Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: 0e2cbf8c3d8ee53e2840c3b87aa7b0adaf410865 https://github.com/WebKit/WebKit/commit/0e2cbf8c3d8ee53e2840c3b87aa7b0adaf410865 Author: Asumu Takikawa <as...@igalia.com> Date: 2023-03-09 (Thu, 09 Mar 2023)
Changed paths: A JSTests/wasm/gc/casts.js M JSTests/wasm/wasm.json M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj M Source/JavaScriptCore/Sources.txt M Source/JavaScriptCore/wasm/WasmAirIRGenerator32_64.cpp M Source/JavaScriptCore/wasm/WasmAirIRGenerator64.cpp M Source/JavaScriptCore/wasm/WasmAirIRGeneratorBase.h M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp M Source/JavaScriptCore/wasm/WasmExceptionType.h M Source/JavaScriptCore/wasm/WasmFunctionParser.h M Source/JavaScriptCore/wasm/WasmInstance.cpp M Source/JavaScriptCore/wasm/WasmLLIntBuiltin.h M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp M Source/JavaScriptCore/wasm/WasmModuleInformation.h M Source/JavaScriptCore/wasm/WasmOperations.cpp M Source/JavaScriptCore/wasm/WasmOperations.h M Source/JavaScriptCore/wasm/WasmOperationsInlines.h M Source/JavaScriptCore/wasm/WasmSectionParser.cpp M Source/JavaScriptCore/wasm/WasmSlowPaths.cpp M Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp M Source/JavaScriptCore/wasm/WasmTypeDefinition.h M Source/JavaScriptCore/wasm/WasmTypeDefinitionInlines.h M Source/JavaScriptCore/wasm/js/JSWebAssemblyArray.cpp M Source/JavaScriptCore/wasm/js/JSWebAssemblyArray.h M Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp M Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.h M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp M Source/JavaScriptCore/wasm/js/WebAssemblyFunction.h M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.cpp M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h A Source/JavaScriptCore/wasm/js/WebAssemblyGCObjectBase.cpp A Source/JavaScriptCore/wasm/js/WebAssemblyGCObjectBase.h M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp M Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.cpp M Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.h M Source/JavaScriptCore/wasm/wasm.json Log Message: ----------- [Wasm-GC] Implement cast operations https://bugs.webkit.org/show_bug.cgi?id=247399 Reviewed by Yusuke Suzuki. Implements the `ref.cast` and `ref.test` instructions. Casts are supported by associating an RTT with Wasm objects. For functions, this is done by adding a field in the base function object. For arrays and structs, a new WebAsseblyGCObjectBase class is used as the base class for both arrays and structs. The base class contains an RTT with a consistent offset for the JIT. This patch does not yet support `br_on_cast/on_cast_fail`. * JSTests/wasm/gc/casts.js: Added. (testBasicCasts): (testI31Casts): (testFunctionCasts): (testArrayCasts): (testStructCasts): (testSubtypeCasts): * JSTests/wasm/wasm.json: * Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj: * Source/JavaScriptCore/Sources.txt: * Source/JavaScriptCore/wasm/WasmAirIRGenerator32_64.cpp: (JSC::Wasm::AirIRGenerator32::emitBranchForNullReference): (JSC::Wasm::AirIRGenerator32::makeBranchNotInt32): (JSC::Wasm::AirIRGenerator32::makeBranchNotCell): * Source/JavaScriptCore/wasm/WasmAirIRGenerator64.cpp: (JSC::Wasm::AirIRGenerator64::emitBranchForNullReference): (JSC::Wasm::AirIRGenerator64::makeBranchNotInt32): (JSC::Wasm::AirIRGenerator64::makeBranchNotCell): * Source/JavaScriptCore/wasm/WasmAirIRGeneratorBase.h: (JSC::Wasm::ExpressionType>::addRefCast): (JSC::Wasm::ExpressionType>::addRefTest): (JSC::Wasm::ExpressionType>::emitRefTestOrCast): (JSC::Wasm::ExpressionType>::emitCheckOrBranchForCast): (JSC::Wasm::ExpressionType>::emitLoadRTTFromFuncref): (JSC::Wasm::ExpressionType>::emitLoadRTTFromObject): (JSC::Wasm::ExpressionType>::makeBranchNotRTTKind): * Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::B3IRGenerator::addRefTest): (JSC::Wasm::B3IRGenerator::addRefCast): (JSC::Wasm::B3IRGenerator::emitRefTestOrCast): (JSC::Wasm::B3IRGenerator::emitCheckOrBranchForCast): (JSC::Wasm::B3IRGenerator::emitLoadRTTFromFuncref): (JSC::Wasm::B3IRGenerator::emitLoadRTTFromObject): (JSC::Wasm::B3IRGenerator::emitNotRTTKind): * Source/JavaScriptCore/wasm/WasmBBQJIT.cpp: * Source/JavaScriptCore/wasm/WasmExceptionType.h: (JSC::Wasm::isTypeErrorExceptionType): * Source/JavaScriptCore/wasm/WasmFunctionParser.h: (JSC::Wasm::FunctionParser<Context>::parseExpression): (JSC::Wasm::FunctionParser<Context>::parseUnreachableExpression): * Source/JavaScriptCore/wasm/WasmInstance.cpp: (JSC::Wasm::Instance::initElementSegment): * Source/JavaScriptCore/wasm/WasmLLIntBuiltin.h: * Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp: (JSC::Wasm::LLIntGenerator::addRefTest): (JSC::Wasm::LLIntGenerator::addRefCast): * Source/JavaScriptCore/wasm/WasmModuleInformation.h: * Source/JavaScriptCore/wasm/WasmOperations.cpp: (JSC::Wasm::JSC_DEFINE_JIT_OPERATION): * Source/JavaScriptCore/wasm/WasmOperations.h: * Source/JavaScriptCore/wasm/WasmOperationsInlines.h: (JSC::Wasm::arrayNew): (JSC::Wasm::structNew): (JSC::Wasm::refCast): * Source/JavaScriptCore/wasm/WasmSectionParser.cpp: (JSC::Wasm::SectionParser::parseType): (JSC::Wasm::SectionParser::parseRecursionGroup): * Source/JavaScriptCore/wasm/WasmSlowPaths.cpp: (JSC::LLInt::WASM_SLOW_PATH_DECL): * Source/JavaScriptCore/wasm/WasmTypeDefinition.cpp: (JSC::Wasm::RTT::tryCreateRTT): (JSC::Wasm::TypeInformation::signatureForLLIntBuiltin): (JSC::Wasm::TypeInformation::TypeInformation): (JSC::Wasm::TypeInformation::canonicalRTTForType): (JSC::Wasm::TypeInformation::tryGetCanonicalRTT): (JSC::Wasm::TypeInformation::getCanonicalRTT): (): Deleted. * Source/JavaScriptCore/wasm/WasmTypeDefinition.h: (JSC::Wasm::RTT::RTT): Deleted. (JSC::Wasm::RTT::displaySize const): Deleted. (JSC::Wasm::RTT::displayEntry const): Deleted. (JSC::Wasm::RTT::setDisplayEntry): Deleted. (JSC::Wasm::RTT::allocatedRTTSize): Deleted. (JSC::Wasm::RTT::payload): Deleted. * Source/JavaScriptCore/wasm/WasmTypeDefinitionInlines.h: (JSC::Wasm::TypeInformation::getFunctionSignature): * Source/JavaScriptCore/wasm/js/JSWebAssemblyArray.cpp: (JSC::JSWebAssemblyArray::JSWebAssemblyArray): * Source/JavaScriptCore/wasm/js/JSWebAssemblyArray.h: * Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.cpp: (JSC::JSWebAssemblyStruct::JSWebAssemblyStruct): (JSC::JSWebAssemblyStruct::tryCreate): * Source/JavaScriptCore/wasm/js/JSWebAssemblyStruct.h: * Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::create): (JSC::WebAssemblyFunction::WebAssemblyFunction): * Source/JavaScriptCore/wasm/js/WebAssemblyFunction.h: * Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.cpp: (JSC::WebAssemblyFunctionBase::WebAssemblyFunctionBase): * Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h: (JSC::WebAssemblyFunctionBase::rtt const): (JSC::WebAssemblyFunctionBase::offsetOfRTT): * Source/JavaScriptCore/wasm/js/WebAssemblyGCObjectBase.cpp: Copied from Source/JavaScriptCore/wasm/WasmLLIntBuiltin.h. (JSC::WebAssemblyGCObjectBase::WebAssemblyGCObjectBase): (JSC::WebAssemblyGCObjectBase::visitChildrenImpl): (JSC::WebAssemblyGCObjectBase::finishCreation): * Source/JavaScriptCore/wasm/js/WebAssemblyGCObjectBase.h: Copied from Source/JavaScriptCore/wasm/WasmLLIntBuiltin.h. (JSC::WebAssemblyGCObjectBase::rtt): (JSC::WebAssemblyGCObjectBase::offsetOfRTT): * Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::initializeExports): * Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::WebAssemblyWrapperFunction): (JSC::WebAssemblyWrapperFunction::create): * Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.h: * Source/JavaScriptCore/wasm/wasm.json: Canonical link: https://commits.webkit.org/261445@main _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes