Context Navigation

← Previous Changeset
Next Changeset →

Changeset 207453 in webkit

Timestamp:

Oct 17, 2016 7:02:48 PM (8 years ago)

Author:

keith_miller@apple.com

Message:

Add support for WASM Memory.
https://bugs.webkit.org/show_bug.cgi?id=161710

Reviewed by Geoffrey Garen.

JSTests:

Add store and load opcodes to wasm.json. Additionally, add new
enums for those opcodes in the generator.

stress/wasm/generate-wasmops-header.js:

(const.template.pragma.once.ENABLE.WEBASSEMBLY.include.cstdint.namespace.JSC.namespace.WASM.enum.LoadOpType):
(const.template.pragma.once.ENABLE.WEBASSEMBLY.include.cstdint.namespace.JSC.namespace.WASM.enum.StoreOpType):

Source/JavaScriptCore:

This patch add initial support for WASM memory operations. First,
it adds the concept of a WASM Module memory management object.
This object currently mmaps a 32-bit address space for WASM use,
although it marks all the memory outside the current breakpoint as
PROT_NONE. For now, we do a range check on each store and load. In
the future, we should change this to be an signal handler that
checks what module the program trapped in.

Additionally, this patch changes the way that our temporary tests
call into WASM code. There is now a true "thunk" that relocates
arguments and calls into WASM. This thunk does not tail call
because we use pinned values to memory base-pointer and
size. We use the new B3 pinned register api to pin the values.

CMakeLists.txt:
Configurations/ToolExecutable.xcconfig:
JavaScriptCore.xcodeproj/project.pbxproj:
testWASM.cpp:

(runWASMTests):
(main):

wasm/WASMB3IRGenerator.cpp:

(JSC::WASM::createJSWrapper):
(JSC::WASM::parseAndCompile):

wasm/WASMB3IRGenerator.h:
wasm/WASMCallingConvention.h:

(JSC::WASM::CallingConvention::iterate):
(JSC::WASM::CallingConvention::setupCall):
(JSC::WASM::nextJSCOffset):

wasm/WASMFormat.h:
wasm/WASMFunctionParser.h:

(JSC::WASM::FunctionParser<Context>::parseExpression):

wasm/WASMMemory.cpp: Copied from Source/JavaScriptCore/wasm/WASMPlan.cpp.

(JSC::WASM::Memory::Memory):

wasm/WASMMemory.h: Copied from Source/JavaScriptCore/wasm/WASMModuleParser.h.

(JSC::WASM::Memory::~Memory):
(JSC::WASM::Memory::memory):
(JSC::WASM::Memory::size):
(JSC::WASM::Memory::pinnedRegisters):
(JSC::WASM::Memory::mode):
(JSC::WASM::Memory::growMemory):
(JSC::WASM::Memory::offsetOfSize):

wasm/WASMModuleParser.cpp:

(JSC::WASM::ModuleParser::parse):
(JSC::WASM::ModuleParser::parseMemory):

wasm/WASMModuleParser.h:

(JSC::WASM::ModuleParser::functionInformation):
(JSC::WASM::ModuleParser::memory):

wasm/WASMOps.h:
wasm/WASMPlan.cpp:

(JSC::WASM::Plan::Plan):

wasm/WASMPlan.h:
wasm/WASMSections.h:

Location:

trunk

Files:

: 2 added
: 18 edited

JSTests/ChangeLog (modified) (1 diff)
JSTests/wasm/generate-wasmops-header.js (modified) (3 diffs)
Source/JavaScriptCore/CMakeLists.txt (modified) (1 diff)
Source/JavaScriptCore/ChangeLog (modified) (1 diff)
Source/JavaScriptCore/Configurations/ToolExecutable.xcconfig (modified) (1 diff)
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (modified) (5 diffs)
Source/JavaScriptCore/testWASM.cpp (modified) (14 diffs)
Source/JavaScriptCore/wasm/WASMB3IRGenerator.cpp (modified) (8 diffs)
Source/JavaScriptCore/wasm/WASMB3IRGenerator.h (modified) (1 diff)
Source/JavaScriptCore/wasm/WASMCallingConvention.h (modified) (4 diffs)
Source/JavaScriptCore/wasm/WASMFormat.h (modified) (2 diffs)
Source/JavaScriptCore/wasm/WASMFunctionParser.h (modified) (1 diff)
Source/JavaScriptCore/wasm/WASMMemory.cpp (added)
Source/JavaScriptCore/wasm/WASMMemory.h (added)
Source/JavaScriptCore/wasm/WASMModuleParser.cpp (modified) (4 diffs)
Source/JavaScriptCore/wasm/WASMModuleParser.h (modified) (2 diffs)
Source/JavaScriptCore/wasm/WASMOps.h (modified) (3 diffs)
Source/JavaScriptCore/wasm/WASMPlan.cpp (modified) (2 diffs)
Source/JavaScriptCore/wasm/WASMPlan.h (modified) (2 diffs)
Source/JavaScriptCore/wasm/WASMSections.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/JSTests/ChangeLog

-                      r207433
+                      r207453
+-10-17  Keith Miller  <keith_miller@apple.com>
+        Add support for WASM Memory.
+        https://bugs.webkit.org/show_bug.cgi?id=161710
+        Reviewed by Geoffrey Garen.
+        Add store and load opcodes to wasm.json. Additionally, add new
+        enums for those opcodes in the generator.
+        * stress/wasm/generate-wasmops-header.js:
+        (const.template.pragma.once.ENABLE.WEBASSEMBLY.include.cstdint.namespace.JSC.namespace.WASM.enum.LoadOpType):
+        (const.template.pragma.once.ENABLE.WEBASSEMBLY.include.cstdint.namespace.JSC.namespace.WASM.enum.StoreOpType):
 -10-17  Saam Barati  <sbarati@apple.com>

trunk/JSTests/wasm/generate-wasmops-header.js

-                      r207363
+                      r207453
     "\n\n#define FOR_EACH_WASM_BINARY_OP(macro)",
     ...opcodeMacroizer(op => (op.category === "arithmetic" || op.category === "comparison") && op.parameter.length === 2),
+    "\n\n#define FOR_EACH_WASM_MEMORY_LOAD_OP(macro)",
+    ...opcodeMacroizer(op => (op.category === "memory" && op.return.length === 1)),
+    "\n\n#define FOR_EACH_WASM_MEMORY_STORE_OP(macro)",
+    ...opcodeMacroizer(op => (op.category === "memory" && op.return.length === 0)),
     "\n\n"].join("");
 …
     FOR_EACH_WASM_CONTROL_FLOW_OP(macro) \\
     FOR_EACH_WASM_UNARY_OP(macro) \\
+    FOR_EACH_WASM_BINARY_OP(macro)
+    FOR_EACH_WASM_BINARY_OP(macro) \\
+    FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \\
+    FOR_EACH_WASM_MEMORY_STORE_OP(macro)
 #define CREATE_ENUM_VALUE(name, id, b3op) name = id,
 …
 };
+enum class LoadOpType : uint8_t {
+    FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_ENUM_VALUE)
+};
+enum class StoreOpType : uint8_t {
+    FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_ENUM_VALUE)
+};
 #undef CREATE_ENUM_VALUE

trunk/Source/JavaScriptCore/CMakeLists.txt

r207434	r207453
864	864	wasm/WASMB3IRGenerator.cpp
865	865	wasm/WASMCallingConvention.cpp
	866	wasm/WASMMemory.cpp
866	867	wasm/WASMModuleParser.cpp
867	868	wasm/WASMPlan.cpp

trunk/Source/JavaScriptCore/ChangeLog

-                      r207444
+                      r207453
+-10-17  Keith Miller  <keith_miller@apple.com>
+        Add support for WASM Memory.
+        https://bugs.webkit.org/show_bug.cgi?id=161710
+        Reviewed by Geoffrey Garen.
+        This patch add initial support for WASM memory operations. First,
+        it adds the concept of a WASM Module memory management object.
+        This object currently mmaps a 32-bit address space for WASM use,
+        although it marks all the memory outside the current breakpoint as
+        PROT_NONE. For now, we do a range check on each store and load. In
+        the future, we should change this to be an signal handler that
+        checks what module the program trapped in.
+        Additionally, this patch changes the way that our temporary tests
+        call into WASM code. There is now a true "thunk" that relocates
+        arguments and calls into WASM. This thunk does not tail call
+        because we use pinned values to memory base-pointer and
+        size. We use the new B3 pinned register api to pin the values.
+        * CMakeLists.txt:
+        * Configurations/ToolExecutable.xcconfig:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * testWASM.cpp:
+        (runWASMTests):
+        (main):
+        * wasm/WASMB3IRGenerator.cpp:
+        (JSC::WASM::createJSWrapper):
+        (JSC::WASM::parseAndCompile):
+        * wasm/WASMB3IRGenerator.h:
+        * wasm/WASMCallingConvention.h:
+        (JSC::WASM::CallingConvention::iterate):
+        (JSC::WASM::CallingConvention::setupCall):
+        (JSC::WASM::nextJSCOffset):
+        * wasm/WASMFormat.h:
+        * wasm/WASMFunctionParser.h:
+        (JSC::WASM::FunctionParser<Context>::parseExpression):
+        * wasm/WASMMemory.cpp: Copied from Source/JavaScriptCore/wasm/WASMPlan.cpp.
+        (JSC::WASM::Memory::Memory):
+        * wasm/WASMMemory.h: Copied from Source/JavaScriptCore/wasm/WASMModuleParser.h.
+        (JSC::WASM::Memory::~Memory):
+        (JSC::WASM::Memory::memory):
+        (JSC::WASM::Memory::size):
+        (JSC::WASM::Memory::pinnedRegisters):
+        (JSC::WASM::Memory::mode):
+        (JSC::WASM::Memory::growMemory):
+        (JSC::WASM::Memory::offsetOfSize):
+        * wasm/WASMModuleParser.cpp:
+        (JSC::WASM::ModuleParser::parse):
+        (JSC::WASM::ModuleParser::parseMemory):
+        * wasm/WASMModuleParser.h:
+        (JSC::WASM::ModuleParser::functionInformation):
+        (JSC::WASM::ModuleParser::memory):
+        * wasm/WASMOps.h:
+        * wasm/WASMPlan.cpp:
+        (JSC::WASM::Plan::Plan):
+        * wasm/WASMPlan.h:
+        * wasm/WASMSections.h:
 -10-17  Joseph Pecoraro  <pecoraro@apple.com>

trunk/Source/JavaScriptCore/Configurations/ToolExecutable.xcconfig

r202287	r207453
32	32	CODE_SIGN_ENTITLEMENTS_ios_testapi = entitlements.plist;
33	33	CODE_SIGN_ENTITLEMENTS_ios_testb3 = entitlements.plist;
	34	CODE_SIGN_ENTITLEMENTS_ios_testWASM = entitlements.plist;
34	35	CODE_SIGN_ENTITLEMENTS_ios_testRegExp = entitlements.plist;
35	36

trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

-                      r207434
+                      r207453
 C457E1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 534C457D1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp */; };
 A4C1C457B75000B49C6 /* APIUtils.h in Headers */ = {isa = PBXBuildFile; fileRef = 53529A4B1C457B75000B49C6 /* APIUtils.h */; };
+                535557141D9D9EA5006D583B /* WASMMemory.h in Headers */ = {isa = PBXBuildFile; fileRef = 535557131D9D9EA5006D583B /* WASMMemory.h */; };
+                535557161D9DFA32006D583B /* WASMMemory.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 535557151D9DFA32006D583B /* WASMMemory.cpp */; };
 B4F51BF26202005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5370B4F31BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp */; };
 B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers */ = {isa = PBXBuildFile; fileRef = 5370B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */; };
 …
 C457D1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSTypedArrayViewConstructor.cpp; sourceTree = "<group>"; };
 A4B1C457B75000B49C6 /* APIUtils.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APIUtils.h; sourceTree = "<group>"; };
+                535557131D9D9EA5006D583B /* WASMMemory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WASMMemory.h; sourceTree = "<group>"; };
+                535557151D9DFA32006D583B /* WASMMemory.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WASMMemory.cpp; sourceTree = "<group>"; };
 B4F31BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AdaptiveInferredPropertyValueWatchpointBase.cpp; sourceTree = "<group>"; };
 B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AdaptiveInferredPropertyValueWatchpointBase.h; sourceTree = "<group>"; };
 …
 BC547D21B69599B00959B58 /* WASMFormat.h */,
 F40E8A1D5901BB0099A1B6 /* WASMFunctionParser.h */,
+                                535557151D9DFA32006D583B /* WASMMemory.cpp */,
+                                535557131D9D9EA5006D583B /* WASMMemory.h */,
 F40E961D5A7BEC0099A1B6 /* WASMModuleParser.cpp */,
 F40E941D5A7AEF0099A1B6 /* WASMModuleParser.h */,
 …
                                 1478297B1379E8A800A7C2A3 /* HandleTypes.h in Headers */,
 F10F1A31C420BF0001C07D2 /* AirCustom.h in Headers */,
+                                535557141D9D9EA5006D583B /* WASMMemory.h in Headers */,
 BA7A9813AADFF8005B7C2C /* Heap.h in Headers */,
 F32BD111BB34F190093A57F /* HeapHelperPool.h in Headers */,
 …
 FD3C82614115D4000FD81CB /* DFGDriver.cpp in Sources */,
 FF0F19E16B72A0B005DF95B /* DFGEdge.cpp in Sources */,
+                                535557161D9DFA32006D583B /* WASMMemory.cpp in Sources */,
 F8F14331ADF090100ED792C /* DFGEpoch.cpp in Sources */,
 FBC0AE71496C7C400D4FBDD /* DFGExitProfile.cpp in Sources */,

trunk/Source/JavaScriptCore/testWASM.cpp

-                      r206110
+                      r207453
 #include "ProtoCallFrame.h"
 #include "VM.h"
+#include "WASMMemory.h"
 #include "WASMPlan.h"
 #include <wtf/DataLog.h>
 #include <wtf/LEBDecoder.h>
 …
+    {
         // Generated from:
+        //    (module
+        //     (func (export "dumb-eq") (param $x i32) (param $y i32) (result i32)
+        // (module
+        //  (memory 1)
+        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //   (i64.store (get_local $ptr) (get_local $i))
+        //   (return (i64.load (get_local $ptr)))
+        //   )
+        //  )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x02, 0x01, 0x01, 0x02, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x34, 0x03, 0x00, 0x14,
+x01, 0x2b, 0x03, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+    }
+    {
+        // Generated from:
+        // (module
+        //  (memory 1)
+        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //   (i32.store (get_local $ptr) (get_local $i))
+        //   (return (i32.load (get_local $ptr)))
+        //   )
+        //  )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x33, 0x02, 0x00, 0x14,
+x01, 0x2a, 0x02, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
+        //      (set_local $i (i32.const 0))
+        //      (block
+        //       (loop
+        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
+        //        (i32.store (i32.add (get_local $p) (i32.mul (get_local $i) (i32.const 4))) (get_local $x))
+        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
+        //        (br 0)
+        //        )
+        //       )
+        //      (return)
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
+x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xb2, 0x80, 0x80, 0x80,
+x00, 0x01, 0xac, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
+x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x10, 0x04, 0x42,
+x40, 0x14, 0x00, 0x33, 0x02, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f,
+x0f, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        unsigned length = 5;
+        unsigned offset = sizeof(uint32_t);
+        uint32_t* memory = static_cast<uint32_t*>(plan.memory->memory());
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
+        offset /= sizeof(uint32_t);
+        CHECK_EQ(memory[offset - 1], 0u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 100u);
+        length = 10;
+        offset = 5 * sizeof(uint32_t);
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
+        offset /= sizeof(uint32_t);
+        CHECK_EQ(memory[offset - 1], 100u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 5u);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
+        //      (set_local $i (i32.const 0))
+        //      (block
+        //       (loop
+        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
+        //        (i32.store8 (i32.add (get_local $p) (get_local $i)) (get_local $x))
+        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
+        //        (br 0)
+        //        )
+        //       )
+        //      (return)
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
+x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xaf, 0x80, 0x80, 0x80,
+x00, 0x01, 0xa9, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
+x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x40, 0x14, 0x00,
+x2e, 0x00, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f, 0x0f, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        unsigned length = 5;
+        unsigned offset = 1;
+        uint8_t* memory = static_cast<uint8_t*>(plan.memory->memory());
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
+        CHECK_EQ(memory[offset - 1], 0u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 100u);
+        length = 10;
+        offset = 5;
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
+        CHECK_EQ(memory[offset - 1], 100u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 5u);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //      (i32.store8 (get_local $ptr) (get_local $i))
+        //      (return (i32.load8_s (get_local $ptr)))
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x14,
+x01, 0x20, 0x00, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "i32_load8_s") (param $i i32) (result i32)
+        //      (i32.store8 (i32.const 8) (get_local $i))
+        //      (return (i32.load8_s (i32.const 8)))
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x86, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80, 0x80,
+x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33, 0x32,
+x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80, 0x00,
+x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x10, 0x08, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x10, 0x08,
+x20, 0x00, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
+    }
+    {
+        // Generated from:
+        // (module
+        //  (memory 1)
+        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //   (i32.store (get_local $ptr) (get_local $i))
+        //   (return (i32.load (get_local $ptr)))
+        //   )
+        //  )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x02, 0x01, 0x01, 0x02, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x34, 0x03, 0x00, 0x14,
+x01, 0x2b, 0x03, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(-12), box(plan.memory->size() - sizeof(uint64_t)) }), -12);
+    }
+    {
+        // Generated from:
+        // (module
+        //  (memory 1)
+        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //   (i32.store (get_local $ptr) (get_local $i))
+        //   (return (i32.load (get_local $ptr)))
+        //   )
+        //  )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x33, 0x02, 0x00, 0x14,
+x01, 0x2a, 0x02, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
+        //      (set_local $i (i32.const 0))
+        //      (block
+        //       (loop
+        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
+        //        (i32.store (i32.add (get_local $p) (i32.mul (get_local $i) (i32.const 4))) (get_local $x))
+        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
+        //        (br 0)
+        //        )
+        //       )
+        //      (return)
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
+x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xb2, 0x80, 0x80, 0x80,
+x00, 0x01, 0xac, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
+x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x10, 0x04, 0x42,
+x40, 0x14, 0x00, 0x33, 0x02, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f,
+x0f, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        unsigned length = 5;
+        unsigned offset = sizeof(uint32_t);
+        uint32_t* memory = static_cast<uint32_t*>(plan.memory->memory());
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
+        offset /= sizeof(uint32_t);
+        CHECK_EQ(memory[offset - 1], 0u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 100u);
+        length = 10;
+        offset = 5 * sizeof(uint32_t);
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
+        offset /= sizeof(uint32_t);
+        CHECK_EQ(memory[offset - 1], 100u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 5u);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
+        //      (set_local $i (i32.const 0))
+        //      (block
+        //       (loop
+        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
+        //        (i32.store8 (i32.add (get_local $p) (get_local $i)) (get_local $x))
+        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
+        //        (br 0)
+        //        )
+        //       )
+        //      (return)
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
+x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xaf, 0x80, 0x80, 0x80,
+x00, 0x01, 0xa9, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
+x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x40, 0x14, 0x00,
+x2e, 0x00, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f, 0x0f, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        unsigned length = 5;
+        unsigned offset = 1;
+        uint8_t* memory = static_cast<uint8_t*>(plan.memory->memory());
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
+        CHECK_EQ(memory[offset - 1], 0u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 100u);
+        length = 10;
+        offset = 5;
+        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
+        CHECK_EQ(memory[offset - 1], 100u);
+        CHECK_EQ(memory[offset + length], 0u);
+        for (unsigned i = 0; i < length; ++i)
+            CHECK_EQ(memory[i + offset], 5u);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
+        //      (i32.store8 (get_local $ptr) (get_local $i))
+        //      (return (i32.load8_s (get_local $ptr)))
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
+x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
+x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
+x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x14,
+x01, 0x20, 0x00, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        ASSERT(plan.memory->size());
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (memory 1)
+        //     (func (export "i32_load8_s") (param $i i32) (result i32)
+        //      (i32.store8 (i32.const 8) (get_local $i))
+        //      (return (i32.load8_s (i32.const 8)))
+        //      )
+        //     )
+        Vector<uint8_t> vector = {
+x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x86, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
+x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80, 0x80,
+x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33, 0x32,
+x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80, 0x00,
+x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x10, 0x08, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x10, 0x08,
+x20, 0x00, 0x00, 0x09, 0x0f
+        };
+        Plan plan(*vm, vector);
+        if (plan.result.size() != 1 || !plan.result[0]) {
+            dataLogLn("Module failed to compile correctly.");
+            CRASH();
+        }
+        // Test this doesn't crash.
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 100);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
+    }
+    {
+        // Generated from:
+        //    (module
+        //     (func "dumb-eq" (param $x i32) (param $y i32) (result i32)
         //      (if (i32.eq (get_local $x) (get_local $y))
         //       (then (br 0))
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0), box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(0) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(2) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(2) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(6) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(6) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 1);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0), box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(0) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(2) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(2) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(6) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(6) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 0);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { }), 5);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 5);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { }), 11);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { }), 11);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { }), 11);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0), box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(1) }), 101);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(-1), box(1)}), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(std::numeric_limits<int>::max()), box(1) }), std::numeric_limits<int>::min());
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(1) }), 101);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(-1), box(1)}), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(std::numeric_limits<int>::max()), box(1) }), std::numeric_limits<int>::min());
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(10) }), 10);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(10) }), 10);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2)}), 3);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100) }), 5050);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2)}), 3);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 5050);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(0) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(1) }), 2);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(2) }), 2);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(2) }), 4);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(6) }), 12);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(6) }), 600);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(100) }), 10000);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 2);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 2);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 4);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 12);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 600);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(100) }), 10000);
+    }
 …
         // Test this doesn't crash.
         CHECK_EQ(invoke<int>(*plan.result[0], { box(0), box(1) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(0) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(2) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(2) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(1), box(1) }), 0);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(2), box(6) }), 1);
         CHECK_EQ(invoke<int>(*plan.result[0], { box(100), box(6) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
+        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 0);
+    }
 …
     if (options.m_runLEBTests)
         runLEBTests();
     if (options.m_runWASMTests) {

trunk/Source/JavaScriptCore/wasm/WASMB3IRGenerator.cpp

-                      r206110
+                      r207453
 #include "B3BasicBlockInlines.h"
+#include "B3ConstPtrValue.h"
 #include "B3FixSSA.h"
+#include "B3StackmapGenerationParams.h"
 #include "B3Validate.h"
 #include "B3ValueInlines.h"
 #include "B3Variable.h"
 #include "B3VariableValue.h"
+#include "B3WasmAddressValue.h"
+#include "B3WasmBoundsCheckValue.h"
 #include "VirtualRegister.h"
 #include "WASMCallingConvention.h"
 #include "WASMFunctionParser.h"
+#include "WASMMemory.h"
 #include <wtf/Optional.h>
 …
     static constexpr ExpressionType emptyExpression = nullptr;
     B3IRGenerator(Procedure&);
+    B3IRGenerator(Memory*, Procedure&);
     void addArguments(const Vector<Type>&);
 …
     ExpressionType addConstant(Type, uint64_t);
+    // Locals
     bool WARN_UNUSED_RETURN getLocal(uint32_t index, ExpressionType& result);
     bool WARN_UNUSED_RETURN setLocal(uint32_t index, ExpressionType value);
+    // Memory
+    bool WARN_UNUSED_RETURN load(LoadOpType, ExpressionType pointer, ExpressionType& result, uint32_t offset);
+    bool WARN_UNUSED_RETURN store(StoreOpType, ExpressionType pointer, ExpressionType value, uint32_t offset);
+    // Basic operators
     bool WARN_UNUSED_RETURN binaryOp(BinaryOpType, ExpressionType left, ExpressionType right, ExpressionType& result);
     bool WARN_UNUSED_RETURN unaryOp(UnaryOpType, ExpressionType arg, ExpressionType& result);
+    // Control flow
     ControlData WARN_UNUSED_RETURN addBlock(Type signature);
     ControlData WARN_UNUSED_RETURN addLoop(Type signature);
 …
 private:
+    ExpressionType emitCheckAndPreparePointer(ExpressionType pointer, uint32_t offset, uint32_t sizeOfOp);
+    ExpressionType emitLoadOp(LoadOpType, Origin, ExpressionType pointer, uint32_t offset);
+    void emitStoreOp(StoreOpType, Origin, ExpressionType pointer, ExpressionType value, uint32_t offset);
     void unify(Variable* target, const ExpressionType source);
     void unifyValuesWithBlock(const ExpressionList& resultStack, ResultList& stack);
+    Memory* m_memory;
     Procedure& m_proc;
     BasicBlock* m_currentBlock;
     Vector<Variable*> m_locals;
+    GPRReg m_memoryBaseGPR;
+    GPRReg m_memorySizeGPR;
 };
+B3IRGenerator::B3IRGenerator(Procedure& procedure)
+    : m_proc(procedure)
+B3IRGenerator::B3IRGenerator(Memory* memory, Procedure& procedure)
+    : m_memory(memory)
+    , m_proc(procedure)
+{
     m_currentBlock = m_proc.addBlock();
+    if (m_memory) {
+        m_memoryBaseGPR = m_memory->pinnedRegisters().baseMemoryPointer;
+        m_proc.pinRegister(m_memoryBaseGPR);
+        ASSERT(!m_memory->pinnedRegisters().sizeRegisters[0].sizeOffset);
+        m_memorySizeGPR = m_memory->pinnedRegisters().sizeRegisters[0].sizeRegister;
+        for (const PinnedSizeRegisterInfo& info : m_memory->pinnedRegisters().sizeRegisters)
+            m_proc.pinRegister(info.sizeRegister);
+    }
+    m_proc.setWasmBoundsCheckGenerator([=] (CCallHelpers& jit, GPRReg pinnedGPR, unsigned) {
+        ASSERT_UNUSED(pinnedGPR, m_memorySizeGPR == pinnedGPR);
+        // FIXME: This should unwind the stack and throw a JS exception. See: https://bugs.webkit.org/show_bug.cgi?id=163351
+        jit.breakpoint();
+    });
+}
 …
+}
 bool WARN_UNUSED_RETURN B3IRGenerator::getLocal(uint32_t index, ExpressionType& result)
+bool B3IRGenerator::getLocal(uint32_t index, ExpressionType& result)
+{
     ASSERT(m_locals[index]);
 …
+}
 bool WARN_UNUSED_RETURN B3IRGenerator::setLocal(uint32_t index, ExpressionType value)
+bool B3IRGenerator::setLocal(uint32_t index, ExpressionType value)
+{
     ASSERT(m_locals[index]);
     m_currentBlock->appendNew<VariableValue>(m_proc, B3::Set, Origin(), m_locals[index], value);
+    return true;
+}
+inline Value* B3IRGenerator::emitCheckAndPreparePointer(ExpressionType pointer, uint32_t offset, uint32_t sizeOfOperation)
+{
+    ASSERT(m_memoryBaseGPR && m_memorySizeGPR);
+    ASSERT(sizeOfOperation + offset > offset);
+    m_currentBlock->appendNew<WasmBoundsCheckValue>(m_proc, Origin(), pointer, m_memorySizeGPR, sizeOfOperation + offset - 1);
+    pointer = m_currentBlock->appendNew<Value>(m_proc, ZExt32, Origin(), pointer);
+    return m_currentBlock->appendNew<WasmAddressValue>(m_proc, Origin(), pointer, m_memoryBaseGPR);
+}
+inline uint32_t sizeOfLoadOp(LoadOpType op)
+{
+    switch (op) {
+    case LoadOpType::I32Load8S:
+    case LoadOpType::I32Load8U:
+    case LoadOpType::I64Load8S:
+    case LoadOpType::I64Load8U:
+        return 1;
+    case LoadOpType::I32Load16S:
+    case LoadOpType::I64Load16S:
+        return 2;
+    case LoadOpType::I32Load:
+    case LoadOpType::I64Load32S:
+    case LoadOpType::I64Load32U:
+        return 4;
+    case LoadOpType::I64Load:
+        return 8;
+    case LoadOpType::I32Load16U:
+    case LoadOpType::I64Load16U:
+    case LoadOpType::F32Load:
+    case LoadOpType::F64Load:
+        break;
+    }
+    RELEASE_ASSERT_NOT_REACHED();
+}
+inline Value* B3IRGenerator::emitLoadOp(LoadOpType op, Origin origin, ExpressionType pointer, uint32_t offset)
+{
+    switch (op) {
+    case LoadOpType::I32Load8S: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load8S, origin, pointer, offset);
+    }
+    case LoadOpType::I64Load8S: {
+        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load8S, origin, pointer, offset);
+        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
+    }
+    case LoadOpType::I32Load8U: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load8Z, origin, pointer, offset);
+    }
+    case LoadOpType::I64Load8U: {
+        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load8Z, origin, pointer, offset);
+        return m_currentBlock->appendNew<Value>(m_proc, ZExt32, origin, value);
+    }
+    case LoadOpType::I32Load16S: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load16S, origin, pointer, offset);
+    }
+    case LoadOpType::I64Load16S: {
+        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load16S, origin, pointer, offset);
+        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
+    }
+    case LoadOpType::I32Load: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
+    }
+    case LoadOpType::I64Load32U: {
+        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
+        return m_currentBlock->appendNew<Value>(m_proc, ZExt32, origin, value);
+    }
+    case LoadOpType::I64Load32S: {
+        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
+        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
+    }
+    case LoadOpType::I64Load: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin, pointer);
+    }
+    case LoadOpType::F32Load: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Float, origin, pointer);
+    }
+    case LoadOpType::F64Load: {
+        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Double, origin, pointer);
+    }
+    // B3 doesn't support Load16Z yet.
+    case LoadOpType::I32Load16U:
+    case LoadOpType::I64Load16U:
+        break;
+    }
+    RELEASE_ASSERT_NOT_REACHED();
+}
+bool B3IRGenerator::load(LoadOpType op, ExpressionType pointer, ExpressionType& result, uint32_t offset)
+{
+    ASSERT(pointer->type() == Int32);
+    result = emitLoadOp(op, Origin(), emitCheckAndPreparePointer(pointer, offset, sizeOfLoadOp(op)), offset);
+    return true;
+}
+inline uint32_t sizeOfStoreOp(StoreOpType op)
+{
+    switch (op) {
+    case StoreOpType::I32Store8:
+    case StoreOpType::I64Store8:
+        return 1;
+    case StoreOpType::I32Store16:
+    case StoreOpType::I64Store16:
+        return 2;
+    case StoreOpType::I32Store:
+    case StoreOpType::I64Store32:
+    case StoreOpType::F32Store:
+        return 4;
+    case StoreOpType::I64Store:
+    case StoreOpType::F64Store:
+        return 8;
+    }
+    RELEASE_ASSERT_NOT_REACHED();
+}
+inline void B3IRGenerator::emitStoreOp(StoreOpType op, Origin origin, ExpressionType pointer, ExpressionType value, uint32_t offset)
+{
+    switch (op) {
+    case StoreOpType::I64Store8:
+        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
+        FALLTHROUGH;
+    case StoreOpType::I32Store8:
+        m_currentBlock->appendNew<MemoryValue>(m_proc, Store8, origin, value, pointer, offset);
+        return;
+    case StoreOpType::I64Store16:
+        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
+        FALLTHROUGH;
+    case StoreOpType::I32Store16:
+        m_currentBlock->appendNew<MemoryValue>(m_proc, Store16, origin, value, pointer, offset);
+        return;
+    case StoreOpType::I64Store32:
+        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
+        FALLTHROUGH;
+    case StoreOpType::I64Store:
+    case StoreOpType::I32Store:
+    case StoreOpType::F32Store:
+    case StoreOpType::F64Store:
+        m_currentBlock->appendNew<MemoryValue>(m_proc, Store, origin, value, pointer, offset);
+        return;
+    }
+    RELEASE_ASSERT_NOT_REACHED();
+}
+bool B3IRGenerator::store(StoreOpType op, ExpressionType pointer, ExpressionType value, uint32_t offset)
+{
+    ASSERT(pointer->type() == Int32);
+    emitStoreOp(op, Origin(), emitCheckAndPreparePointer(pointer, offset, sizeOfStoreOp(op)), value, offset);
     return true;
+}
 …
 } // anonymous namespace
+std::unique_ptr<Compilation> parseAndCompile(VM& vm, Vector<uint8_t>& source, FunctionInformation info, unsigned optLevel)
+static std::unique_ptr<Compilation> createJSWrapper(VM& vm, const Signature* signature, MacroAssemblerCodePtr mainFunction, Memory* memory)
+{
+    Procedure proc;
+    BasicBlock* block = proc.addBlock();
+    // Check argument count is sane.
+    Value* framePointer = block->appendNew<B3::Value>(proc, B3::FramePointer, Origin());
+    Value* offSetOfArgumentCount = block->appendNew<Const64Value>(proc, Origin(), CallFrameSlot::argumentCount * sizeof(Register));
+    Value* argumentCount = block->appendNew<MemoryValue>(proc, Load, Int32, Origin(),
+        block->appendNew<Value>(proc, Add, Origin(), framePointer, offSetOfArgumentCount));
+    Value* expectedArgumentCount = block->appendNew<Const32Value>(proc, Origin(), signature->arguments.size());
+    CheckValue* argumentCountCheck = block->appendNew<CheckValue>(proc, Check, Origin(),
+        block->appendNew<Value>(proc, Above, Origin(), expectedArgumentCount, argumentCount));
+    argumentCountCheck->setGenerator([] (CCallHelpers& jit, const StackmapGenerationParams&) {
+        jit.breakpoint();
+    });
+    // Move memory values to the approriate places, if needed.
+    Value* baseMemory = nullptr;
+    Vector<Value*> sizes;
+    if (memory) {
+        baseMemory = block->appendNew<ConstPtrValue>(proc, Origin(), memory->memory());
+        Value* size = block->appendNew<MemoryValue>(proc, Load, Int32, Origin(),
+            block->appendNew<ConstPtrValue>(proc, Origin(), bitwise_cast<char*>(memory) + Memory::offsetOfSize()));
+        sizes.reserveCapacity(memory->pinnedRegisters().sizeRegisters.size());
+        for (auto info : memory->pinnedRegisters().sizeRegisters) {
+            sizes.append(block->appendNew<Value>(proc, Sub, Origin(), size,
+                block->appendNew<Const32Value>(proc, Origin(), info.sizeOffset)));
+        }
+    }
+    // Get our arguments.
+    Vector<Value*> arguments;
+    jscCallingConvention().iterate(signature->arguments, proc, block, Origin(), [&] (Value* argument, unsigned) {
+        arguments.append(argument);
+    });
+    // Move the arguments into place.
+    Value* result = jscCallingConvention().setupCall(proc, block, Origin(), mainFunction, arguments, toB3Type(signature->returnType), [&] (PatchpointValue* patchpoint) {
+        if (memory) {
+            ASSERT(sizes.size() == memory->pinnedRegisters().sizeRegisters.size());
+            patchpoint->append(ConstrainedValue(baseMemory, ValueRep::reg(memory->pinnedRegisters().baseMemoryPointer)));
+            for (unsigned i = 0; i < sizes.size(); ++i)
+                patchpoint->append(ConstrainedValue(sizes[i], ValueRep::reg(memory->pinnedRegisters().sizeRegisters[i].sizeRegister)));
+        }
+    });
+    // Return the result, if needed.
+    if (signature->returnType != Void)
+        block->appendNewControlValue(proc, B3::Return, Origin(), result);
+    else
+        block->appendNewControlValue(proc, B3::Return, Origin());
+    return std::make_unique<Compilation>(vm, proc);
+}
+std::unique_ptr<FunctionCompilation> parseAndCompile(VM& vm, Vector<uint8_t>& source, Memory* memory, FunctionInformation info, unsigned optLevel)
+{
     Procedure procedure;
     B3IRGenerator context(procedure);
+    B3IRGenerator context(memory, procedure);
     FunctionParser<B3IRGenerator> parser(context, source, info);
     if (!parser.parse())
 …
     if (verbose)
         dataLog("Post SSA: ", procedure);
+    return std::make_unique<Compilation>(vm, procedure, optLevel);
+    auto result = std::make_unique<FunctionCompilation>();
+    result->code = std::make_unique<Compilation>(vm, procedure, optLevel);
+    result->jsEntryPoint = createJSWrapper(vm, info.signature, result->code->code(), memory);
+    return result;
+}

trunk/Source/JavaScriptCore/wasm/WASMB3IRGenerator.h

-                      r205769
+                      r207453
 namespace JSC { namespace WASM {
+std::unique_ptr<B3::Compilation> parseAndCompile(VM&, Vector<uint8_t>&, FunctionInformation, unsigned optLevel = 1);
+class Memory;
+std::unique_ptr<FunctionCompilation> parseAndCompile(VM&, Vector<uint8_t>&, Memory*, FunctionInformation, unsigned optLevel = 1);
 } } // namespace JSC::WASM

trunk/Source/JavaScriptCore/wasm/WASMCallingConvention.h

-                      r205552
+                      r207453
 #if ENABLE(WEBASSEMBLY)
+#include "AllowMacroScratchRegisterUsage.h"
 #include "B3ArgumentRegValue.h"
 #include "B3BasicBlock.h"
 #include "B3Const64Value.h"
+#include "B3ConstrainedValue.h"
 #include "B3MemoryValue.h"
+#include "B3PatchpointValue.h"
+#include "B3Procedure.h"
+#include "B3StackmapGenerationParams.h"
 #include "CallFrame.h"
+#include "LinkBuffer.h"
 #include "RegisterSet.h"
 #include "WASMFormat.h"
 …
 namespace JSC { namespace WASM {
 typedef unsigned (*NextOffset)(unsigned currentOffset, Type type);
+typedef unsigned (*NextOffset)(unsigned currentOffset, B3::Type type);
 template<unsigned offset, NextOffset updateOffset>
+template<unsigned headerSize, NextOffset updateOffset>
 class CallingConvention {
 public:
-    static const unsigned headerSize = offset;
     CallingConvention(Vector<GPRReg>&& registerArguments, RegisterSet&& calleeSaveRegisters)
         : m_registerArguments(registerArguments)
 …
                     block->appendNew<B3::Const64Value>(proc, origin, currentOffset));
                 argument = block->appendNew<B3::MemoryValue>(proc, B3::Load, toB3Type(argumentTypes[i]), origin, address);
                 currentOffset = updateOffset(currentOffset, argumentTypes[i]);
+                currentOffset = updateOffset(currentOffset, toB3Type(argumentTypes[i]));
+            }
             functor(argument, i);
+        }
+    }
+    template<typename Functor>
+    B3::Value* setupCall(B3::Procedure& proc, B3::BasicBlock* block, B3::Origin origin, MacroAssemblerCodePtr target, const Vector<B3::Value*>& arguments, B3::Type returnType, const Functor& patchpointFunctor) const
+    {
+        size_t stackArgumentCount = arguments.size() < m_registerArguments.size() ? 0 : arguments.size() - m_registerArguments.size();
+        unsigned offset = headerSize - sizeof(CallerFrameAndPC);
+        proc.requestCallArgAreaSizeInBytes(WTF::roundUpToMultipleOf(stackAlignmentBytes(), headerSize + (stackArgumentCount * sizeof(Register))));
+        Vector<B3::ConstrainedValue> constrainedArguments;
+        for (unsigned i = 0; i < arguments.size(); ++i) {
+            B3::ValueRep rep;
+            if (i < m_registerArguments.size())
+                rep = B3::ValueRep::reg(m_registerArguments[i]);
+            else
+                rep = B3::ValueRep::stackArgument(offset);
+            constrainedArguments.append(B3::ConstrainedValue(arguments[i], rep));
+            offset = updateOffset(offset, arguments[i]->type());
+        }
+        B3::PatchpointValue* patchpoint = block->appendNew<B3::PatchpointValue>(proc, returnType, origin);
+        patchpoint->appendVector(constrainedArguments);
+        patchpointFunctor(patchpoint);
+        patchpoint->setGenerator([=] (CCallHelpers& jit, const B3::StackmapGenerationParams&) {
+            AllowMacroScratchRegisterUsage allowScratch(jit);
+            CCallHelpers::Call call = jit.call();
+            jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
+                linkBuffer.link(call, FunctionPtr(target.executableAddress()));
+            });
+        });
+        if (returnType == B3::Void)
+            return nullptr;
+        patchpoint->resultConstraint = B3::ValueRep::reg(GPRInfo::returnValueGPR);
+        return patchpoint;
+    }
 …
 };
 inline unsigned nextJSCOffset(unsigned currentOffset, Type)
+inline unsigned nextJSCOffset(unsigned currentOffset, B3::Type)
+{
     return currentOffset + sizeof(Register);

trunk/Source/JavaScriptCore/wasm/WASMFormat.h

-                      r206110
+                      r207453
 #if ENABLE(WEBASSEMBLY)
+#include "B3Compilation.h"
 #include "B3Type.h"
 #include <wtf/Vector.h>
 …
 };
+struct FunctionCompilation {
+    std::unique_ptr<B3::Compilation> code;
+    std::unique_ptr<B3::Compilation> jsEntryPoint;
+};
 } } // namespace JSC::WASM

trunk/Source/JavaScriptCore/wasm/WASMFunctionParser.h

-                      r206794
+                      r207453
+    }
+    FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_CASE) {
+        uint32_t alignment;
+        if (!parseVarUInt32(alignment))
+            return false;
+        uint32_t offset;
+        if (!parseVarUInt32(offset))
+            return false;
+        ExpressionType pointer = m_expressionStack.takeLast();
+        ExpressionType result;
+        if (!m_context.load(static_cast<LoadOpType>(op), pointer, result, offset))
+            return false;
+        m_expressionStack.append(result);
+        return true;
+    }
+    FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_CASE) {
+        uint32_t alignment;
+        if (!parseVarUInt32(alignment))
+            return false;
+        uint32_t offset;
+        if (!parseVarUInt32(offset))
+            return false;
+        ExpressionType value = m_expressionStack.takeLast();
+        ExpressionType pointer = m_expressionStack.takeLast();
+        return m_context.store(static_cast<StoreOpType>(op), pointer, value, offset);
+    }
     case OpType::I32Const: {
         uint32_t constant;

trunk/Source/JavaScriptCore/wasm/WASMModuleParser.cpp

-                      r206110
+                      r207453
 #if ENABLE(WEBASSEMBLY)
+#include "JSWASMModule.h"
 #include "WASMFormat.h"
 #include "WASMOps.h"
 #include "WASMSections.h"
+#include <sys/mman.h>
 namespace JSC { namespace WASM {
 …
             dataLogLn("Starting to parse next section at offset: ", m_offset);
-        Sections::Section section = Sections::Unknown;
         uint8_t sectionByte;
         if (!parseUInt7(sectionByte))
             return false;
+        if (verbose)
+            dataLogLn("Section byte: ", sectionByte);
+        Sections::Section section = Sections::Unknown;
         if (sectionByte) {
+            if (sectionByte >= Sections::Unknown)
+                section = Sections::Unknown;
+            else
+            if (sectionByte < Sections::Unknown)
                 section = static_cast<Sections::Section>(sectionByte);
         } else {
 …
         switch (section) {
+        case Sections::Memory: {
+            if (verbose)
+                dataLogLn("Parsing Memory.");
+            if (!parseMemory())
+                return false;
+            break;
+        }
         case Sections::FunctionTypes: {
             if (verbose)
 …
     // TODO
     return true;
+}
+bool ModuleParser::parseMemory()
+{
+    uint8_t flags;
+    if (!parseVarUInt1(flags))
+        return false;
+    uint32_t size;
+    if (!parseVarUInt32(size))
+        return false;
+    if (size > maxPageCount)
+        return false;
+    uint32_t capacity = maxPageCount;
+    if (flags) {
+        if (!parseVarUInt32(capacity))
+            return false;
+        if (size > capacity || capacity > maxPageCount)
+            return false;
+    }
+    capacity *= pageSize;
+    size *= pageSize;
+    Vector<unsigned> pinnedSizes = { 0 };
+    m_memory = std::make_unique<Memory>(size, capacity, pinnedSizes);
+    return m_memory->memory();
+}

trunk/Source/JavaScriptCore/wasm/WASMModuleParser.h

-                      r205552
+                      r207453
 #if ENABLE(WEBASSEMBLY)
+#include "WASMMemory.h"
 #include "WASMOps.h"
 #include "WASMParser.h"
 …
     bool WARN_UNUSED_RETURN parse();
+    const Vector<FunctionInformation>& functionInformation() { return m_functions; }
+    const Vector<FunctionInformation>& functionInformation() const { return m_functions; }
+    std::unique_ptr<Memory>& memory() { return m_memory; }
 private:
+    bool WARN_UNUSED_RETURN parseMemory();
     bool WARN_UNUSED_RETURN parseFunctionTypes();
     bool WARN_UNUSED_RETURN parseFunctionSignatures();
     bool WARN_UNUSED_RETURN parseFunctionDefinitions();
     bool WARN_UNUSED_RETURN parseFunctionDefinition(uint32_t number);
-    bool WARN_UNUSED_RETURN parseBlock();
-    bool WARN_UNUSED_RETURN parseExpression(OpType);
     Vector<FunctionInformation> m_functions;
     Vector<Signature> m_signatures;
+    std::unique_ptr<Memory> m_memory;
 };

trunk/Source/JavaScriptCore/wasm/WASMOps.h

-                      r206794
+                      r207453
     macro(F64Ge, 0x9c, Oops)
+#define FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
+    macro(I32Load8S, 0x20, Oops) \
+    macro(I32Load8U, 0x21, Oops) \
+    macro(I32Load16S, 0x22, Oops) \
+    macro(I32Load16U, 0x23, Oops) \
+    macro(I64Load8S, 0x24, Oops) \
+    macro(I64Load8U, 0x25, Oops) \
+    macro(I64Load16S, 0x26, Oops) \
+    macro(I64Load16U, 0x27, Oops) \
+    macro(I64Load32S, 0x28, Oops) \
+    macro(I64Load32U, 0x29, Oops) \
+    macro(I32Load, 0x2a, Oops) \
+    macro(I64Load, 0x2b, Oops) \
+    macro(F32Load, 0x2c, Oops) \
+    macro(F64Load, 0x2d, Oops)
+#define FOR_EACH_WASM_MEMORY_STORE_OP(macro) \
+    macro(I32Store8, 0x2e, Oops) \
+    macro(I32Store16, 0x2f, Oops) \
+    macro(I64Store8, 0x30, Oops) \
+    macro(I64Store16, 0x31, Oops) \
+    macro(I64Store32, 0x32, Oops) \
+    macro(I32Store, 0x33, Oops) \
+    macro(I64Store, 0x34, Oops) \
+    macro(F32Store, 0x35, Oops) \
+    macro(F64Store, 0x36, Oops)
 …
     FOR_EACH_WASM_CONTROL_FLOW_OP(macro) \
     FOR_EACH_WASM_UNARY_OP(macro) \
+    FOR_EACH_WASM_BINARY_OP(macro)
+    FOR_EACH_WASM_BINARY_OP(macro) \
+    FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
+    FOR_EACH_WASM_MEMORY_STORE_OP(macro)
 #define CREATE_ENUM_VALUE(name, id, b3op) name = id,
 …
 enum class UnaryOpType : uint8_t {
     FOR_EACH_WASM_UNARY_OP(CREATE_ENUM_VALUE)
+};
+enum class LoadOpType : uint8_t {
+    FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_ENUM_VALUE)
+};
+enum class StoreOpType : uint8_t {
+    FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_ENUM_VALUE)
 };

trunk/Source/JavaScriptCore/wasm/WASMPlan.cpp

-                      r205552
+                      r207453
 #include "B3Compilation.h"
 #include "WASMB3IRGenerator.h"
+#include "WASMCallingConvention.h"
 #include "WASMModuleParser.h"
 #include <wtf/DataLog.h>
 …
         if (verbose)
             dataLogLn("Processing funcion starting at: ", info.start, " and ending at: ", info.end);
         result.append(parseAndCompile(vm, source, info));
+        result.append(parseAndCompile(vm, source, moduleParser.memory().get(), info));
+    }
+    memory = WTFMove(moduleParser.memory());
+}

trunk/Source/JavaScriptCore/wasm/WASMPlan.h

-                      r205552
+                      r207453
 #include "CompilationResult.h"
 #include "VM.h"
+#include "WASMFormat.h"
 #include <wtf/ThreadSafeRefCounted.h>
 #include <wtf/Vector.h>
+namespace JSC {
+namespace B3 {
+class Compilation;
+} // namespace B3
+namespace WASM {
+namespace JSC { namespace WASM {
+class Memory;
 // TODO: This should create a WASM Module not a list of functions.
 …
     JS_EXPORT_PRIVATE Plan(VM&, Vector<uint8_t> source);
+    Vector<std::unique_ptr<B3::Compilation>> result;
+    Vector<std::unique_ptr<FunctionCompilation>> result;
+    std::unique_ptr<Memory> memory;
 };

trunk/Source/JavaScriptCore/wasm/WASMSections.h

r206110	r207453
34	34	FunctionTypes = 1,
35	35	Signatures = 3,
	36	Memory = 5,
36	37	Definitions = 10,
37	38	Unknown

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 207453 in webkit

Legend:

Download in other formats: