[webkit-changes] [WebKit/WebKit] 6ef70e: BBQJIT should support gc and funcref opcodes

Sun, 28 May 2023 08:29:40 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 6ef70e7d7c5a168306c05061320d37496bf285e0
      
https://github.com/WebKit/WebKit/commit/6ef70e7d7c5a168306c05061320d37496bf285e0
  Author: Keith Miller <[email protected]>
  Date:   2023-05-28 (Sun, 28 May 2023)

  Changed paths:
    M JSTests/wasm/gc/array_new_fixed.js
    M JSTests/wasm/gc/i31.js
    M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
    M Source/JavaScriptCore/Sources.txt
    M Source/JavaScriptCore/runtime/Options.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
    M Source/JavaScriptCore/wasm/WasmFunctionParser.h
    M Source/JavaScriptCore/wasm/WasmLimits.h
    M Source/JavaScriptCore/wasm/WasmOperations.cpp
    M Source/JavaScriptCore/wasm/WasmOperations.h

  Log Message:
  -----------
  BBQJIT should support gc and funcref opcodes
https://bugs.webkit.org/show_bug.cgi?id=256959

Reviewed by Yusuke Suzuki.

This patch adds support for the various gc and funcref opcodes to the new BBQ 
JIT.
Most of the implementations are just translations of what the B3IRGenerator 
does.
The main difference is that for opcodes which need to make a C call, e.g. for 
allocation,
they do so by creating a `Value::fromTemp` that does not conflict with any 
parameter `Value`.
This is needed because otherwise the BBQJIT allocator gets confused between the 
existing parameters
that were not passed to the C call and the result of the C call. Also, since 
BBQJIT doesn't have a
good way to branch over a call both `ref.cast` and `ref.test` just call an 
operation.

Also, this patch fixes an issue where we weren't checking for the spec's limit 
on array.new_fixed
static argument count.

Lastly, there is a workaround for a clang bug where it crashed when compiling a 
unified source.
The workaround was to @no-unify one of the files in that bundle.

* JSTests/wasm/gc/array_new_fixed.js:
* JSTests/wasm/gc/i31.js:
(testI31Get):
* Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj:
* Source/JavaScriptCore/Sources.txt:
* Source/JavaScriptCore/runtime/Options.cpp:
(JSC::Options::notifyOptionsChanged):
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJIT::isValidValueTypeKind):
(JSC::Wasm::BBQJIT::pointerType):
(JSC::Wasm::BBQJIT::toValueKind):
(JSC::Wasm::BBQJIT::Value::fromRef):
(JSC::Wasm::BBQJIT::Value::fromTemp):
(JSC::Wasm::BBQJIT::Value::fromLocal):
(JSC::Wasm::BBQJIT::Value::pinned):
(JSC::Wasm::BBQJIT::Value::type const):
(JSC::Wasm::BBQJIT::BBQJIT):
(JSC::Wasm::BBQJIT::addTableGet):
(JSC::Wasm::BBQJIT::addTableSet):
(JSC::Wasm::BBQJIT::addTableInit):
(JSC::Wasm::BBQJIT::addTableSize):
(JSC::Wasm::BBQJIT::addTableGrow):
(JSC::Wasm::BBQJIT::addTableFill):
(JSC::Wasm::BBQJIT::addTableCopy):
(JSC::Wasm::BBQJIT::addGrowMemory):
(JSC::Wasm::BBQJIT::addMemoryFill):
(JSC::Wasm::BBQJIT::addMemoryCopy):
(JSC::Wasm::BBQJIT::addMemoryInit):
(JSC::Wasm::BBQJIT::atomicWait):
(JSC::Wasm::BBQJIT::atomicNotify):
(JSC::Wasm::BBQJIT::addI31New):
(JSC::Wasm::BBQJIT::addI31GetS):
(JSC::Wasm::BBQJIT::addI31GetU):
(JSC::Wasm::BBQJIT::getTypeDefinition):
(JSC::Wasm::BBQJIT::getArrayTypeDefinition):
(JSC::Wasm::BBQJIT::getArrayElementType):
(JSC::Wasm::BBQJIT::marshallToI64):
(JSC::Wasm::BBQJIT::addArrayNew):
(JSC::Wasm::BBQJIT::addArrayNewDefault):
(JSC::Wasm::BBQJIT::pushArrayNewFromSegment):
(JSC::Wasm::BBQJIT::addArrayNewData):
(JSC::Wasm::BBQJIT::addArrayNewElem):
(JSC::Wasm::BBQJIT::emitArraySetUnchecked):
(JSC::Wasm::BBQJIT::addArrayNewFixed):
(JSC::Wasm::BBQJIT::addArrayGet):
(JSC::Wasm::BBQJIT::addArraySet):
(JSC::Wasm::BBQJIT::addArrayLen):
(JSC::Wasm::BBQJIT::emitStructSet):
(JSC::Wasm::BBQJIT::addStructNewDefault):
(JSC::Wasm::BBQJIT::addStructNew):
(JSC::Wasm::BBQJIT::addStructGet):
(JSC::Wasm::BBQJIT::addStructSet):
(JSC::Wasm::BBQJIT::addRefTest):
(JSC::Wasm::BBQJIT::addRefCast):
(JSC::Wasm::BBQJIT::addExternInternalize):
(JSC::Wasm::BBQJIT::emitThrowOnNullReference):
(JSC::Wasm::BBQJIT::addI32Popcnt):
(JSC::Wasm::BBQJIT::addI64Popcnt):
(JSC::Wasm::BBQJIT::addRefFunc):
(JSC::Wasm::BBQJIT::toB3Type):
(JSC::Wasm::BBQJIT::emitCCall):
(JSC::Wasm::BBQJIT::addCallRef):
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseExpression):
* Source/JavaScriptCore/wasm/WasmLimits.h:
* Source/JavaScriptCore/wasm/WasmOperations.cpp:
(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/wasm/WasmOperations.h:

Canonical link: https://commits.webkit.org/264638@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to