[wasm] Sync wasm-module-builder.js back to spec version

In particular, remove {toUint8Array} method and make {toBuffer} return
a {Uint8Array} view to the buffer like before
https://crrev.com/c/1508352. Also, the returned view does not need to be
another copy of the bytes, it can really just be a view.

As a follow-up, this requires the test-only DeserializeWasmModule
runtime method to receive the wire bytes as Uint8Array, and also
requires the {IsWasmCompileAllowed} callback to handle
{ArrayBufferView} (like chromium's version already does).

R=ahaas@chromium.org

Change-Id: I87296cdbac14b74e7c8b38a372aa3df572ca6ad6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518172
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60195}

src/runtime/runtime-test.cc

@@ -58,6 +58,9 @@ bool IsWasmCompileAllowed(v8::Isolate* isolate, v8::Local<v8::Value> value,
   return (is_async && ctrls.AllowAnySizeForAsync) ||
          (value->IsArrayBuffer() &&
           v8::Local<v8::ArrayBuffer>::Cast(value)->ByteLength() <=
+              ctrls.MaxWasmBufferSize) ||
+         (value->IsArrayBufferView() &&
+          v8::Local<v8::ArrayBufferView>::Cast(value)->ByteLength() <=
               ctrls.MaxWasmBufferSize);
 }
 
@@ -1063,17 +1066,23 @@ RUNTIME_FUNCTION(Runtime_DeserializeWasmModule) {
   HandleScope scope(isolate);
   DCHECK_EQ(2, args.length());
   CONVERT_ARG_HANDLE_CHECKED(JSArrayBuffer, buffer, 0);
-  CONVERT_ARG_HANDLE_CHECKED(JSArrayBuffer, wire_bytes, 1);
+  CONVERT_ARG_HANDLE_CHECKED(JSTypedArray, wire_bytes, 1);
+  CHECK(!buffer->was_detached());
+  CHECK(!wire_bytes->WasDetached());
+
+  Handle<JSArrayBuffer> wire_bytes_buffer = wire_bytes->GetBuffer();
+  Vector<const uint8_t> wire_bytes_vec{
+      reinterpret_cast<const uint8_t*>(wire_bytes_buffer->backing_store()) +
+          wire_bytes->byte_offset(),
+      wire_bytes->byte_length()};
+  Vector<uint8_t> buffer_vec{
+      reinterpret_cast<uint8_t*>(buffer->backing_store()),
+      buffer->byte_length()};
 
   // Note that {wasm::DeserializeNativeModule} will allocate. We assume the
   // JSArrayBuffer backing store doesn't get relocated.
   MaybeHandle<WasmModuleObject> maybe_module_object =
-      wasm::DeserializeNativeModule(
-          isolate,
-          {reinterpret_cast<uint8_t*>(buffer->backing_store()),
-           buffer->byte_length()},
-          {reinterpret_cast<uint8_t*>(wire_bytes->backing_store()),
-           wire_bytes->byte_length()});
+      wasm::DeserializeNativeModule(isolate, buffer_vec, wire_bytes_vec);
   Handle<WasmModuleObject> module_object;
   if (!maybe_module_object.ToHandle(&module_object)) {
     return ReadOnlyRoots(isolate).undefined_value();

test/mjsunit/wasm/compiled-module-serialization.js

@@ -76,9 +76,10 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
 
 (function DeserializeInvalidObject() {
   print(arguments.callee.name);
-  var invalid_buffer = new ArrayBuffer(10);
+  const invalid_buffer = new ArrayBuffer(10);
+  const invalid_buffer_view = new Uint8Array(10);
 
-  module = %DeserializeWasmModule(invalid_buffer, invalid_buffer);
+  module = %DeserializeWasmModule(invalid_buffer, invalid_buffer_view);
   assertEquals(module, undefined);
 })();
 

test/mjsunit/wasm/wasm-module-builder.js

@@ -508,7 +508,7 @@ class Binary {
   }
 
   trunc_buffer() {
-    return this.buffer = this.buffer.slice(0, this.length);
+    return new Uint8Array(this.buffer.buffer, 0, this.length);
   }
 
   reset() {
@@ -911,7 +911,7 @@ class WasmModuleBuilder {
     return this;
   }
 
-  toUint8Array(debug = false) {
+  toBuffer(debug = false) {
     let binary = new Binary;
     let wasm = this;
 
@@ -1287,12 +1287,8 @@ class WasmModuleBuilder {
     return binary.trunc_buffer();
   }
 
-  toBuffer(debug = false) {
-    return this.toUint8Array(debug).buffer;
-  }
-
   toArray(debug = false) {
-    return Array.from(this.toUint8Array(debug));
+    return Array.from(this.toBuffer(debug));
   }
 
   instantiate(ffi) {