to the more accurate ~OutOfBounds.
- Drop unused argument from {WasmCompiler::ArrayInit}.
- Rename {Factory::NewWasmArray} -> NewWasmArrayFromElements.
- Add error handling to {InitExprInterface}.
- Allow the data count section to appear anywhere in the module under
  --experimental-wasm-gc. Add the same capability in
  wasm-module-builder.js.
- Add {WasmArray::MaxLength(uint32_t element_size_log2)}.
- Add kTrapArrayTooLarge in wasm-module-builder.js.
- Small test improvements in gc-nominal.js.

Bug: v8:7748
Change-Id: I68ca0e8b08f906503f0d82e5866395018d216382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401593Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78730}
      3f17f96f
  45. 19 Jan, 2022 1 commit
    • Manos Koukoutos's avatar
      Reland "[wasm] Various small cleanups/fixes" · 069d62eb
      Manos Koukoutos authored 
      This is a reland of f1c2a208

Changes compared to original:
Revert test change which used simd and caused problems in multiple test
configurations.

Original change's description:
> [wasm] Various small cleanups/fixes
>
> Changes:
> - Fix a bug in objects-printer where array elements were not treated as
>   tagged pointers.
> - Fix a few TODOs, mainly in the wasm interpreter.
> - Improve documentation, small refactorings.
>
> Change-Id: I1d70ad454b3a0693b9b784b17395434d81d01b61
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3383136
> Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78656}

Change-Id: I91f4fed5fbc91acb8b42413a6f40a8202bd43096
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398111Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78677}
      069d62eb
  47. 18 Jan, 2022 1 commit
    • Maya Lekova's avatar
      Revert "[wasm] Various small cleanups/fixes" · b1e12d70
      Maya Lekova authored 
      This reverts commit f1c2a208.

Reason for revert: Breaks some tests on no-sse configuration, please see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/45243/overview

Original change's description:
> [wasm] Various small cleanups/fixes
>
> Changes:
> - Fix a bug in objects-printer where array elements were not treated as
>   tagged pointers.
> - Fix a few TODOs, mainly in the wasm interpreter.
> - Improve documentation, small refactorings.
>
> Change-Id: I1d70ad454b3a0693b9b784b17395434d81d01b61
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3383136
> Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78656}

Change-Id: Ic698177259bb14b4c251a4212c79cc0d945b07f8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398109
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Owners-Override: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78657}
      b1e12d70
  49. 17 Jan, 2022 1 commit
  51. 12 Jan, 2022 1 commit
  53. 10 Jan, 2022 1 commit
    • Manos Koukoutos's avatar
      Reland "[wasm] Fast paths in EvaluateInitExpression" · 05f6d3f9
      Manos Koukoutos authored 
      This is a reland of be6bd4f4.
The reason for revert was two bots timing out. On further inspection,
the timeouts seem unrelated.

Original change's description:
> [wasm] Fast paths in EvaluateInitExpression
>
> We add fast paths for the most common types of expressions in
> {EvaluateInitExpression} to improve instantiation time. We fall back to
> full expression decoding for less common operators, or for expressions
> with operands.
>
> Bug: chromium:1284557
> Change-Id: I39a1816176974058b801cdad6eaaa6da156cea04
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3367627
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78497}

Bug: chromium:1284557
Change-Id: I209458c1fa36ae41899434b90759ebe3fe5e2a57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3375545Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78529}
      05f6d3f9
  55. 05 Jan, 2022 2 commits
  57. 04 Jan, 2022 2 commits
    • Manos Koukoutos's avatar
      [wasm] Unify treatment of expressions in elem. segments · e9440c45
      Manos Koukoutos authored 
      We unify the implementation of element segment expression entries with
other initializer expressions: we represent them with a {WireBytesRef}
and decode them with {InitExprInterface}. Except for reducing code
duplication, this also fixes a bug where {global.get} entries in element
segments could reference invalid globals.

Changes:
- Change {WasmElemSegment::Entry} to a union of a {WireBytesRef}
  initializer expression and a {uint32_t} function index.
- In module-decoder, change parsing of expression entries to use
  {consume_init_expr}. Add type checking to
  {consume_element_func_index}, to complement type checking happening in
  {consume_init_expr}.
- In module-instantiate.cc:
  - Move instantiation of indirect tables before loading of element
    segments. This way, when we call {UpdateDispatchTables} in
    {SetTableEntry}, the indirect table for the current table will also
    be updated.
  - Consolidate table entry instantiation into {SetTableEntry}, which
    handles lazily instantiated functions, or dispatches to
    {WasmTableObject::Set}.
  - Rename {InitializeIndirectFunctionTables} to
    {InitializeNonDefaultableTables}.
  - Change {InitializeNonDefaultableTables} and {LoadElemSegmentImpl}
    to use {EvaluateInitExpression}.
- Add a test to exclude mutable/non-imported globals from the element
  section.
- Update tests as needed.
- Update .js module emission in wasm-fuzzer-common.

Change-Id: I29c541bbca8531e8d0312ed95869c8e78a5a0c57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364082Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78476}
      e9440c45
    • Manos Koukoutos's avatar
      [wasm] Refactoring ahead of element segment changes · 226b8c86
      Manos Koukoutos authored 
      See related CL for context.

Changes:
- In InitExprInterface, add the ability to evaluate function references
  as index only. Remove the global buffers and use the ones passed with
  the instance object instead.
- In WasmElemSegment, add a field indicating if elements should be
  parsed as expressions or indices. Change module-decoder.cc to reflect
  this change.
- In module-instantiate, change the signatures of LoadElemSegment,
  LoadElemSegmentImpl, and EvaluateInitExpr. Move the latter out of
  InstanceBuilder.

Change-Id: I1df54393b2005fba49380654bdd40429bd4869dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364081Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78470}
      226b8c86
  59. 13 Dec, 2021 1 commit