[webkit-changes] [WebKit/WebKit] c2eee1: Change wasm calling convention; set callee from ca...

Justin Michaud noreply at github.com
Thu Feb 1 16:37:36 PST 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: c2eee1bb4cec95f71e53400d83a2985463423c17
      https://github.com/WebKit/WebKit/commit/c2eee1bb4cec95f71e53400d83a2985463423c17
  Author: Justin Michaud <justin_michaud at apple.com>
  Date:   2024-02-01 (Thu, 01 Feb 2024)

  Changed paths:
    M JSTests/wasm/function-references/call_ref.js
    A JSTests/wasm/stress/cc-int-to-int-cross-module.js
    A JSTests/wasm/stress/cc-int-to-int-jit-to-llint.js
    A JSTests/wasm/stress/cc-int-to-int.js
    M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
    M Source/JavaScriptCore/interpreter/CalleeBits.h
    M Source/JavaScriptCore/jit/CCallHelpers.h
    M Source/JavaScriptCore/llint/WebAssembly.asm
    M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT32_64.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT64.cpp
    M Source/JavaScriptCore/wasm/WasmBBQPlan.cpp
    M Source/JavaScriptCore/wasm/WasmBinding.cpp
    M Source/JavaScriptCore/wasm/WasmCalleeGroup.cpp
    M Source/JavaScriptCore/wasm/WasmCalleeGroup.h
    M Source/JavaScriptCore/wasm/WasmCallsiteCollection.cpp
    M Source/JavaScriptCore/wasm/WasmFormat.h
    M Source/JavaScriptCore/wasm/WasmIPIntPlan.cpp
    M Source/JavaScriptCore/wasm/WasmInstance.cpp
    M Source/JavaScriptCore/wasm/WasmInstance.h
    M Source/JavaScriptCore/wasm/WasmLLIntPlan.cpp
    M Source/JavaScriptCore/wasm/WasmOMGPlan.cpp
    M Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp
    M Source/JavaScriptCore/wasm/WasmSlowPaths.cpp
    M Source/JavaScriptCore/wasm/js/JSToWasm.cpp
    M Source/JavaScriptCore/wasm/js/JSToWasm.h
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.h
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h
    M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp

  Log Message:
  -----------
  Change wasm calling convention; set callee from caller.
https://bugs.webkit.org/show_bug.cgi?id=266779
rdar://120007206

Reviewed by Yusuke Suzuki.

This is the first step to running wasm without jit.

This calling convention change opens the door to removing the LLInt entry
thunk by setting the wasm callee from the caller.

When a call is made into wasm, we first create a frame with the JSWebAssemblyFunction
as the callee. From this point on, callees are no longer JSObjects.

The LLInt needs to read stuff from the callee to know what to execute. Today
we have a unique address for each wasm function / tier.

This change means that the LLInt or IPInt can make all functions share an
entrypoint, and there is no more need for the LLInt/IPInt entry thunk.

This patch doesn't actually remove the thunk yet, it replaces it with a
debug assertion.

JIT tiers don't need their callee's to be written this way, and they
should continue to write them themselves. This way, we write the interpreter
callee into our JIT callsites, and never have to worry about attomically
repatching it when we update the entrypoint.

== The path to JITless wasm ==

Once this patch is landed and stable, we can remove the debug assertion
and remove the LLInt entry thunks.

The next step is to start picking off some simple JS->Wasm thunk cases to replace with
an IPInt-style metadata interpreter + some fixed fast paths. This should save
us some memory initially, and we can eventually remove the entry/exit thunks completely.

== Arm 32 == ( Fixes from Joseph Griego )
n 32-bit we have a totally different CalleeBits representation; it's morally a
JSValue except it might have the NativeValueTag, so the tag needs to be written
when this slot is initialized, either in the runtime or in JITted code.

AFAICT there's no existing way to write to a CalleeBits location from C++ right
now so I added some methods in CalleeBits to help with this--it would probably
be better long-term to have a `Register::operator=(CalleeBits)` or something
along those lines.

* JSTests/wasm/stress/cc-int-to-int.js: Added.
(from.string_appeared_here.import.as.assert.from.string_appeared_here.let.wat.module.type.sig_test.func.param.i32.result.i32.table.t.1.funcref.elem.i32.const.0.test.func.test.export.string_appeared_here.param.x.i32.result.i32.i32.add.local.x.i32.const.42.func.export.string_appeared_here.param.x.i32.result.i32.i32.add.local.x.call.test.i32.const.1337.func.export.string_appeared_here.param.x.i32.result.i32.local.x.i32.const.98.call_indirect.t.type.sig_test.i32.const.0.i32.add.async test):
* Source/JavaScriptCore/llint/LowLevelInterpreter.cpp:
* Source/JavaScriptCore/llint/WebAssembly.asm:
* Source/JavaScriptCore/offlineasm/arm.rb:
* Source/JavaScriptCore/offlineasm/arm64.rb:
* Source/JavaScriptCore/offlineasm/registers.rb:
* Source/JavaScriptCore/runtime/Options.cpp:
(JSC::Options::notifyOptionsChanged):
* Source/JavaScriptCore/runtime/UGPRPair.h:
(JSC::makeUGPRTriple):
(JSC::encodeResult):
(JSC::decodeResult):
* Source/JavaScriptCore/wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::compileFunction):
* Source/JavaScriptCore/wasm/WasmCalleeGroup.cpp:
(JSC::Wasm::CalleeGroup::CalleeGroup):
* Source/JavaScriptCore/wasm/WasmCalleeGroup.h:
* Source/JavaScriptCore/wasm/WasmCallsiteCollection.cpp:
(JSC::Wasm::CallsiteCollection::updateCallsitesToCallUs):
* Source/JavaScriptCore/wasm/WasmIPIntPlan.cpp:
(JSC::Wasm::IPIntPlan::didCompleteCompilation):
* Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp:
(JSC::LLInt::shouldJIT): Deleted.
(JSC::LLInt::jitCompileAndSetHeuristics): Deleted.
(JSC::LLInt::WASM_IPINT_EXTERN_CPP_DECL): Deleted.
(JSC::LLInt::WASM_IPINT_EXTERN_CPP_DECL_1P): Deleted.
(JSC::LLInt::doWasmCall): Deleted.
(JSC::LLInt::doWasmCallIndirect): Deleted.
* Source/JavaScriptCore/wasm/WasmLLIntPlan.cpp:
(JSC::Wasm::LLIntPlan::didCompleteCompilation):
* Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp:
(JSC::Wasm::OSREntryPlan::work):
* Source/JavaScriptCore/wasm/WasmSlowPaths.cpp:
(JSC::LLInt::doWasmCall):
(JSC::LLInt::WASM_SLOW_PATH_DECL3):
(JSC::LLInt::doWasmCallIndirect):
* Source/JavaScriptCore/wasm/WasmSlowPaths.h:
* Source/JavaScriptCore/wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper):
* Source/JavaScriptCore/wasm/js/JSToWasm.h:
* Source/JavaScriptCore/wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):

Canonical link: https://commits.webkit.org/273958@main

More information about the webkit-changes mailing list