1. 31 Jan, 2022 1 commit
  2. 27 Jan, 2022 2 commits
    • Manos Koukoutos's avatar
      [wasm-gc] Implement iso-recursive types · fe531e1f
      Manos Koukoutos authored
      This CL replaces the equirecursive type system for wasm-gc with the
      isorecursive hybrid type system presented here:
      https://github.com/WebAssembly/gc/issues/257.
      
      In broad strokes, this includes the following changes:
      - In the module decoder, remove equirecursive types. Implement recursive
        type groups, subtype definitions, and function/struct/array
        definitions. Treat nominal modules as syntactic sugar of an
        isorecursive module, where all types belong in the same recursive
        group.
      - Remove rtt.sub and all related infrastructure.
      - Change subtyping to work with explicit supertypes only.
      - Add ValidSubtypeDefinition in subtyping, to check that subtype
        declarations are valid during decoding.
      - Remove the subtyping cache.
      - Add support for functions to have specific signature index in
        WasmModuleBuilder and in test-gc.cc.
      - Adapt tests.
      
      Current restrictions:
      - Recursive groups are not stored beyond decoding.
      - Type canonicalization is not implemented. No tests relying on types
        being considered identical post-canonicalization.
      - No cross-module subtyping is possible. Tests relying on cross-module
        subtyping have been commented out.
      
      Bug: v8:7748
      Change-Id: I69fd04ecc5611f6230c95d5c89d1c520163fffae
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416239Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#78816}
      fe531e1f
    • Manos Koukoutos's avatar
      [wasm] Small refactoring for module types · 9566a6e3
      Manos Koukoutos authored
      Changes:
      - Introduce {TypeDefinition} for wasm modules.
      - Introduce an enum {TypeDefinition::Kind} to represent the three
        different definition types.
      - Collapse the {types}, {type_kinds} and {supertypes} vectors into a
        single vector of {TypeDefinition}s.
      - Use {TypeDefinition} in WasmModuleBuilder.
      - Drive-by: Remove {kNullIndex} in WasmModuleBuilder.
      - Drive-by: Tidy-up wasm-module.h.
      
      Change-Id: I97c2c268bcad745176243c693cf169bfa5714f94
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416233Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#78813}
      9566a6e3
  3. 13 Dec, 2021 1 commit
  4. 05 Nov, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm][fuzzer] Complex init. expressions in JS testcase · 74d9a764
      Manos Koukoutos authored
      We enable struct.new and array.init initializer expressions in the JS
      testcase generated by --wasm-fuzzer-gen-test. We needed to make some
      changes in the WasmInitExpr class, and to implement a new interface for
      the WasmFullDecoder, which constructs a WasmInitExpr.
      Changes:
      - Make WasmInitExpr a ZoneObject. Use a pointer for its operands_ field.
        This is needed so WasmInitExpr is trivially copiable, and thus usable
        as a Value type in WasmFullDecoder.
      - Implement a WasmFullDecoder interface in wasm-fuzzer-common that
        constructs a WasmInitExpr. Use it to decode initializers in the
        module generated by the fuzzer.
      - Change AppendInitExpr to take a WasmInitExpr as argument.
      - Fix an issue with printing of struct definitions.
      - Change initializer expression used for structs to struct.new_with_rtt.
        This is consistent with the currently used structural types.
      
      Bug: v8:11954
      Change-Id: I65a87cc98701a54f32500be192b3b6eef2ff6c8c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257712Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#77730}
      74d9a764
  5. 28 Sep, 2021 1 commit
  6. 24 Sep, 2021 1 commit
  7. 20 Sep, 2021 1 commit
  8. 15 Sep, 2021 1 commit
  9. 31 Aug, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm] Support reftypes tables in WasmModuleBuilder · 797e4afe
      Manos Koukoutos authored
      WasmModuleBuilder is a class that is used to build Wasm modules in the
      asm.js parser, in the fuzzer, as well as some tests. When it comes to
      Wasm tables, WasmModuleBuilder currently supports only basic tables
      (before the reftypes proposal) using an ad-hoc indirect-function index
      vector.
      This CL adds proper support for element sections and tables that use
      them in the full potential of the reftypes extension. The new
      functionality will only be used in the fuzzer and potentially some tests
      in the future. Along this, we drop some functionality from
      WasmModuleBuilder that was only used in tests and is redundant with the
      new architecture.
      Additionally, we remove tables other than externref and funcref from the
      fuzzer (which were not supported properly or used anyway). We will
      reintroduce them at a later time.
      
      Bug: v8:11954
      Change-Id: I0a4f6e7b63b6e3d9f7da03b5202fbf14d8678332
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3122162
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#76597}
      797e4afe
  10. 27 Aug, 2021 1 commit
  11. 29 Jul, 2021 1 commit
  12. 07 Jul, 2021 1 commit
    • Manos Koukoutos's avatar
      [fuzzer] Add support for reference types and simd · 52acb3d2
      Manos Koukoutos authored
      Changes:
      - Add reference types and simd to GetValueType().
      - Generalize BlockScope to handle reference types. Add EmitValueType()
        to WasmFunctionBuilder.
      - Constrain local_op and global_op to non-simd numeric types.
      - Add GenerateOneOf() for functions that need a heap type. Add
        GenerateOptRef(). Add ref_null, get_local_opt_ref as options for
        GenerateOptRef().
      - Remove the numeric conversion logic from ConsumeAndGenerate.
      
      Bug: v8:11954
      Change-Id: Idebae4a537326bdc03ac2f5e9c69a519f196938c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009456
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#75614}
      52acb3d2
  13. 18 Jun, 2021 1 commit
  14. 14 Jun, 2021 1 commit
  15. 09 Jun, 2021 1 commit
  16. 08 Jun, 2021 1 commit
  17. 02 Jun, 2021 1 commit
  18. 05 May, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm] Complete element segment features for reftypes/typed-funcref · 37579df7
      Manos Koukoutos authored
      Main changes:
      - Allow global.get in elements segments with expressions-as-elements.
      - Allow element segments with types other than funcref.
      
      Detailed changes:
      - Move WasmInitExpr to its own file. Add stream opearator << support.
      - Simplify type of PrintCollection.
      - Make WasmElemSegment use an array of WasmInitExpr's over the previous
        ad-hoc implementation. Move null_index to WasmModuleBuilder.
      - Refactor consume_element_segment_header. Make it return a
        WasmElemSegment.
      - Refactor consume_element_expr. Make it return a WasmInitExpr.
      - Refactor DecodeElementSection. Make it invoke
        consume_element_segment_header, then populate its element array.
      - Update module-instantiate.cc to handle global.get elements.
      - Fix bug in wasm-objects.cc where the wrong type index was passed into
        module()->has_signature()
      - Adapt and add tests.
      
      Change-Id: I5abfbe424dbb750ee2dca59f91c451ffcb79f95f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857959
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#74374}
      37579df7
  19. 22 Mar, 2021 1 commit
  20. 05 Mar, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm-gc] Implement non-nullable function tables · e3acd9f8
      Manos Koukoutos authored
      This adds the possibility to define non-nullable function tables of heap
      types kFunc and user-defined functions. When such table is defined, it
      is obligatory to provide an initializer expression after its limits.
      Currently, this can only be a function reference.
      
      Changes:
      - Change WasmTableObject::raw_type to encode the whole entry type.
      - Restructure call_indirect to load the signature only if needed, and
        do null checks only if needed.
      - Add the requirement to provide an initializer expression for
        non-nullable tables in module-decoder.
      - Rename "global initializer" -> "initializer expression" everywhere.
      - Add table initialization in module-instantiate.
      - Edit both the C++ and JS WasmModuleBuilder.
      - Add and slightly improve tests.
      - Format wasm-module-builder.js.
      
      Bug: v8:9495
      Change-Id: I7453ee7d567afd5b5fe48a4f1653513787cfe99a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2732673
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#73215}
      e3acd9f8
  21. 22 Feb, 2021 1 commit
  22. 17 Feb, 2021 1 commit
  23. 01 Feb, 2021 1 commit
  24. 28 Jan, 2021 1 commit
  25. 27 Jan, 2021 1 commit
    • Manos Koukoutos's avatar
      Reland "[wasm-gc] Remove abstract rtts" · d3b41d07
      Manos Koukoutos authored
      This is a reland of b77deeca
      
      Changes compared to original: Add explicit narrowing casts in tests
      for MSVC.
      
      Original change's description:
      > [wasm-gc] Remove abstract rtts
      >
      > In the latest wasm-gc spec, rtts of abstract types are no longer
      > allowed. Consequently, canonical rtts of concrete types always have
      > a depth of 0.
      >
      > Changes:
      > - Change the immediate argument of rtts to a type index over a heap
      >   type. Abstract it with TypeIndexImmediate in function body decoding.
      >   This affects:
      >   value_type.h, read_value_type(), decoding of relevant opcodes,
      >   wasm subtyping, WasmInitExpr, consume_init_expr(), and
      >   wasm-module-builder.cc.
      > - In function-body-decoder-impl.h, update rtt.canon to always produce
      >   an rtt of depth 0.
      > - Pass a unit32_t type index over a HeapType to all rtt-related
      >   utilities.
      > - Remove infrastructure for abstract-type rtts from the wasm compilers,
      >   setup-heap-internal.cc, roots.h, and module-instantiate.cc.
      > - Remove ObjectReferenceKnowledge::rtt_is_i31. Remove related branches
      >   from ref.test, ref.cast and br_on_cast implementations in the wasm
      >   compilers.
      > - Remove unused 'parent' field from WasmTypeInfo.
      > - Make the parent argument optional in NewWasmTypeInfo, CreateStructMap,
      >   and CreateArrayMap.
      > - Use more convenient arguments in IsHeapSubtypeOf.
      > - Update tests.
      >
      > Bug: v8:7748
      > Change-Id: Ib45efe0741e6558c9b291fc8b4a75ae303146bdc
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642248
      > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#72321}
      
      Bug: v8:7748
      Change-Id: I22b204b486fd185077cd6c7f15d492f5143f48fe
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2650207
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#72355}
      d3b41d07
  26. 26 Jan, 2021 2 commits
    • Clemens Backes's avatar
      Revert "[wasm-gc] Remove abstract rtts" · f30c2681
      Clemens Backes authored
      This reverts commit b77deeca.
      
      Reason for revert: MSVC compile fails: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win64%20-%20msvc/16535/overview
      
      Original change's description:
      > [wasm-gc] Remove abstract rtts
      >
      > In the latest wasm-gc spec, rtts of abstract types are no longer
      > allowed. Consequently, canonical rtts of concrete types always have
      > a depth of 0.
      >
      > Changes:
      > - Change the immediate argument of rtts to a type index over a heap
      >   type. Abstract it with TypeIndexImmediate in function body decoding.
      >   This affects:
      >   value_type.h, read_value_type(), decoding of relevant opcodes,
      >   wasm subtyping, WasmInitExpr, consume_init_expr(), and
      >   wasm-module-builder.cc.
      > - In function-body-decoder-impl.h, update rtt.canon to always produce
      >   an rtt of depth 0.
      > - Pass a unit32_t type index over a HeapType to all rtt-related
      >   utilities.
      > - Remove infrastructure for abstract-type rtts from the wasm compilers,
      >   setup-heap-internal.cc, roots.h, and module-instantiate.cc.
      > - Remove ObjectReferenceKnowledge::rtt_is_i31. Remove related branches
      >   from ref.test, ref.cast and br_on_cast implementations in the wasm
      >   compilers.
      > - Remove unused 'parent' field from WasmTypeInfo.
      > - Make the parent argument optional in NewWasmTypeInfo, CreateStructMap,
      >   and CreateArrayMap.
      > - Use more convenient arguments in IsHeapSubtypeOf.
      > - Update tests.
      >
      > Bug: v8:7748
      > Change-Id: Ib45efe0741e6558c9b291fc8b4a75ae303146bdc
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642248
      > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#72321}
      
      TBR=ulan@chromium.org,jkummerow@chromium.org,manoskouk@chromium.org
      
      Change-Id: I2f0d97f1a34f7c81c5a97d7c37925cb84c66eea3
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7748
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2650206Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#72322}
      f30c2681
    • Manos Koukoutos's avatar
      [wasm-gc] Remove abstract rtts · b77deeca
      Manos Koukoutos authored
      In the latest wasm-gc spec, rtts of abstract types are no longer
      allowed. Consequently, canonical rtts of concrete types always have
      a depth of 0.
      
      Changes:
      - Change the immediate argument of rtts to a type index over a heap
        type. Abstract it with TypeIndexImmediate in function body decoding.
        This affects:
        value_type.h, read_value_type(), decoding of relevant opcodes,
        wasm subtyping, WasmInitExpr, consume_init_expr(), and
        wasm-module-builder.cc.
      - In function-body-decoder-impl.h, update rtt.canon to always produce
        an rtt of depth 0.
      - Pass a unit32_t type index over a HeapType to all rtt-related
        utilities.
      - Remove infrastructure for abstract-type rtts from the wasm compilers,
        setup-heap-internal.cc, roots.h, and module-instantiate.cc.
      - Remove ObjectReferenceKnowledge::rtt_is_i31. Remove related branches
        from ref.test, ref.cast and br_on_cast implementations in the wasm
        compilers.
      - Remove unused 'parent' field from WasmTypeInfo.
      - Make the parent argument optional in NewWasmTypeInfo, CreateStructMap,
        and CreateArrayMap.
      - Use more convenient arguments in IsHeapSubtypeOf.
      - Update tests.
      
      Bug: v8:7748
      Change-Id: Ib45efe0741e6558c9b291fc8b4a75ae303146bdc
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642248
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#72321}
      b77deeca
  27. 16 Nov, 2020 1 commit
    • Jakob Kummerow's avatar
      [wasm-gc] Fix several bugs · 7e533de1
      Jakob Kummerow authored
      - allow arrays to be allocated in LargeObjectSpace
      - check requested array allocation length against maximum
      - fix array element offsets for pointer-typed elements
      - fix GC handling of arrays when there are forwarding pointers
      - module builder: fix rtt.sub global initializer expressions
      - debug printing: print "UNIMPLEMENTED" instead of crashing
      - WasmGCTester: make some exceptions easier to diagnose
      
      Bug: v8:7748, chromium:1141376
      Change-Id: Ie0281658748f3dd5e5d90d85bab78f0ea2fc3865
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534815Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#71208}
      7e533de1
  28. 05 Oct, 2020 1 commit
  29. 24 Sep, 2020 1 commit
    • Clemens Backes's avatar
      [wasm][memory64] Start implementing the memory64 proposal · 18da0875
      Clemens Backes authored
      This is a first small step for implementing the memory64 proposal:
      1. Add a feature flag.
      2. Add the 0x04 and 0x05 limits flag for memory64.
      3. Read memory limits as LEB-encoded u64 (instead of u32) if a memory64
         limit flag was read.
      4. Unify {MaximumFlag} and {MemoryFlag}, which was used inconsistently
         before.
      5. Add test for memory limits encoded with >5 bytes.
      6. Move some macros from module-decoder-unittest.cc to wasm-macro-gen.h.
      
      Note that still the same limits for the maximum number of pages applies
      as before, i.e. you cannot specify a memory >4GB yet. But you can encode
      that small number in >5 bytes.
      
      R=manoskouk@chromium.org
      
      Bug: v8:10949
      Change-Id: I90a4f08426ae714a67440281785eb00cfc24a349
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2423712
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70110}
      18da0875
  30. 24 Jul, 2020 1 commit
  31. 21 Jul, 2020 1 commit
  32. 15 Jul, 2020 1 commit
  33. 10 Jul, 2020 2 commits
  34. 09 Jul, 2020 2 commits
    • Manos Koukoutos's avatar
      [wasm-gc] Preparation for rtt global initializers · 8b9c2ac3
      Manos Koukoutos authored
      Motivation: With rtt.sub now allowed in constant expressions, we have
      to generalize WasmInitExpr to be able to handle expressions with
      operands. This is the second CL that prepares the ground for this
      change.
      
      Changes:
      - Remove the error from read-value-type when reading a generic rtt.
      - Add validation for HeapTypeImmediate in ModuleDecoder. Use it to
        validate null constants immediates, which was missing. Add tests.
      - Change ValueType::name to print rtt depths as integers.
      - Move global initializer building in wasm-module-builder to its own
        function.
      
      Bug: v8:7748
      Change-Id: Ic041e1c7d032f2a1063a21fec1bfe96cb0d8120e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284983
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68767}
      8b9c2ac3
    • Manos Koukoutos's avatar
      [wasm-gc] Refactoring in preparation of generalizing WasmInitExpr · 01e59c4b
      Manos Koukoutos authored
      Motivation: With rtt.sub now allowed in constant expressions, we have
      to generalize WasmInitExpr to be able to handle expressions with
      operands. This CL prepares the ground for this change and adds no
      functionality.
      
      Changes:
      - ValueType::heap_representation and HeapType::representation now
        return HeapType::Representation.
      - Add ValueType::is_rtt().
      - WasmInitExpr:
        - Make kind private. Rename val -> operator, make it private. Add
          accessors.
        - Rename kGlobalIndex -> kGlobalGet.
        - Squash global_index and function_index into index.
        - Add heap_type Immediate. Use it for RefNullConst. TypeOf in
          module-decoder.cc can now fully determine the type of a
          WasmInitExpr.
        - Add class constructors/static method constructors for each Operator
          kind.
        - Delete copy constructor. WasmInitExpr will use std::unique_ptr for
          its operands.
      - consume_init_expr now uses a stack.
      - A few minor improvements.
      
      Bug: v8:7748
      Change-Id: I3ba3ee7ac2d6bc58e887790c37110ceb80658985
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284483
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68759}
      01e59c4b
  35. 01 Jul, 2020 1 commit
    • Manos Koukoutos's avatar
      [wasm] Properly implement parsing of s33 values · 5df74c35
      Manos Koukoutos authored
      Motivation:
      We used to approximate s33/i33 value parsing by first checking for
      specific negative codes, and then parsing an u32 value if that failed.
      This is not correct in all cases.
      
      Changes:
      - Implement i33 parsing in Decoder.
      - Factor out parsing of heap types into read_heap_type.
      - Introduce HeapType::kBottom.
      - Introduce helper functions in WasmFeatures and value_type_reader.
      - Remove macros from the parsing of value types.
      - HeapType::code now returns an i32 for compatibility with the i33
        requirement.
      - Introduce HeapType::Repr.
      - Renamings: HeapType::type() -> representation(),
                   ValueType::heap() -> heap_representation()
      
      Bug: v8:7748
      Change-Id: I04deabce8837a48af2226411cd706a397f9e5725
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2274118
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#68633}
      5df74c35
  36. 29 Jun, 2020 1 commit