[webkit-changes] [WebKit/WebKit] 6ef70e: BBQJIT should support gc and funcref opcodes

Keith Miller noreply at github.com
Sun May 28 08:29:24 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 6ef70e7d7c5a168306c05061320d37496bf285e0
      https://github.com/WebKit/WebKit/commit/6ef70e7d7c5a168306c05061320d37496bf285e0
  Author: Keith Miller <keith_miller at apple.com>
  Date:   2023-05-28 (Sun, 28 May 2023)

  Changed paths:
    M JSTests/wasm/gc/array_new_fixed.js
    M JSTests/wasm/gc/i31.js
    M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
    M Source/JavaScriptCore/Sources.txt
    M Source/JavaScriptCore/runtime/Options.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
    M Source/JavaScriptCore/wasm/WasmFunctionParser.h
    M Source/JavaScriptCore/wasm/WasmLimits.h
    M Source/JavaScriptCore/wasm/WasmOperations.cpp
    M Source/JavaScriptCore/wasm/WasmOperations.h

  Log Message:
  -----------
  BBQJIT should support gc and funcref opcodes
https://bugs.webkit.org/show_bug.cgi?id=256959

Reviewed by Yusuke Suzuki.

This patch adds support for the various gc and funcref opcodes to the new BBQ JIT.
Most of the implementations are just translations of what the B3IRGenerator does.
The main difference is that for opcodes which need to make a C call, e.g. for allocation,
they do so by creating a `Value::fromTemp` that does not conflict with any parameter `Value`.
This is needed because otherwise the BBQJIT allocator gets confused between the existing parameters
that were not passed to the C call and the result of the C call. Also, since BBQJIT doesn't have a
good way to branch over a call both `ref.cast` and `ref.test` just call an operation.

Also, this patch fixes an issue where we weren't checking for the spec's limit on array.new_fixed
static argument count.

Lastly, there is a workaround for a clang bug where it crashed when compiling a unified source.
The workaround was to @no-unify one of the files in that bundle.

* JSTests/wasm/gc/array_new_fixed.js:
* JSTests/wasm/gc/i31.js:
(testI31Get):
* Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj:
* Source/JavaScriptCore/Sources.txt:
* Source/JavaScriptCore/runtime/Options.cpp:
(JSC::Options::notifyOptionsChanged):
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJIT::isValidValueTypeKind):
(JSC::Wasm::BBQJIT::pointerType):
(JSC::Wasm::BBQJIT::toValueKind):
(JSC::Wasm::BBQJIT::Value::fromRef):
(JSC::Wasm::BBQJIT::Value::fromTemp):
(JSC::Wasm::BBQJIT::Value::fromLocal):
(JSC::Wasm::BBQJIT::Value::pinned):
(JSC::Wasm::BBQJIT::Value::type const):
(JSC::Wasm::BBQJIT::BBQJIT):
(JSC::Wasm::BBQJIT::addTableGet):
(JSC::Wasm::BBQJIT::addTableSet):
(JSC::Wasm::BBQJIT::addTableInit):
(JSC::Wasm::BBQJIT::addTableSize):
(JSC::Wasm::BBQJIT::addTableGrow):
(JSC::Wasm::BBQJIT::addTableFill):
(JSC::Wasm::BBQJIT::addTableCopy):
(JSC::Wasm::BBQJIT::addGrowMemory):
(JSC::Wasm::BBQJIT::addMemoryFill):
(JSC::Wasm::BBQJIT::addMemoryCopy):
(JSC::Wasm::BBQJIT::addMemoryInit):
(JSC::Wasm::BBQJIT::atomicWait):
(JSC::Wasm::BBQJIT::atomicNotify):
(JSC::Wasm::BBQJIT::addI31New):
(JSC::Wasm::BBQJIT::addI31GetS):
(JSC::Wasm::BBQJIT::addI31GetU):
(JSC::Wasm::BBQJIT::getTypeDefinition):
(JSC::Wasm::BBQJIT::getArrayTypeDefinition):
(JSC::Wasm::BBQJIT::getArrayElementType):
(JSC::Wasm::BBQJIT::marshallToI64):
(JSC::Wasm::BBQJIT::addArrayNew):
(JSC::Wasm::BBQJIT::addArrayNewDefault):
(JSC::Wasm::BBQJIT::pushArrayNewFromSegment):
(JSC::Wasm::BBQJIT::addArrayNewData):
(JSC::Wasm::BBQJIT::addArrayNewElem):
(JSC::Wasm::BBQJIT::emitArraySetUnchecked):
(JSC::Wasm::BBQJIT::addArrayNewFixed):
(JSC::Wasm::BBQJIT::addArrayGet):
(JSC::Wasm::BBQJIT::addArraySet):
(JSC::Wasm::BBQJIT::addArrayLen):
(JSC::Wasm::BBQJIT::emitStructSet):
(JSC::Wasm::BBQJIT::addStructNewDefault):
(JSC::Wasm::BBQJIT::addStructNew):
(JSC::Wasm::BBQJIT::addStructGet):
(JSC::Wasm::BBQJIT::addStructSet):
(JSC::Wasm::BBQJIT::addRefTest):
(JSC::Wasm::BBQJIT::addRefCast):
(JSC::Wasm::BBQJIT::addExternInternalize):
(JSC::Wasm::BBQJIT::emitThrowOnNullReference):
(JSC::Wasm::BBQJIT::addI32Popcnt):
(JSC::Wasm::BBQJIT::addI64Popcnt):
(JSC::Wasm::BBQJIT::addRefFunc):
(JSC::Wasm::BBQJIT::toB3Type):
(JSC::Wasm::BBQJIT::emitCCall):
(JSC::Wasm::BBQJIT::addCallRef):
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseExpression):
* Source/JavaScriptCore/wasm/WasmLimits.h:
* Source/JavaScriptCore/wasm/WasmOperations.cpp:
(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/wasm/WasmOperations.h:

Canonical link: https://commits.webkit.org/264638@main

More information about the webkit-changes mailing list