[webkit-changes] [WebKit/WebKit] 431164: [Wasm-GC] Add support for subtyping declarations

Asumu Takikawa noreply at github.com
Wed Nov 2 14:24:01 PDT 2022 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 431164ca6a4b101688188966ce5384a7f8c68681
      https://github.com/WebKit/WebKit/commit/431164ca6a4b101688188966ce5384a7f8c68681
  Author: Asumu Takikawa <asumu at igalia.com>
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
    A JSTests/wasm/gc/sub.js
    M JSTests/wasm/wasm.json
    M Source/JavaScriptCore/wasm/WasmFormat.h
    M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmLimits.h
    M Source/JavaScriptCore/wasm/WasmSectionParser.cpp
    M Source/JavaScriptCore/wasm/WasmSectionParser.h
    M Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp
    M Source/JavaScriptCore/wasm/WasmTypeDefinition.h
    M Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp
    M Source/JavaScriptCore/wasm/js/WasmToJS.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp
    M Source/JavaScriptCore/wasm/wasm.json

  Log Message:
  -----------
  [Wasm-GC] Add support for subtyping declarations
https://bugs.webkit.org/show_bug.cgi?id=239668

Reviewed by Justin Michaud.

Adds support for `sub` type section forms. These introduce subtyping
declarations that can specify parent types for a `func`, `struct`,
etc. type (the MVP GC proposal only allows a single parent type).

Adding `sub` forms changes type expansion slightly, and requires that
checking `isSubtype` look at the type hierarchy if the LHS type is a
`sub` type. This patch also memoizes type expansion to avoid repeated
unrolling of recursive types.

With the addition of `sub`, a bare `func`, `struct`, etc declaration
is treated as implicitly having a `sub` with zero/empty supertypes.
To avoid `(sub () (func))` and `(func)` being represented differently,
we normalize empty-supertype `sub` to be represented as just the
underlying type.

Subtype checking for indexed reference types is done using a display
data structure. Each `sub` declaration has an associated display that
records an array of supertype indices. This allows subtype checking in
constant-time by checking if the supertype index is present in the
subtype at the correct display offset, rather than with a linear
traversal of the hierarchy. If multiple parent types are allowed in the
future, this algorithm will need to change.

* JSTests/wasm/gc/sub.js: Added.
(module):
(testSubDeclaration):
* JSTests/wasm/wasm.json:
* Source/JavaScriptCore/wasm/WasmFormat.h:
(JSC::Wasm::isSubtypeIndex):
(JSC::Wasm::isSubtype):
* Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp:
(JSC::Wasm::LLIntGenerator::callInformationForCaller):
(JSC::Wasm::LLIntGenerator::callInformationForCallee):
(JSC::Wasm::LLIntGenerator::addArguments):
* Source/JavaScriptCore/wasm/WasmLimits.h:
* Source/JavaScriptCore/wasm/WasmSectionParser.cpp:
(JSC::Wasm::SectionParser::parseType):
(JSC::Wasm::SectionParser::parseRecursionGroup):
(JSC::Wasm::SectionParser::checkStructuralSubtype):
(JSC::Wasm::SectionParser::checkSubtypeValidity):
(JSC::Wasm::SectionParser::parseSubtype):
* Source/JavaScriptCore/wasm/WasmSectionParser.h:
* Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp:
(JSC::Wasm::TypeDefinition::dump const):
(JSC::Wasm::Subtype::toString const):
(JSC::Wasm::Subtype::dump const):
(JSC::Wasm::computeSubtypeHash):
(JSC::Wasm::TypeDefinition::hash const):
(JSC::Wasm::TypeDefinition::tryCreateSubtype):
(JSC::Wasm::TypeDefinition::replacePlaceholders const):
(JSC::Wasm::TypeDefinition::unroll const):
(JSC::Wasm::TypeDefinition::expand const):
(JSC::Wasm::TypeDefinition::hasRecursiveReference const):
(JSC::Wasm::SubtypeParameterTypes::hash):
(JSC::Wasm::SubtypeParameterTypes::equal):
(JSC::Wasm::SubtypeParameterTypes::translate):
(JSC::Wasm::TypeInformation::typeDefinitionForSubtype):
(JSC::Wasm::TypeInformation::addCachedUnrolling):
(JSC::Wasm::TypeInformation::tryGetCachedUnrolling):
(JSC::Wasm::TypeInformation::tryCleanup):
* Source/JavaScriptCore/wasm/WasmTypeDefinition.h:
(JSC::Wasm::typeKindSizeInBytes):
(JSC::Wasm::Subtype::Subtype):
(JSC::Wasm::Subtype::superType const):
(JSC::Wasm::Subtype::underlyingType const):
(JSC::Wasm::Subtype::displayType const):
(JSC::Wasm::Subtype::displaySize const):
(JSC::Wasm::Subtype::getSuperType):
(JSC::Wasm::Subtype::getUnderlyingType):
(JSC::Wasm::Subtype::getDisplayType):
(JSC::Wasm::Subtype::storage):
(JSC::Wasm::Subtype::storage const):
(JSC::Wasm::TypeDefinition::allocatedSubtypeSize):
* Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp:
(JSC::JSWebAssemblyStruct::set):
* Source/JavaScriptCore/wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):
* Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::initializeImports):
* Source/JavaScriptCore/wasm/wasm.json:

Canonical link: https://commits.webkit.org/256243@main

More information about the webkit-changes mailing list