Duplicate subsections in the name section are disallowed by the spec.
Since the whole name section is optional, we shouldn't fail validation
because of it, but we'll ignore duplicate subsections.
Drive-by cleanup: reduce code duplication by reusing DecodeNameMap from
DecodeIndirectNameMap.
Fixed: chromium:1342338
Change-Id: Icae14c27a0255c6107517354f07ec8eb78d2a7b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751211
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81608}
The stack-switching variant of the wasm-to-js wrapper was only generated
for js functions with matching arity. Also suspend for js functions with
mismatching arity and unknown callables.
R=ahaas@chromium.org
Bug: v8:12191
Change-Id: Iab3e2d85210c86a814ae1defab9cd57bf74d80d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749578
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81605}
The test mjsunit/wasm/shared-memory-worker-gc is too slow on the gcov
bot.
No-Try: true
Bug: v8:13005
Change-Id: Idac2a6df836c981195d61f9c2737c06d548edb28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751204
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81587}
When the failed access callback is configured but it doesn't throw,
we should return instead of expecting an exception, otherwise
it would crash because there isn't one.
This patch also adds --throw-on-failed-access-check and
--noop-on-failed-access-check in d8 to mimic the behavior
of the failed access check callback in chromium.
Bug: chromium:1339722
Change-Id: Ie1db9d2fb364c6f8259eb9b8d81a21071c280a80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3737305
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81557}
Fix some issues with nested suspenders:
- Fix scratch register conflict when returning from an inner suspender
- The outer suspender should stay in 'Active' state
- Suspenders should become 'Inactive' when they return
CC=ahaas@chromium.org
Bug: v8:12191
Change-Id: Ic6c6108c4f8df3d32417d7813eb04e0e2a46d27a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743386
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81555}
Load current Memory start/size off of the wasm instance when entering
fast calls, so they can use that info for whatever they need to do.
Fast calls from JS set the memory to null, and the memory does not
need to be piped from wasm to slow callbacks as wasm always calls
the fast function.
Change-Id: Ibfa33cdd7dba85300f95cbdacc9a56b3f7181663
Bug: chromium:1052746
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719005
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: snek <snek@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81538}
Atomics.load, Atomics.store, and Atomics.exchange now accept shared
array objects as their 1st argument.
Currently these are implemented in C++ and not yet in CSA.
Bug: v8:12547
Change-Id: I54ed8816a696a4f45dda964739b1cfd917d39dc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723974
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81537}
This is a reland of commit 84e078c6cf. It fixes an undefined behaviour and guards against NaNs in d8-test.cc.
Original change's description:
> [fastcall] Support EnforceRange annotation
>
> This CL implements checks in case EnforceRange is requested for a
> given parameter by using TryTruncate* operators. It implements 2 such
> truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
> TryTruncateFloat64ToUint32.
>
> Bug: chromium:1052746
> Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81512}
Bug: chromium:1052746, chromium:1341851, chromium:1341891
Change-Id: I21e0e452c92cc93f8b06985a335f409855be0546
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743518
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81529}
This CL implements checks in case EnforceRange is requested for a
given parameter by using TryTruncate* operators. It implements 2 such
truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
TryTruncateFloat64ToUint32.
Bug: chromium:1052746
Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81512}
This opcode is being removed in favor of pre-declared non-defaultable
locals (details are still TBD).
Bug: v8:9495
Change-Id: I96ac053a1b5a852310c5dc0bbaeab0cbf5384663
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738743
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81496}
This makes the internal V8 name consistent with the text-format name.
Bug: v8:7748
Change-Id: I44f7ac1eb5e634b4f829e596bf1f14caeb748d54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726291
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81491}
TSAN may cause the sandbox to fail to obtain enough virtual address
space during initialization, thereby causing it to fall back to a
smaller backing reservation. This combined with the very inefficient
ArrayBufferAllocator that is used in standalone v8 builds when the
sandbox is enabled may cause some tests to run out-of-memory earlier
than they otherwise would. For now we just disable these tests on TSAN
builds, but should be able to re-enable them once we have a better
ArrayBufferAllocator on standalone v8 builds.
Bug: v8:13009, chromium:1340224
Change-Id: I93e46e05d47a8850788504c10a6498067400128a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738740
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81490}
The previous combination of a conditional and an unconditional move
produced an incorrect value when dst == rhs and lhs contained the
expected result.
Fixed: chromium:1338980
Change-Id: If3f722999ed9c0ffd687736280d048d232d75736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738219
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81475}
Waiting for a background thread to finish a task isn't going to
work when there are no background threads. Luckily, we can sidestep
the problem by compiling with Turbofan immediately, instead of
triggering dynamic tier-up through repeated execution. As a nice bonus,
this makes the test faster in non-predictable modes too.
Fixed: v8:13020
Change-Id: I2d47bc07bbde48a210c6ea59551ae16e63bdae05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736443
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81459}
Add parser support for wasm instructions that create stringrefs from GC
arrays, and which encode strings to GC arrays.
Bug: v8:12868
Change-Id: I38446855b7a55366f8107970811aec935defcdb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732935
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81440}
Only the parent of the continuation itself was updated. Also update the
parent of the suspender
R=ahaas@chromium.org
Bug: v8:12191
Change-Id: I06684548abe70f4bbda48c12e9e8adda84e1ec27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726293
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81419}
In crrev.com/c/3714237, we changed the representation of constant
expressions in mjsunit wasm tests to byte arrays. This CL complements
this change by updating the output of --wasm-fuzzer-gen-test to the
new format.
Change-Id: I6a9d861b5abe13621ffd2ceb3a54863b0188b40c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726294
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81414}
This remodels the tier-up checks on loop back edges to avoid
modifying the cache state by taking temp registers passed in
from the caller, and not causing the instance to get cached.
Additionally, this introduces FreezeCacheState scopes, which
allow us to enforce that certain ranges don't cause any cache
modifications. Conditional jumps require such a scope to be
around, which should help ensure that we don't forget to add
them to any future code we write.
Drive-by cleanup: drop {pinned} lists from a few Load helper
functions. They don't allocate registers (and shouldn't), so
they don't need to know about pinned registers.
Fixed: chromium:1339321
Change-Id: I1c7660418a85259e96c5e0dcfeaf12dab2114e8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724787
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81411}
- Use the lowered 32-bit signature when linking the inlined and caller
graphs.
- Tolerate non-projection uses of Call nodes when linking the graphs.
These can be left over by Int64Lowering.
- Drive-by: Inline really small functions even if their call count is
low.
Bug: v8:12166
Change-Id: I5b472d3f617f2f23820a5d142102c0a6c5c769dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3720715
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81386}
