[webkit-changes] [WebKit/WebKit] 44fc07: Remove operationAllocateResultsArray assert

Tue, 01 Nov 2022 19:07:18 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 44fc0790939c6c19503d64497f1c4af907b77fff
      
https://github.com/WebKit/WebKit/commit/44fc0790939c6c19503d64497f1c4af907b77fff
  Author: Justin Michaud <[email protected]>
  Date:   2022-11-01 (Tue, 01 Nov 2022)

  Changed paths:
    A JSTests/wasm/stress/f32-tuple-jsapi-exported.js
    A JSTests/wasm/stress/f32-tuple-jsapi.js
    M Source/JavaScriptCore/wasm/WasmOperations.cpp
    M Source/JavaScriptCore/wasm/js/JSToWasm.cpp
    M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp

  Log Message:
  -----------
  Remove operationAllocateResultsArray assert
https://bugs.webkit.org/show_bug.cgi?id=247338

Reviewed by Yusuke Suzuki.

Suppose we are inside a WASM function that returns a tuple to JS. At the
boundary (in marshallJSResult), we call operationAllocateResultsArray to
allocate the JSArray that represents this WASM tuple. When we put a NaN
in the result tuple array, our indexing type changes from Double to Contiguous
because NaN is used to store holes in Double mode.

This assertion checked that our indexing mode did not change from our initially
chosen one, but this assumption is not used by later jit code. Hence, this was
probably just added to make sure we picked the optimal indexing type first.

We remove the assertion and add a test.

* JSTests/wasm/stress/f32-tuple-jsapi-exported.js: Added.
(from.string_appeared_here.import.as.assert.from.string_appeared_here.let.wat.module.func.export.string_appeared_here.result.f32.f32.return.f32.const.nan.0x100000.f32.const.nan.0x100000.async
 test):
* JSTests/wasm/stress/f32-tuple-jsapi.js: Added.
(from.string_appeared_here.import.as.assert.from.string_appeared_here.let.wat.module.func.f.result.f32.f32.return.f32.const.nan.0x100000.f32.const.nan.0x100000.func.export.string_appeared_here.result.f32.f32.return.call.f.async
 test):
* Source/JavaScriptCore/wasm/WasmOperations.cpp:
(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/wasm/js/JSToWasm.cpp:
(JSC::Wasm::marshallJSResult):
* Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp:
(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

Canonical link: https://commits.webkit.org/256210@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to