- Revision
- 252277
- Author
- alanc...@apple.com
- Date
- 2019-11-08 16:51:29 -0800 (Fri, 08 Nov 2019)
Log Message
Cherry-pick r251978. rdar://problem/56840003
LLIntGenerator should not allocate temporaries in between variables
https://bugs.webkit.org/show_bug.cgi?id=203787
Reviewed by Yusuke Suzuki.
JSTests:
* wasm/stress/local-ref.js: Added.
Source/_javascript_Core:
The BytecodeGenerator requires that all variables must be allocated contiguously, before any
temporaries are allocated. Currently, we might end up allocating a temporary to materialize
the null constant to initialize locals of type Anyref/Funcref. Fix it by keeping track of the
locals that need to be initialized and adding a new callback to notify when we have finished
parsing locals. Only then we perform the delayed initialization of local refs.
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::didFinishParsingLocals):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::didFinishParsingLocals):
* wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parse):
* wasm/WasmLLIntGenerator.cpp:
(JSC::Wasm::LLIntGenerator::addLocal):
(JSC::Wasm::LLIntGenerator::didFinishParsingLocals):
* wasm/WasmValidate.cpp:
(JSC::Wasm::Validate::didFinishParsingLocals):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251978 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Added Paths
Diff
Modified: tags/Safari-609.1.10.1/JSTests/ChangeLog (252276 => 252277)
--- tags/Safari-609.1.10.1/JSTests/ChangeLog 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/JSTests/ChangeLog 2019-11-09 00:51:29 UTC (rev 252277)
@@ -1,3 +1,48 @@
+2019-11-07 Alan Coon <alanc...@apple.com>
+
+ Cherry-pick r251978. rdar://problem/56840003
+
+ LLIntGenerator should not allocate temporaries in between variables
+ https://bugs.webkit.org/show_bug.cgi?id=203787
+
+ Reviewed by Yusuke Suzuki.
+
+ JSTests:
+
+ * wasm/stress/local-ref.js: Added.
+
+ Source/_javascript_Core:
+
+ The BytecodeGenerator requires that all variables must be allocated contiguously, before any
+ temporaries are allocated. Currently, we might end up allocating a temporary to materialize
+ the null constant to initialize locals of type Anyref/Funcref. Fix it by keeping track of the
+ locals that need to be initialized and adding a new callback to notify when we have finished
+ parsing locals. Only then we perform the delayed initialization of local refs.
+
+ * wasm/WasmAirIRGenerator.cpp:
+ (JSC::Wasm::AirIRGenerator::didFinishParsingLocals):
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::B3IRGenerator::didFinishParsingLocals):
+ * wasm/WasmFunctionParser.h:
+ (JSC::Wasm::FunctionParser<Context>::parse):
+ * wasm/WasmLLIntGenerator.cpp:
+ (JSC::Wasm::LLIntGenerator::addLocal):
+ (JSC::Wasm::LLIntGenerator::didFinishParsingLocals):
+ * wasm/WasmValidate.cpp:
+ (JSC::Wasm::Validate::didFinishParsingLocals):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251978 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2019-11-03 Tadeu Zagallo <tzaga...@apple.com>
+
+ LLIntGenerator should not allocate temporaries in between variables
+ https://bugs.webkit.org/show_bug.cgi?id=203787
+
+ Reviewed by Yusuke Suzuki.
+
+ * wasm/stress/local-ref.js: Added.
+
2019-11-02 Kocsen Chung <kocsen_ch...@apple.com>
Cherry-pick r251967. rdar://problem/56836147
Added: tags/Safari-609.1.10.1/JSTests/wasm/stress/local-ref.js (0 => 252277)
--- tags/Safari-609.1.10.1/JSTests/wasm/stress/local-ref.js (rev 0)
+++ tags/Safari-609.1.10.1/JSTests/wasm/stress/local-ref.js 2019-11-09 00:51:29 UTC (rev 252277)
@@ -0,0 +1,10 @@
+import { instantiate } from "../wabt-wrapper.js";
+
+instantiate(`
+(module
+ (func
+ (local anyref)
+ (local anyref)
+ )
+)
+`);
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/ChangeLog (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/ChangeLog 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/ChangeLog 2019-11-09 00:51:29 UTC (rev 252277)
@@ -1,3 +1,64 @@
+2019-11-07 Alan Coon <alanc...@apple.com>
+
+ Cherry-pick r251978. rdar://problem/56840003
+
+ LLIntGenerator should not allocate temporaries in between variables
+ https://bugs.webkit.org/show_bug.cgi?id=203787
+
+ Reviewed by Yusuke Suzuki.
+
+ JSTests:
+
+ * wasm/stress/local-ref.js: Added.
+
+ Source/_javascript_Core:
+
+ The BytecodeGenerator requires that all variables must be allocated contiguously, before any
+ temporaries are allocated. Currently, we might end up allocating a temporary to materialize
+ the null constant to initialize locals of type Anyref/Funcref. Fix it by keeping track of the
+ locals that need to be initialized and adding a new callback to notify when we have finished
+ parsing locals. Only then we perform the delayed initialization of local refs.
+
+ * wasm/WasmAirIRGenerator.cpp:
+ (JSC::Wasm::AirIRGenerator::didFinishParsingLocals):
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::B3IRGenerator::didFinishParsingLocals):
+ * wasm/WasmFunctionParser.h:
+ (JSC::Wasm::FunctionParser<Context>::parse):
+ * wasm/WasmLLIntGenerator.cpp:
+ (JSC::Wasm::LLIntGenerator::addLocal):
+ (JSC::Wasm::LLIntGenerator::didFinishParsingLocals):
+ * wasm/WasmValidate.cpp:
+ (JSC::Wasm::Validate::didFinishParsingLocals):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251978 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2019-11-03 Tadeu Zagallo <tzaga...@apple.com>
+
+ LLIntGenerator should not allocate temporaries in between variables
+ https://bugs.webkit.org/show_bug.cgi?id=203787
+
+ Reviewed by Yusuke Suzuki.
+
+ The BytecodeGenerator requires that all variables must be allocated contiguously, before any
+ temporaries are allocated. Currently, we might end up allocating a temporary to materialize
+ the null constant to initialize locals of type Anyref/Funcref. Fix it by keeping track of the
+ locals that need to be initialized and adding a new callback to notify when we have finished
+ parsing locals. Only then we perform the delayed initialization of local refs.
+
+ * wasm/WasmAirIRGenerator.cpp:
+ (JSC::Wasm::AirIRGenerator::didFinishParsingLocals):
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::B3IRGenerator::didFinishParsingLocals):
+ * wasm/WasmFunctionParser.h:
+ (JSC::Wasm::FunctionParser<Context>::parse):
+ * wasm/WasmLLIntGenerator.cpp:
+ (JSC::Wasm::LLIntGenerator::addLocal):
+ (JSC::Wasm::LLIntGenerator::didFinishParsingLocals):
+ * wasm/WasmValidate.cpp:
+ (JSC::Wasm::Validate::didFinishParsingLocals):
+
2019-11-02 Kocsen Chung <kocsen_ch...@apple.com>
Cherry-pick r251967. rdar://problem/56836147
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmAirIRGenerator.cpp (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmAirIRGenerator.cpp 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmAirIRGenerator.cpp 2019-11-09 00:51:29 UTC (rev 252277)
@@ -298,6 +298,7 @@
void dump(const Vector<ControlEntry>& controlStack, const Stack* expressionStack);
void setParser(FunctionParser<AirIRGenerator>* parser) { m_parser = parser; };
+ void didFinishParsingLocals() { }
static Vector<Tmp> toTmpVector(const Vector<TypedTmp>& vector)
{
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2019-11-09 00:51:29 UTC (rev 252277)
@@ -243,6 +243,7 @@
void dump(const Vector<ControlEntry>& controlStack, const Stack* expressionStack);
void setParser(FunctionParser<B3IRGenerator>* parser) { m_parser = parser; };
+ void didFinishParsingLocals() { }
Value* constant(B3::Type, uint64_t bits, Optional<Origin> = WTF::nullopt);
Value* framePointer();
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmFunctionParser.h (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmFunctionParser.h 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmFunctionParser.h 2019-11-09 00:51:29 UTC (rev 252277)
@@ -146,6 +146,8 @@
WASM_TRY_ADD_TO_CONTEXT(addLocal(typeOfLocal, numberOfLocals));
}
+ m_context.didFinishParsingLocals();
+
WASM_FAIL_IF_HELPER_FAILS(parseBody());
return { };
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmLLIntGenerator.cpp (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmLLIntGenerator.cpp 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmLLIntGenerator.cpp 2019-11-09 00:51:29 UTC (rev 252277)
@@ -207,6 +207,8 @@
PartialResult WARN_UNUSED_RETURN addCallIndirect(unsigned tableIndex, const Signature&, Vector<ExpressionType>& args, ExpressionList& results);
PartialResult WARN_UNUSED_RETURN addUnreachable();
+ void didFinishParsingLocals();
+
void setParser(FunctionParser<LLIntGenerator>* parser) { m_parser = parser; };
void dump(const Vector<ControlEntry>&, const ExpressionList*) { }
@@ -272,6 +274,7 @@
Vector<VirtualRegister> m_normalizedArguments;
HashMap<Label*, Vector<SwitchEntry>> m_switches;
ExpressionType m_jsNullConstant;
+ ExpressionList m_unitializedLocals;
};
Expected<std::unique_ptr<FunctionCodeBlock>, String> parseAndCompileBytecode(const uint8_t* functionStart, size_t functionLength, const Signature& signature, const ModuleInformation& info, uint32_t functionIndex, ThrowWasmException throwWasmException)
@@ -484,7 +487,7 @@
switch (type) {
case Type::Anyref:
case Type::Funcref:
- WasmMov::emit(this, local, jsNullConstant());
+ m_unitializedLocals.append(local);
break;
default:
break;
@@ -493,6 +496,14 @@
return { };
}
+void LLIntGenerator::didFinishParsingLocals()
+{
+ auto null = jsNullConstant();
+ for (auto local : m_unitializedLocals)
+ WasmMov::emit(this, local, null);
+ m_unitializedLocals.clear();
+}
+
auto LLIntGenerator::addConstant(Type, uint64_t value) -> ExpressionType
{
VirtualRegister source(FirstConstantRegisterIndex + m_codeBlock->m_constants.size());
Modified: tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmValidate.cpp (252276 => 252277)
--- tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmValidate.cpp 2019-11-09 00:39:29 UTC (rev 252276)
+++ tags/Safari-609.1.10.1/Source/_javascript_Core/wasm/WasmValidate.cpp 2019-11-09 00:51:29 UTC (rev 252277)
@@ -175,6 +175,7 @@
void dump(const Vector<ControlEntry>&, const Stack*);
void setParser(FunctionParser<Validate>*) { }
+ void didFinishParsingLocals() { }
private:
Result WARN_UNUSED_RETURN unify(const Stack&, const ControlData&);
