| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
| |
Fixes `DataFlowOpts` leaking allocated temporary functions created to precompute an expression as their body. Reusing the `body` afterwards is fine since expressions are arena allocated separately.
|
| |
|
|
|
| |
* Make `Literal::type` immutable to guarantee that we do not lose track of `Literal::exn` by changing the literal's type
* Add an assert to guarantee that we don't create `exnref` literals without an `ExceptionPackage` (for now)
* Enforce rvalue reference when creating an `exnref` Literal from a `std::unique_ptr<ExceptionPackage>`, avoiding a redundant copy by means of requiring `std::move`
|
| |
|
|
|
|
|
|
|
|
|
| |
First, adds an explicit destructor call to fix a memory leak in
`Literal::operator=` in which existing `ExceptionPackage`s would be
silently dropped. Next, changes `Literal::getExceptionPackage` to
return the `ExceptionPackage` by value to avoid a use-after-free bug
in the interpreter that was surfaced by the new destructor call.
A future improvement would be to switch to using `std::variant`.
Fixes #3087.
|
| |
|
| |
These declarations were previously missing causing the respective APIs to be not exposed. Also makes sure that a Boolean is returned by the JS API and adds a test to verify that it is working now.
|
| |
|
|
|
| |
As discussed in #2921, this allows inlining of functions not identified
as "lightweight" (that include a loop, for example).
|
| |
|
| |
Extends compound types introduced in #3012 with a representation of `Rtt`s as described in the GC proposal, by also introducing the concept of a `HeapType` shared between `TypeInfo` and `Rtt`. Again, this should be a non-functional change since `Rtt`s are not used anywhere yet. Subtyping rules and updating the `xref` aliases is left for future work.
|
| |
|
|
|
|
| |
Two new flags here, one to completely removes dynCalls, and another to
limit them to only signatures that contains i64.
See #3043
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In fastcomp we implemented emscripten_get_sbrk_ptr in wasm, and
exported _emscripten_get_sbrk_ptr. We don't need that anymore and
can remove it.
However I want to switch us to implementing emscripten_get_sbrk_ptr
in wasm in upstream too, as part of removing DYNAMICTOP_PTR and
other silliness that we have around link (#3043).
This makes us support an export of emscripten_get_sbrk_ptr (no
prefix), and also it makes sure not to instrument that function, which
may contain some memory operations itself, but if we SAFE_HEAP-ify
them we'd get infinite recursion, as the SAFE_HEAP methods need to
call that.
|
| |
|
| |
Adds early returns to local optimizations passes in cases where there are no locals to optimize.
|
| |
|
| |
This fixes a bug in which a side effect in the calculation of the size could be lost.
|
| |
|
|
|
| |
Extends the `Type` hash-consing infrastructure to handle type-parameterized and constructed types introduced in the typed function references and GC proposals. This should be a non-functional change since the new types are not used anywhere yet. Recursive type construction and canonicalization is also left as future work.
Co-authored-by: Thomas Lively <tlively@google.com>
|
| |
|
|
|
|
|
|
|
| |
According to changes in spec:
WebAssembly/bulk-memory-operations#124
WebAssembly/bulk-memory-operations#145
we unfortunately can't fold to nop even for memory.copy(x, y, 0).
So this PR revert all reductions to nop but do this only under ignoreImplicitTraps flag
|
| |
|
|
|
| |
That can trap, so we can only remove it if traps are ignored,
which was not handled properly. Revert it as we consider the
options.
|
| |
|
| |
Fix issue found by fuzzer: #3038 (comment)
|
| |
|
| |
Replace it with a load and a store when the size is a small constant and remove it entirely when it would be a nop.
|
| |
|
|
|
|
|
| |
The minimizeWasmChanges flag now does nothing (but new changes are
coming, so keep it around) - this moves us to always doing the new way of
things. With that we can update the tests.
See #3043
|
| |
|
| |
Since they make the code clearer and more self-documenting.
|
| |
|
| |
This leads to simpler code and is a prerequisite for #3012, which makes it so that not all `Type`s are backed by vectors that `expand` could return.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wasm-emscripten-finalize renames EM_ASM calls to have the signature in
the name. This isn't actually useful - emscripten doesn't benefit from that. I
think it was optimized in fastcomp, and in upstream we copied the general
form but not the optimizations, and then EM_JS came along which is
easier to optimize anyhow.
This PR makes those changes optional: when not doing them, it just
leaves the calls as they are. Emscripten will need some changes to
handle that, but those are simple.
For convenience this adds a flag to "minimize wasm changes". The idea
is that this flag avoids needing a double-roll or other inconvenience
as the changes need to happen in tandem on the emscripten side.
The same flag can be reused for later changes similar to this one.
When they are all done we can remove the flag. (Note how the code
ifdefed by the flag can be removed once we no longer need the old
way of doing things - that is, the new approach is simpler on the
binaryen side).
See #3043
|
| |
|
|
|
|
|
| |
Now that fastcomp has been removed from Emscripten, there is no need
for the asm2wasm tool which it used to compile fastcomp's asm.js output
to wasm.
See emscripten-core/emscripten#11860
|
| |
|
|
|
|
|
|
|
|
| |
This helps towards the goal of allowing emscripten to not always modify
the wasm during link. Until now wasm-emscripten-finalize always wrote
an output, while with this PR it only does so if it was asked to, either by
giving it an output filename, or asking for text output.
The only noticeable change from this should be to make what was an
error before (not specify an output or ask for text) into a non-error (run
and print metadata, but do not write the wasm).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a follow-up to https://github.com/WebAssembly/binaryen/pull/3012#pullrequestreview-459686171 this PR prepares for the new compound Signature, Struct and Array types that are single but not basic.
This includes:
* Renames `Type::getSingle` to `Type::getBasic` (NFC). Previously, its name was not representing its implementation (`isSingle` excluded `none` and `unreachable` while `getSingle` didn't, i.e. `getSingle` really was `getBasic`). Note that a hypothetical `Type::getSingle` cannot return `ValueType` anyway (new compound types are single but don't map to `ValueType`), so I figured it's best to skip implementing it until we actually need it.
* Marks locations where we are (still) assuming that all single types are basic types, as suggested in https://github.com/WebAssembly/binaryen/pull/3012#discussion_r465356708, but using a macro, so we get useful errors once we start implementing the new types and can quickly traverse the affected locations.
The macro is added where
* there used to be a `switch (type.getSingle())` or similar that handled any basic type (NFC), but in the future will also have to handle single types that are not basic types.
* we are not dealing with `Unary`, `Binary`, `Load`, `Store` or `AtomicXY` instructions, since these don't deal with compound types anyway.
|
| |
|
| |
Currently only the low 32-bits of a hash are guaranteed to be shuffled before combining with the other hash, so this PR also adds a 64-bit variant of hash_combine, including a comment on where the constants are coming from.
|
| |
|
|
|
|
|
|
|
| |
* Unifies internal hashing helpers to naturally integrate with std::hash
* Removes the previous custom implementation
* Computed hashes are now always size_t
* Introduces a hash_combine helper
* Fixes an overwritten partial hash in Relooper.cpp
|
| |
|
| |
This is needed for headers to show up in IDE projects, and has no other effect on the build.
|
| | |
|
| |
|
|
|
|
| |
wasm2js does not have full call_indirect support as we don't trap if
the type is incorrect, which wasm does. Therefore the StubUnsupportedJSOps
pass needs to remove those operations so that the fuzzer doesn't find
spurious issues.
|
| |
|
|
|
|
|
| |
We just had the logic there wrong - MSVC's intrinsic returns the bit
index, not the number of leading zeros. That's identical when scanning
forward but not in reverse...
Fixes #2942
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This logs out the decisions made about instrumenting functions, which
can help figure out why a function is instrumented, or to get a list of
what might need to be.
As the test shows, it can print things like this:
[asyncify] import is an import that can change the state
[asyncify] calls-import can change the state due to import
[asyncify] calls-calls-import can change the state due to calls-import
[asyncify] calls-calls-calls-import can change the state due to calls-calls-import
(the test has calls-calls-calls-import => calls-calls-import => calls-import -> import).
|
| | |
|
| |
|
|
|
|
|
|
| |
This doesn't lower them - it just replaces the unsupported operation
with a drop. This will be useful for fuzzing, where to compare JS to the
correct semantics we must avoid operations where JS is not always
accurate.
Also fully document the i64 -> f32 conversion issue in JS.
|
| |
|
|
|
|
| |
The core logic is still living in EmscriptenGlueGenerator because
its used also by fixInvokeFunctionNames.
As a followup we can figure out how to make these more independent.
|
| |
|
|
|
|
|
|
|
| |
testing for it (#3019)
getMaxBits just moves around, no logic is changed.
Aside from adding getMaxBits, the change in bits.h is 99% whitespace.
helps #2879
|
| | |
|
| |
|
|
|
|
|
|
| |
Specified in https://github.com/WebAssembly/simd/pull/237. Since these
are just prototypes necessary for benchmarking, this PR does not add
support for these instructions to the fuzzer or the C or JS APIs. This
PR also renumbers the QFMA instructions that previously used the
opcodes for these new instructions. The renumbering matches the
renumbering in V8 and LLVM.
|
| |
|
|
|
|
|
|
|
|
| |
Previously we only handled i32. That was enough for all real-world code
people have run through wasm2js apparently (which is the only place the
pass is needed - it lowers unaligned loads to individual loads etc., as
unaligned operations fail in JS). Apparently it's pretty rare to have
unaligned f32 loads for example.
This will be useful in fuzzing wasm2js, as without this we can't compare
results to the interpreter (which does alignment properly).
|
| |
|
|
|
| |
Pretty trivial, but will be useful in wasm2js testing, where we
can't assume an incorrectly-aligned load/store will still work,
so we'll need to be pessimistic about alignment there.
|
| |
|
|
|
|
|
|
| |
Tweak floating-point numbers with not just a +-1 integer, but also a
float in [-1, 1].
Apply a tweak to powers of 2 as well.
This found bugs in various codebases, see WebAssembly/spec#1224
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we used "Top" for both exports and the top level
(which has functions and globals). The warning about name
collisions there was meant only for exports (where if a name
collides and so it must be renamed, means that there will
be an externally-visible oddness for the user). But it applied
to functions too, which could be annoying, and was not
dangerous (at worst, it might be confusing when reading the
emitted JS and seeing NAME_1, NAME_2, but there is no
effect on execution or on exports).
To fix this, add a new Export name scope. This separates
function names from export names. However, it runs into
another issue which is that when checking for a name conflict
we had a big set of all the names in all the scopes. That is,
FOO would only ever be used in one scope, period, and
other appearances of that Name in wasm would get a
suffix. As a result, if an exported function FOO has the name
foo, we'd export it as FOO but name the function FOO_1
which is annoying. To fix that, keep sets of all names in each
scope. When mangling a name we can then only care about
the relevant scope, EXCEPT for local names, which must
also not conflict with function names. That is, this would be
bad:
function foo(bar) {
var bar = 0;
}
function bar() { ..
It's not ok to call a parameter "bar" if there is a function by
that name (well, it could be if it isn't called in that scope).
So when mangling the Local scope, also check the Top one
as well.
The test output changes are due to non-overlapping scopes,
specifically Local and Label. It's fine to have
foo : while(1) {
var foo = 5;
}
Those "foo"s do not conflict.
Fixes emscripten-core/emscripten#11743
|
| |
|
|
|
| |
Check for x64 before using a non-32bit operation.
See #2955 for context.
|
| |
|
|
| |
optimizeBoolean does not receive a boolean, it is done when the
output flows into a boolean context.
|
| |
|
|
|
|
|
|
| |
This is precursor to moving dynCall generation into a pass of its own.
It seems to be up to the caller if they want to run dynCall generation
either before or after fpcast-emu.
Verified that this change does not effect emscripten's wasm2 other other
test suite.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fallthrough (#2989)
We can turn a reinterpret of a load into a different load, and so forth, but if
the reinterpret has a non-load child with a load fallthrough, that's not good
enough - we can't remove the extra code:
(reinterpret
(block
..extra code..
(load)
)
)
That can't be turned into a load of the flipped type.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We marked it as readsMemory so that it could be reordered with various
things, except for memory.init. However, the fuzzer found that's not quite
right, as it has a global side effect - memory.inits that run later can notice
that. So it can't be reordered with anything that might affect global side
effects from happening, as in the testcase added here (an instruction that
may trap cannot be reordered with a data.drop, as it may prevent the
data.drop from happening and changing global state).
There may be a way to optimize this more carefully that would allow more
optimizations, but as this is a rare instruction I'm not sure it's worth more
work.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It is usually fine to do if (x | 0) => if (x) since it just cares if the
value is 0 or not. However, if the cast turns it into 0, then that is
incorrect, which the fuzzer found as
-2147483648 + -2147483648 | 0
(the sum is 2^32, which | 0 is 0).
We can maybe look into doing this in a safe way, but for now
just remove it. It doesn't have a big impact on code size as this
is pretty rare (e.g. the minimal runtime code size test is not
broken by this).
|
| |
|
|
|
| |
This new pass takes an optional stack-check-handler argument
which is the name of the function to call on stack overflow.
If no argument is passed then it just traps.
|
| |
|
| |
Simplify stack allocation and array generation logic.
|
| |
|
|
| |
This should not be needed since in emscripten standalone mode we
always include a crt1.o that includes _start.
|
| |
|
|
| |
Doing it this way happens to re-order the __assign_got_entries
function in the module, but its otherwise NFC.
|
| |
|
| |
First step in making wasm-emscripten-finalize use more passes.
|
