[webkit-changes] [WebKit/WebKit] 717c79: [JSC] Allocate DataOnlyCallLinkInfo via heap for W...

Yusuke Suzuki noreply at github.com
Fri Jan 17 10:13:56 PST 2025 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 717c7964e4b8d4803a37c0040b0cd1d353f6566e
      https://github.com/WebKit/WebKit/commit/717c7964e4b8d4803a37c0040b0cd1d353f6566e
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2025-01-17 (Fri, 17 Jan 2025)

  Changed paths:
    M Source/JavaScriptCore/llint/WebAssembly.asm
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
    M Source/JavaScriptCore/wasm/WasmFormat.h
    M Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp
    M Source/JavaScriptCore/wasm/WasmOperations.cpp
    M Source/JavaScriptCore/wasm/WasmOperations.h
    M Source/JavaScriptCore/wasm/WasmSlowPaths.cpp
    M Source/JavaScriptCore/wasm/WasmTable.cpp
    M Source/JavaScriptCore/wasm/WasmTable.h
    M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp
    M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h
    M Source/JavaScriptCore/wasm/js/WasmToJS.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h
    M Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.h

  Log Message:
  -----------
  [JSC] Allocate DataOnlyCallLinkInfo via heap for WasmToJS calls
https://bugs.webkit.org/show_bug.cgi?id=286085
rdar://142579342

Reviewed by Keith Miller.

Not all the imported functions are JS. Thus let's allocate DataOnlyCallLinkInfo
later when it is determined that it is actually a JS call.

Through this improvement, we found the issue of JIT-less wasm. JIT-less
wasm is loading WasmOrJSImportableFunction from FuncRefTable /
WebAssemblyFunctionBase and using it for WasmToJS calls. But this does
not work well since its DataOnlyCallLinkInfo is not maintained. For
these imported functions, we should use the original slot of WasmOrJSImportableFunction
from original WebAssemblyInstance. In this patch, we separate DataOnlyCallLinkInfo from
WasmOrJSImportableFunction and name it WasmOrJSImportableFunctionCallLinkInfo.
And placing it in JSWebAssemblyInstance. Also, WebAssemblyFunctionBase and
FuncRefTable propagate the pointer to this original slot. This is fine
since WebAssemblyFunctionBase is keeping the original instance alive,
thus this pointer is always alive. So JIT-less wasm can use the
appropriate slot. This is not a problem in JIT WasmToJS since we are
computing this slot from JSWebAssemblyInstance.

* Source/JavaScriptCore/llint/WebAssembly.asm:
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJITImpl::BBQJIT::emitTailCall):
(JSC::Wasm::BBQJITImpl::BBQJIT::addCall):
* Source/JavaScriptCore/wasm/WasmFormat.h:
(JSC::Wasm::WasmCallableFunction::offsetOfEntrypointLoadLocation): Deleted.
(JSC::Wasm::WasmCallableFunction::offsetOfBoxedWasmCalleeLoadLocation): Deleted.
* Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp:
(JSC::IPInt::WASM_IPINT_EXTERN_CPP_DECL):
* Source/JavaScriptCore/wasm/WasmOperations.cpp:
(JSC::Wasm::JSC_DEFINE_NOEXCEPT_JIT_OPERATION):
(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/wasm/WasmOperations.h:
* Source/JavaScriptCore/wasm/WasmSlowPaths.cpp:
(JSC::LLInt::doWasmCall):
(JSC::LLInt::doWasmCallIndirect):
(JSC::LLInt::doWasmCallRef):
* Source/JavaScriptCore/wasm/WasmTable.cpp:
(JSC::Wasm::FuncRefTable::setFunction):
* Source/JavaScriptCore/wasm/WasmTable.h:
* Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::~JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::clearJSCallICs):
(JSC::JSWebAssemblyInstance::finalizeUnconditionally):
* Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h:
* Source/JavaScriptCore/wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):
* Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp:
(JSC::WebAssemblyFunction::WebAssemblyFunction):
* Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.cpp:
(JSC::WebAssemblyFunctionBase::WebAssemblyFunctionBase):
* Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h:
(JSC::WebAssemblyFunctionBase::importableFunction const):
(JSC::WebAssemblyFunctionBase::callLinkInfo const):
* Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.cpp:
(JSC::WebAssemblyWrapperFunction::WebAssemblyWrapperFunction):
(JSC::WebAssemblyWrapperFunction::create):
(JSC::m_function): Deleted.
* Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.h:

Canonical link: https://commits.webkit.org/289072@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list