Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: 431164ca6a4b101688188966ce5384a7f8c68681 https://github.com/WebKit/WebKit/commit/431164ca6a4b101688188966ce5384a7f8c68681 Author: Asumu Takikawa <as...@igalia.com> Date: 2022-11-02 (Wed, 02 Nov 2022)
Changed paths: A JSTests/wasm/gc/sub.js M JSTests/wasm/wasm.json M Source/JavaScriptCore/wasm/WasmFormat.h M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp M Source/JavaScriptCore/wasm/WasmLimits.h M Source/JavaScriptCore/wasm/WasmSectionParser.cpp M Source/JavaScriptCore/wasm/WasmSectionParser.h M Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp M Source/JavaScriptCore/wasm/WasmTypeDefinition.h M Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp M Source/JavaScriptCore/wasm/js/WasmToJS.cpp M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp M Source/JavaScriptCore/wasm/wasm.json Log Message: ----------- [Wasm-GC] Add support for subtyping declarations https://bugs.webkit.org/show_bug.cgi?id=239668 Reviewed by Justin Michaud. Adds support for `sub` type section forms. These introduce subtyping declarations that can specify parent types for a `func`, `struct`, etc. type (the MVP GC proposal only allows a single parent type). Adding `sub` forms changes type expansion slightly, and requires that checking `isSubtype` look at the type hierarchy if the LHS type is a `sub` type. This patch also memoizes type expansion to avoid repeated unrolling of recursive types. With the addition of `sub`, a bare `func`, `struct`, etc declaration is treated as implicitly having a `sub` with zero/empty supertypes. To avoid `(sub () (func))` and `(func)` being represented differently, we normalize empty-supertype `sub` to be represented as just the underlying type. Subtype checking for indexed reference types is done using a display data structure. Each `sub` declaration has an associated display that records an array of supertype indices. This allows subtype checking in constant-time by checking if the supertype index is present in the subtype at the correct display offset, rather than with a linear traversal of the hierarchy. If multiple parent types are allowed in the future, this algorithm will need to change. * JSTests/wasm/gc/sub.js: Added. (module): (testSubDeclaration): * JSTests/wasm/wasm.json: * Source/JavaScriptCore/wasm/WasmFormat.h: (JSC::Wasm::isSubtypeIndex): (JSC::Wasm::isSubtype): * Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp: (JSC::Wasm::LLIntGenerator::callInformationForCaller): (JSC::Wasm::LLIntGenerator::callInformationForCallee): (JSC::Wasm::LLIntGenerator::addArguments): * Source/JavaScriptCore/wasm/WasmLimits.h: * Source/JavaScriptCore/wasm/WasmSectionParser.cpp: (JSC::Wasm::SectionParser::parseType): (JSC::Wasm::SectionParser::parseRecursionGroup): (JSC::Wasm::SectionParser::checkStructuralSubtype): (JSC::Wasm::SectionParser::checkSubtypeValidity): (JSC::Wasm::SectionParser::parseSubtype): * Source/JavaScriptCore/wasm/WasmSectionParser.h: * Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp: (JSC::Wasm::TypeDefinition::dump const): (JSC::Wasm::Subtype::toString const): (JSC::Wasm::Subtype::dump const): (JSC::Wasm::computeSubtypeHash): (JSC::Wasm::TypeDefinition::hash const): (JSC::Wasm::TypeDefinition::tryCreateSubtype): (JSC::Wasm::TypeDefinition::replacePlaceholders const): (JSC::Wasm::TypeDefinition::unroll const): (JSC::Wasm::TypeDefinition::expand const): (JSC::Wasm::TypeDefinition::hasRecursiveReference const): (JSC::Wasm::SubtypeParameterTypes::hash): (JSC::Wasm::SubtypeParameterTypes::equal): (JSC::Wasm::SubtypeParameterTypes::translate): (JSC::Wasm::TypeInformation::typeDefinitionForSubtype): (JSC::Wasm::TypeInformation::addCachedUnrolling): (JSC::Wasm::TypeInformation::tryGetCachedUnrolling): (JSC::Wasm::TypeInformation::tryCleanup): * Source/JavaScriptCore/wasm/WasmTypeDefinition.h: (JSC::Wasm::typeKindSizeInBytes): (JSC::Wasm::Subtype::Subtype): (JSC::Wasm::Subtype::superType const): (JSC::Wasm::Subtype::underlyingType const): (JSC::Wasm::Subtype::displayType const): (JSC::Wasm::Subtype::displaySize const): (JSC::Wasm::Subtype::getSuperType): (JSC::Wasm::Subtype::getUnderlyingType): (JSC::Wasm::Subtype::getDisplayType): (JSC::Wasm::Subtype::storage): (JSC::Wasm::Subtype::storage const): (JSC::Wasm::TypeDefinition::allocatedSubtypeSize): * Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp: (JSC::JSWebAssemblyStruct::set): * Source/JavaScriptCore/wasm/js/WasmToJS.cpp: (JSC::Wasm::wasmToJS): * Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::initializeImports): * Source/JavaScriptCore/wasm/wasm.json: Canonical link: https://commits.webkit.org/256243@main _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes