Attachment #290637 for bug #161710

View Details Raw Unified Return to Bug 161710

| Differences between



2016-09-26  Keith Miller  <keith_miller@apple.com>

        Add support for WASM Memory.
        https://bugs.webkit.org/show_bug.cgi?id=161710

        Reviewed by NOBODY (OOPS!).

        This patch add initial support for WASM memory operations. First,
        it adds the concept of a WASM Module memory management object.
        This object currently mmaps a 32-bit address space for WASM use,
        although it marks all the memory outside the current breakpoint as
        PROT_NONE. For now, we do a range check on each store and load. In
        the future, we should change this to be an signal handler that
        checks what module the program trapped in.

        * testWASM.cpp:
        (runWASMTests):
        * wasm/WASMB3IRGenerator.cpp:
        (JSC::WASM::parseAndCompile):
        * wasm/WASMB3IRGenerator.h:
        * wasm/WASMFormat.h:
        (JSC::WASM::Memory::Memory):
        (JSC::WASM::Memory::~Memory):
        (JSC::WASM::Memory::memory):
        (JSC::WASM::Memory::size):
        (JSC::WASM::Memory::growMemory):
        (JSC::WASM::Memory::offsetOfSize):
        * wasm/WASMFunctionParser.h:
        (JSC::WASM::FunctionParser<Context>::parseExpression):
        * wasm/WASMModuleParser.cpp:
        (JSC::WASM::ModuleParser::parse):
        (JSC::WASM::ModuleParser::parseMemory):
        * wasm/WASMModuleParser.h:
        (JSC::WASM::ModuleParser::functionInformation):
        (JSC::WASM::ModuleParser::memory):
        * wasm/WASMOps.h:
        * wasm/WASMPlan.cpp:
        (JSC::WASM::Plan::Plan):
        * wasm/WASMPlan.h:
        * wasm/WASMSections.h:

2016-09-26  Don Olmstead  <don.olmstead@am.sony.com>

        [JSC] Allow fixedExecutableMemoryPoolSize to be set during build

Lines 31-36 CODE_SIGN_ENTITLEMENTS_ios_minidom = entitlements.plist; a/Source/JavaScriptCore/Configurations/ToolExecutable.xcconfig_sec1
- a/Source/JavaScriptCore/Configurations/ToolExecutable.xcconfig +1 lines
31	CODE_SIGN_ENTITLEMENTS_ios_testair = entitlements.plist;	31	CODE_SIGN_ENTITLEMENTS_ios_testair = entitlements.plist;
32	CODE_SIGN_ENTITLEMENTS_ios_testapi = entitlements.plist;	32	CODE_SIGN_ENTITLEMENTS_ios_testapi = entitlements.plist;
33	CODE_SIGN_ENTITLEMENTS_ios_testb3 = entitlements.plist;	33	CODE_SIGN_ENTITLEMENTS_ios_testb3 = entitlements.plist;
		34	CODE_SIGN_ENTITLEMENTS_ios_testWASM = entitlements.plist;
34	CODE_SIGN_ENTITLEMENTS_ios_testRegExp = entitlements.plist;	35	CODE_SIGN_ENTITLEMENTS_ios_testRegExp = entitlements.plist;
35		36
36	SKIP_INSTALL = $(SKIP_INSTALL_$(FORCE_TOOL_INSTALL));	37	SKIP_INSTALL = $(SKIP_INSTALL_$(FORCE_TOOL_INSTALL));



#include "LLIntThunks.h"
#include "ProtoCallFrame.h"
#include "VM.h"
#include "WASMMemory.h"
#include "WASMPlan.h"

#include <wtf/DataLog.h>
#include <wtf/LEBDecoder.h>


{
    {
        // Generated from:
        // (module
        //  (memory 1)
        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //   (i32.store (get_local $ptr) (get_local $i))
        //   (return (i32.load (get_local $ptr)))
        //   )
        //  )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x02, 0x01, 0x01, 0x02, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x34, 0x03, 0x00, 0x14,
            0x01, 0x2b, 0x03, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
    }

    {
        // Generated from:
        // (module
        //  (memory 1)
        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //   (i32.store (get_local $ptr) (get_local $i))
        //   (return (i32.load (get_local $ptr)))
        //   )
        //  )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x33, 0x02, 0x00, 0x14,
            0x01, 0x2a, 0x02, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
        //      (set_local $i (i32.const 0))
        //      (block
        //       (loop
        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
        //        (i32.store (i32.add (get_local $p) (i32.mul (get_local $i) (i32.const 4))) (get_local $x))
        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
        //        (br 0)
        //        )
        //       )
        //      (return)
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
            0x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xb2, 0x80, 0x80, 0x80,
            0x00, 0x01, 0xac, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
            0x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x10, 0x04, 0x42,
            0x40, 0x14, 0x00, 0x33, 0x02, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f,
            0x0f, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        unsigned length = 5;
        unsigned offset = sizeof(uint32_t);
        uint32_t* memory = static_cast<uint32_t*>(plan.memory->memory());
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
        offset /= sizeof(uint32_t);
        CHECK_EQ(memory[offset - 1], 0u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 100u);

        length = 10;
        offset = 5 * sizeof(uint32_t);
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
        offset /= sizeof(uint32_t);
        CHECK_EQ(memory[offset - 1], 100u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 5u);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
        //      (set_local $i (i32.const 0))
        //      (block
        //       (loop
        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
        //        (i32.store8 (i32.add (get_local $p) (get_local $i)) (get_local $x))
        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
        //        (br 0)
        //        )
        //       )
        //      (return)
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
            0x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xaf, 0x80, 0x80, 0x80,
            0x00, 0x01, 0xa9, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
            0x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x40, 0x14, 0x00,
            0x2e, 0x00, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f, 0x0f, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        unsigned length = 5;
        unsigned offset = 1;
        uint8_t* memory = static_cast<uint8_t*>(plan.memory->memory());
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
        CHECK_EQ(memory[offset - 1], 0u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 100u);

        length = 10;
        offset = 5;
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
        CHECK_EQ(memory[offset - 1], 100u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 5u);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //      (i32.store8 (get_local $ptr) (get_local $i))
        //      (return (i32.load8_s (get_local $ptr)))
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x14,
            0x01, 0x20, 0x00, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "i32_load8_s") (param $i i32) (result i32)
        //      (i32.store8 (i32.const 8) (get_local $i))
        //      (return (i32.load8_s (i32.const 8)))
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x86, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80, 0x80,
            0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33, 0x32,
            0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80, 0x00,
            0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x10, 0x08, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x10, 0x08,
            0x20, 0x00, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
    }

    {
        // Generated from:
        // (module
        //  (memory 1)
        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //   (i32.store (get_local $ptr) (get_local $i))
        //   (return (i32.load (get_local $ptr)))
        //   )
        //  )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x02, 0x01, 0x01, 0x02, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x34, 0x03, 0x00, 0x14,
            0x01, 0x2b, 0x03, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(-12), box(plan.memory->size() - sizeof(uint64_t)) }), -12);
    }

    {
        // Generated from:
        // (module
        //  (memory 1)
        //  (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //   (i32.store (get_local $ptr) (get_local $i))
        //   (return (i32.load (get_local $ptr)))
        //   )
        //  )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x33, 0x02, 0x00, 0x14,
            0x01, 0x2a, 0x02, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
        //      (set_local $i (i32.const 0))
        //      (block
        //       (loop
        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
        //        (i32.store (i32.add (get_local $p) (i32.mul (get_local $i) (i32.const 4))) (get_local $x))
        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
        //        (br 0)
        //        )
        //       )
        //      (return)
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
            0x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xb2, 0x80, 0x80, 0x80,
            0x00, 0x01, 0xac, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
            0x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x10, 0x04, 0x42,
            0x40, 0x14, 0x00, 0x33, 0x02, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f,
            0x0f, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        unsigned length = 5;
        unsigned offset = sizeof(uint32_t);
        uint32_t* memory = static_cast<uint32_t*>(plan.memory->memory());
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
        offset /= sizeof(uint32_t);
        CHECK_EQ(memory[offset - 1], 0u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 100u);

        length = 10;
        offset = 5 * sizeof(uint32_t);
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
        offset /= sizeof(uint32_t);
        CHECK_EQ(memory[offset - 1], 100u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 5u);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "write_array") (param $x i32) (param $p i32) (param $length i32) (local $i i32)
        //      (set_local $i (i32.const 0))
        //      (block
        //       (loop
        //        (br_if 1 (i32.ge_u (get_local $i) (get_local $length)))
        //        (i32.store8 (i32.add (get_local $p) (get_local $i)) (get_local $x))
        //        (set_local $i (i32.add (i32.const 1) (get_local $i)))
        //        (br 0)
        //        )
        //       )
        //      (return)
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x03, 0x01, 0x01, 0x01, 0x00, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x77, 0x72,
            0x69, 0x74, 0x65, 0x5f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x00, 0x00, 0x0a, 0xaf, 0x80, 0x80, 0x80,
            0x00, 0x01, 0xa9, 0x80, 0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x10, 0x00, 0x15, 0x03, 0x01, 0x00,
            0x02, 0x00, 0x14, 0x03, 0x14, 0x02, 0x56, 0x07, 0x01, 0x14, 0x01, 0x14, 0x03, 0x40, 0x14, 0x00,
            0x2e, 0x00, 0x00, 0x10, 0x01, 0x14, 0x03, 0x40, 0x15, 0x03, 0x06, 0x00, 0x0f, 0x0f, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        unsigned length = 5;
        unsigned offset = 1;
        uint8_t* memory = static_cast<uint8_t*>(plan.memory->memory());
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(100), box(offset), box(length) });
        CHECK_EQ(memory[offset - 1], 0u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 100u);

        length = 10;
        offset = 5;
        invoke<void>(*plan.result[0]->jsEntryPoint, { box(5), box(offset), box(length) });
        CHECK_EQ(memory[offset - 1], 100u);
        CHECK_EQ(memory[offset + length], 0u);
        for (unsigned i = 0; i < length; ++i)
            CHECK_EQ(memory[i + offset], 5u);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "i32_load8_s") (param $i i32) (param $ptr i32) (result i32)
        //      (i32.store8 (get_local $ptr) (get_local $i))
        //      (return (i32.load8_s (get_local $ptr)))
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x87, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x02, 0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80,
            0x80, 0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33,
            0x32, 0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80,
            0x00, 0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x14, 0x01, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x14,
            0x01, 0x20, 0x00, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }
        ASSERT(plan.memory->size());

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(10) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(2) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(100) }), 1);
    }

    {
        // Generated from:
        //    (module
        //     (memory 1)
        //     (func (export "i32_load8_s") (param $i i32) (result i32)
        //      (i32.store8 (i32.const 8) (get_local $i))
        //      (return (i32.load8_s (i32.const 8)))
        //      )
        //     )
        Vector<uint8_t> vector = {
            0x00, 0x61, 0x73, 0x6d, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x86, 0x80, 0x80, 0x80, 0x00, 0x01, 0x40,
            0x01, 0x01, 0x01, 0x01, 0x03, 0x82, 0x80, 0x80, 0x80, 0x00, 0x01, 0x00, 0x05, 0x83, 0x80, 0x80,
            0x80, 0x00, 0x01, 0x01, 0x01, 0x07, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x01, 0x0b, 0x69, 0x33, 0x32,
            0x5f, 0x6c, 0x6f, 0x61, 0x64, 0x38, 0x5f, 0x73, 0x00, 0x00, 0x0a, 0x95, 0x80, 0x80, 0x80, 0x00,
            0x01, 0x8f, 0x80, 0x80, 0x80, 0x00, 0x00, 0x10, 0x08, 0x14, 0x00, 0x2e, 0x00, 0x00, 0x10, 0x08,
            0x20, 0x00, 0x00, 0x09, 0x0f
        };

        Plan plan(*vm, vector);
        if (plan.result.size() != 1 || !plan.result[0]) {
            dataLogLn("Module failed to compile correctly.");
            CRASH();
        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 100);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
    }

    {
        // Generated from:
        //    (module
        //     (func "dumb-eq" (param $x i32) (param $y i32) (result i32)
        //      (if (i32.eq (get_local $x) (get_local $y))
        //       (then (br 0))
        //       (else (return (i32.const 1))))

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 1);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 0);
    }



        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 5);
    }



        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { }), 11);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(1) }), 101);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(-1), box(1)}), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(std::numeric_limits<int>::max()), box(1) }), std::numeric_limits<int>::min());
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(10) }), 10);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2)}), 3);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100) }), 5050);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 2);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 2);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 4);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 12);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 600);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(100) }), 10000);
    }

    {

        }

        // Test this doesn't crash.
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(0), box(1) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(0) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(2) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(2) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(1), box(1) }), 0);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(2), box(6) }), 1);
        CHECK_EQ(invoke<int>(*plan.result[0]->jsEntryPoint, { box(100), box(6) }), 0);
    }

}

    if (options.m_runLEBTests)
        runLEBTests();


    if (options.m_runWASMTests) {
#if ENABLE(WEBASSEMBLY)
        JSC::initializeThreading();



#if ENABLE(WEBASSEMBLY)

#include "B3BasicBlockInlines.h"
#include "B3ConstPtrValue.h"
#include "B3FixSSA.h"
#include "B3StackmapGenerationParams.h"
#include "B3Validate.h"
#include "B3ValueInlines.h"
#include "B3Variable.h"

#include "VirtualRegister.h"
#include "WASMCallingConvention.h"
#include "WASMFunctionParser.h"
#include "WASMMemory.h"
#include <wtf/Optional.h>

void dumpProcedure(void* ptr)

    typedef Vector<Variable*, 1> ResultList;
    static constexpr ExpressionType emptyExpression = nullptr;

    B3IRGenerator(Memory*, Procedure&);

    void addArguments(const Vector<Type>&);
    void addLocal(Type, uint32_t);
    ExpressionType addConstant(Type, uint64_t);

    // Locals
    bool WARN_UNUSED_RETURN getLocal(uint32_t index, ExpressionType& result);
    bool WARN_UNUSED_RETURN setLocal(uint32_t index, ExpressionType value);

    // Memory
    bool WARN_UNUSED_RETURN load(LoadOpType, uint32_t offset, ExpressionType pointer, ExpressionType& result);
    bool WARN_UNUSED_RETURN store(StoreOpType, uint32_t offset, ExpressionType pointer, ExpressionType value);

    // Basic operators
    bool WARN_UNUSED_RETURN binaryOp(BinaryOpType, ExpressionType left, ExpressionType right, ExpressionType& result);
    bool WARN_UNUSED_RETURN unaryOp(UnaryOpType, ExpressionType arg, ExpressionType& result);

    // Control flow
    ControlData WARN_UNUSED_RETURN addBlock(Type signature);
    ControlData WARN_UNUSED_RETURN addLoop(Type signature);
    ControlData WARN_UNUSED_RETURN addIf(ExpressionType condition, Type signature);

    void dump(const Vector<ControlType>& controlStack, const ExpressionList& expressionStack);

private:
    ExpressionType emitCheckAndPreparePointer(uint32_t offset, ExpressionType pointer, uint32_t sizeOfOp);
    ExpressionType emitLoadOp(LoadOpType, Origin, ExpressionType pointer);
    void emitStoreOp(StoreOpType, Origin, ExpressionType pointer, ExpressionType value);

    void unify(Variable* target, const ExpressionType source);
    void unifyValuesWithBlock(const ExpressionList& resultStack, ResultList& stack);

    Memory* m_memory;
    Procedure& m_proc;
    BasicBlock* m_currentBlock;
    Vector<Variable*> m_locals;
    Value* m_memoryBase { nullptr };
    Value* m_memorySize { nullptr };
};

B3IRGenerator::B3IRGenerator(Memory* memory, Procedure& procedure)
    : m_memory(memory)
    , m_proc(procedure)
{
    m_currentBlock = m_proc.addBlock();
}

            m_locals[i] = argumentVariable;
            m_currentBlock->appendNew<VariableValue>(m_proc, Set, Origin(), argumentVariable, argument);
        });

    if (m_memory) {
        // FIXME: When we add the calling convention we should have two entrypoints and we should change these to register arguments.
        m_memoryBase = m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), m_memory->memory());
        Value* memorySizeAddress = m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), bitwise_cast<char*>(m_memory) + Memory::offsetOfSize());
        m_memorySize = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, Origin(), memorySizeAddress);
    }
}

bool B3IRGenerator::getLocal(uint32_t index, ExpressionType& result)
{
    ASSERT(m_locals[index]);
    result = m_currentBlock->appendNew<VariableValue>(m_proc, B3::Get, Origin(), m_locals[index]);
    return true;
}

bool B3IRGenerator::setLocal(uint32_t index, ExpressionType value)
{
    ASSERT(m_locals[index]);
    m_currentBlock->appendNew<VariableValue>(m_proc, B3::Set, Origin(), m_locals[index], value);
    return true;
}

inline Value* B3IRGenerator::emitCheckAndPreparePointer(uint32_t offset, ExpressionType pointer, uint32_t sizeOfOperation)
{
    ASSERT(m_memoryBase && m_memorySize);
    // We need to make sure that we add the memoryOffset to the pointer with a 32bit add
    // so if it overflows we stay within our mapped memory.
    Value* memoryOffset = m_currentBlock->appendIntConstant(m_proc, Origin(), Int32, offset);
    pointer = m_currentBlock->appendNew<Value>(m_proc, Add, Origin(), pointer, memoryOffset);
    pointer = m_currentBlock->appendNew<Value>(m_proc, ZExt32, Origin(), pointer);

    Value* sizeOfValue = m_currentBlock->appendIntConstant(m_proc, Origin(), Int64, sizeOfOperation);
    Value* lastByte = m_currentBlock->appendNew<Value>(m_proc, Add, Origin(), sizeOfValue, pointer);
    Value* outOfBounds = m_currentBlock->appendNew<Value>(m_proc, Above, Origin(), lastByte, m_memorySize);
    CheckValue* boundsCheck = m_currentBlock->appendNew<CheckValue>(m_proc, Check, Origin(), outOfBounds);
    boundsCheck->setGenerator([] (CCallHelpers& jit, const StackmapGenerationParams&) {
        jit.breakpoint();
    });

    pointer = m_currentBlock->appendNew<Value>(m_proc, Add, Origin(), m_memoryBase, pointer);
    return pointer;
}

inline uint32_t sizeOfLoadOp(LoadOpType op)
{
    switch (op) {
    case LoadOpType::I32Load8S:
    case LoadOpType::I32Load8U:
    case LoadOpType::I64Load8S:
    case LoadOpType::I64Load8U:
        return 1;
    case LoadOpType::I32Load16S:
    case LoadOpType::I64Load16S:
        return 2;
    case LoadOpType::I32Load:
    case LoadOpType::I64Load32S:
    case LoadOpType::I64Load32U:
        return 4;
    case LoadOpType::I64Load:
        return 8;
    }
    RELEASE_ASSERT_NOT_REACHED();
}

// FIXME: B3 should support Int64 small loads and 16-bit unsigned loads.
inline Value* B3IRGenerator::emitLoadOp(LoadOpType op, Origin origin, ExpressionType pointer)
{
    switch (op) {
    case LoadOpType::I32Load8S: {
        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load8S, origin, pointer, 0);
    }

    case LoadOpType::I64Load8S: {
        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load8S, origin, pointer, 0);
        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
    }

    case LoadOpType::I32Load8U: {
        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load8Z, origin, pointer, 0);
    }

    case LoadOpType::I64Load8U: {
        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load8Z, origin, pointer, 0);
        return m_currentBlock->appendNew<Value>(m_proc, ZExt32, origin, value);
    }

    case LoadOpType::I32Load16S: {
        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load16S, origin, pointer, 0);
    }
    case LoadOpType::I64Load16S: {
        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load16S, origin, pointer, 0);
        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
    }

    case LoadOpType::I32Load: {
        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
    }

    case LoadOpType::I64Load32U: {
        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
        return m_currentBlock->appendNew<Value>(m_proc, ZExt32, origin, value);
    }

    case LoadOpType::I64Load32S: {
        Value* value = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int32, origin, pointer);
        return m_currentBlock->appendNew<Value>(m_proc, SExt32, origin, value);
    }

    case LoadOpType::I64Load: {
        return m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin, pointer);
    }
    }
    RELEASE_ASSERT_NOT_REACHED();
}

bool B3IRGenerator::load(LoadOpType op, uint32_t offset, ExpressionType pointer, ExpressionType& result)
{
    ASSERT(pointer->type() == Int32);

    result = emitLoadOp(op, Origin(), emitCheckAndPreparePointer(offset, pointer, sizeOfLoadOp(op)));
    return true;
}

inline uint32_t sizeOfStoreOp(StoreOpType op)
{
    switch (op) {
    case StoreOpType::I32Store8:
    case StoreOpType::I64Store8:
        return 1;
    case StoreOpType::I32Store16:
    case StoreOpType::I64Store16:
        return 2;
    case StoreOpType::I32Store:
    case StoreOpType::I64Store32:
        return 4;
    case StoreOpType::I64Store:
        return 8;
    }
    RELEASE_ASSERT_NOT_REACHED();
}


// FIXME: We should just support an Int64 store8.
inline void B3IRGenerator::emitStoreOp(StoreOpType op, Origin origin, ExpressionType pointer, ExpressionType value)
{
    switch (op) {
    case StoreOpType::I64Store8:
        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
        FALLTHROUGH;

    case StoreOpType::I32Store8:
        m_currentBlock->appendNew<MemoryValue>(m_proc, Store8, origin, value, pointer);
        return;

    case StoreOpType::I64Store16:
        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
        FALLTHROUGH;

    case StoreOpType::I32Store16:
        m_currentBlock->appendNew<MemoryValue>(m_proc, Store16, origin, value, pointer);
        return;

    case StoreOpType::I64Store32:
        value = m_currentBlock->appendNew<Value>(m_proc, Trunc, origin, value);
        FALLTHROUGH;

    case StoreOpType::I64Store:
    case StoreOpType::I32Store:
        m_currentBlock->appendNew<MemoryValue>(m_proc, Store, origin, value, pointer);
        return;
    }
    RELEASE_ASSERT_NOT_REACHED();
}

bool B3IRGenerator::store(StoreOpType op, uint32_t offset, ExpressionType pointer, ExpressionType value)
{
    ASSERT(pointer->type() == Int32);

    emitStoreOp(op, Origin(), emitCheckAndPreparePointer(offset, pointer, sizeOfStoreOp(op)), value);
    return true;
}

bool B3IRGenerator::unaryOp(UnaryOpType op, ExpressionType arg, ExpressionType& result)
{
    result = m_currentBlock->appendNew<Value>(m_proc, toB3Op(op), Origin(), arg);


} // anonymous namespace


    static std::unique_ptr<Compilation> createWrapper(VM& vm, const Signature* signature, MacroAssemblerCodePtr mainFunction, Memory* memory)
    {
        Procedure proc;
        BasicBlock* block = proc.addBlock();

//        prologue;
//        if (argCount < expected)
//            trap;
//
//        for (i = 0; i < argCount; ++i)
//            moveArgument[i];
//
//        pin things;
//        result = call mainFunction;
//        epilogue result;

        // FIXME: is this supposed to trap if less than expected number of arguments?
        Value* framePointer = block->appendNew<B3::Value>(proc, B3::FramePointer, Origin());
        Value* offSetOfArgumentCount = block->appendNew<Const64Value>(proc, Origin(), CallFrameSlot::argumentCount * sizeof(Register));
        Value* argumentCount = block->appendNew<MemoryValue>(proc, Load, Int32, Origin(),
            block->appendNew<Value>(proc, Add, Origin(), framePointer, offSetOfArgumentCount));

        Value* expectedArgumentCount = block->appendNew<Const32Value>(proc, Origin(), signature->arguments.size());

        CheckValue* argumentCountCheck = block->appendNew<CheckValue>(proc, Check, Origin(),
            block->appendNew<Value>(proc, Above, Origin(), expectedArgumentCount, argumentCount));
        argumentCountCheck->setGenerator([] (CCallHelpers& jit, const StackmapGenerationParams&) {
            jit.breakpoint();
        });

        Value* baseMemory = nullptr;
        Vector<Value*> sizes;
        if (memory) {
            baseMemory = block->appendNew<ConstPtrValue>(proc, Origin(), memory->memory());
            Value* size = block->appendNew<MemoryValue>(proc, Load, Int32, Origin(),
                block->appendNew<ConstPtrValue>(proc, Origin(), memory));
            sizes.reserveCapacity(memory->pinnedRegisters().sizeRegisters.size());
            for (auto info : memory->pinnedRegisters().sizeRegisters)
                sizes.append(block->appendNew<Value>(proc, Sub, Origin(), size,
                    block->appendNew<Const32Value>(proc, Origin(), info.sizeOffset)));
        }

        Vector<Value*> arguments;
        jscCallingConvention().iterate(signature->arguments, proc, block, Origin(),
            [&] (Value* argument, unsigned) {
                arguments.append(argument);
            });

        Value* result = jscCallingConvention().setupCall(proc, block, Origin(), mainFunction, arguments, toB3Type(signature->returnType), [&] (PatchpointValue* patchpoint) {
            if (memory) {
                ASSERT(sizes.size() == memory->pinnedRegisters().sizeRegisters.size());
                patchpoint->append(ConstrainedValue(baseMemory, ValueRep::reg(memory->pinnedRegisters().baseMemoryPointer)));
                for (unsigned i = 0; i < sizes.size(); ++i)
                    patchpoint->append(ConstrainedValue(sizes[i], ValueRep::reg(memory->pinnedRegisters().sizeRegisters[i].sizeRegister)));
            }
        });

        if (signature->returnType != Void)
            block->appendNewControlValue(proc, B3::Return, Origin(), result);
        else
            block->appendNewControlValue(proc, B3::Return, Origin());

        return std::make_unique<Compilation>(vm, proc);
    }

std::unique_ptr<FunctionCompilation> parseAndCompile(VM& vm, Vector<uint8_t>& source, Memory* memory, FunctionInformation info, unsigned optLevel)
{
    Procedure procedure;
    B3IRGenerator context(memory, procedure);
    FunctionParser<B3IRGenerator> parser(context, source, info);
    if (!parser.parse())
        RELEASE_ASSERT_NOT_REACHED();

    fixSSA(procedure);
    if (verbose)
        dataLog("Post SSA: ", procedure);
    std::unique_ptr<FunctionCompilation> result = std::make_unique<FunctionCompilation>();

    result->code = std::make_unique<Compilation>(vm, procedure, optLevel);
    result->jsEntryPoint = createWrapper(vm, info.signature, result->code->code(), memory);
    return result;
}

} } // namespace JSC::WASM

Lines 35-41 extern "C" void dumpProcedure(void*); a/Source/JavaScriptCore/wasm/WASMB3IRGenerator.h_sec1
- a/Source/JavaScriptCore/wasm/WASMB3IRGenerator.h -1 / +3 lines
35		35
36	namespace JSC { namespace WASM {	36	namespace JSC { namespace WASM {
37		37
38	std::unique_ptr<B3::Compilation> parseAndCompile(VM&, Vector<uint8_t>&, FunctionInformation, unsigned optLevel = 1);	38	class Memory;
		39
		40	std::unique_ptr<FunctionCompilation> parseAndCompile(VM&, Vector<uint8_t>&, Memory*, FunctionInformation, unsigned optLevel = 1);
39		41
40	} } // namespace JSC::WASM	42	} } // namespace JSC::WASM
41		43




#if ENABLE(WEBASSEMBLY)

#include "AllowMacroScratchRegisterUsage.h"
#include "B3ArgumentRegValue.h"
#include "B3BasicBlock.h"
#include "B3ConstrainedValue.h"
#include "B3Const64Value.h"
#include "B3MemoryValue.h"
#include "B3PatchpointValue.h"
#include "B3Procedure.h"
#include "B3StackmapGenerationParams.h"
#include "CallFrame.h"
#include "LinkBuffer.h"
#include "RegisterSet.h"
#include "WASMFormat.h"

namespace JSC { namespace WASM {

typedef unsigned (*NextOffset)(unsigned currentOffset, B3::Type type);

template<unsigned headerSize, NextOffset updateOffset>
class CallingConvention {
public:
    static const unsigned headerSize = offset;

    CallingConvention(Vector<GPRReg>&& registerArguments, RegisterSet&& calleeSaveRegisters)
        : m_registerArguments(registerArguments)
        , m_calleeSaveRegisters(calleeSaveRegisters)

                B3::Value* address = block->appendNew<B3::Value>(proc, B3::Add, origin, framePointer,
                    block->appendNew<B3::Const64Value>(proc, origin, currentOffset));
                argument = block->appendNew<B3::MemoryValue>(proc, B3::Load, toB3Type(argumentTypes[i]), origin, address);
                currentOffset = updateOffset(currentOffset, toB3Type(argumentTypes[i]));
            }
            functor(argument, i);
        }
    }

    template<typename Functor>
    B3::Value* setupCall(B3::Procedure& proc, B3::BasicBlock* block, B3::Origin origin, MacroAssemblerCodePtr target, const Vector<B3::Value*>& arguments, B3::Type returnType, const Functor& patchpointFunctor) const
    {
        unsigned stackArgumentCount = arguments.size() < m_registerArguments.size() ? 0 : arguments.size() - m_registerArguments.size();
        proc.requestCallArgAreaSizeInBytes(WTF::roundUpToMultipleOf(stackAlignmentBytes(), headerSize + (stackArgumentCount * sizeof(Register))));

        unsigned offset = headerSize;
        Vector<B3::ConstrainedValue> constrainedArguments;
        for (unsigned i = 0; i < arguments.size(); ++i) {
            B3::ValueRep rep;
            if (i < m_registerArguments.size())
                rep = B3::ValueRep::reg(m_registerArguments[i]);
            else
                rep = B3::ValueRep::stackArgument(offset);
            constrainedArguments.append(B3::ConstrainedValue(arguments[i], rep));
            offset = updateOffset(offset, arguments[i]->type());
        }

        B3::PatchpointValue* patchpoint = block->appendNew<B3::PatchpointValue>(proc, returnType, origin);
        patchpoint->appendVector(constrainedArguments);
        patchpointFunctor(patchpoint);
        patchpoint->setGenerator([=] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
            AllowMacroScratchRegisterUsage allowScratch(jit);

            CCallHelpers::Call call = jit.call();
            jit.addPtr(
                CCallHelpers::TrustedImm32(-params.proc().frameSize()),
                GPRInfo::callFrameRegister, CCallHelpers::stackPointerRegister);
            jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
                    linkBuffer.link(call, FunctionPtr(target.executableAddress()));
            });


        });

        if (returnType != B3::Void)
            return patchpoint;
        return nullptr;
    }

    const Vector<GPRReg> m_registerArguments;
    const RegisterSet m_calleeSaveRegisters;
    const RegisterSet m_callerSaveRegisters;
};

inline unsigned nextJSCOffset(unsigned currentOffset, B3::Type)
{
    return currentOffset + sizeof(Register);
}

Lines 45-50 a/Source/JavaScriptCore/wasm/WASMFormat.h_sec1
- a/Source/JavaScriptCore/wasm/WASMFormat.h +6 lines
45	#if ENABLE(WEBASSEMBLY)	45	#if ENABLE(WEBASSEMBLY)
46		46
47	#include "B3Type.h"	47	#include "B3Type.h"
		48	#include "B3Compilation.h"
48	#include <wtf/Vector.h>	49	#include <wtf/Vector.h>
49	#include <wtf/text/WTFString.h>	50	#include <wtf/text/WTFString.h>
50		51
Lines 126-131 struct FunctionInformation { a/Source/JavaScriptCore/wasm/WASMFormat.h_sec2
126	size_t end;	127	size_t end;
127	};	128	};
128		129
		130	struct FunctionCompilation {
		131	std::unique_ptr<B3::Compilation> code;
		132	std::unique_ptr<B3::Compilation> jsEntryPoint;
		133	};
		134
129	} } // namespace JSC::WASM	135	} } // namespace JSC::WASM
130		136
131	#endif // ENABLE(WEBASSEMBLY)	137	#endif // ENABLE(WEBASSEMBLY)



        return true;
    }

    FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_CASE) {
        // TODO: What do I do with this?
        uint32_t alignment;
        if (!parseVarUInt32(alignment))
            return false;

        uint32_t offset;
        if (!parseVarUInt32(offset))
            return false;

        ExpressionType pointer = m_expressionStack.takeLast();
        ExpressionType result;
        if (!m_context.load(static_cast<LoadOpType>(op), offset, pointer, result))
            return false;
        m_expressionStack.append(result);
        return true;
    }

    FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_CASE) {
        // TODO: What do I do with this?
        uint32_t alignment;
        if (!parseVarUInt32(alignment))
            return false;

        uint32_t offset;
        if (!parseVarUInt32(offset))
            return false;

        ExpressionType value = m_expressionStack.takeLast();
        ExpressionType pointer = m_expressionStack.takeLast();
        return m_context.store(static_cast<StoreOpType>(op), offset, pointer, value);
    }

    case OpType::I32Const: {
        uint32_t constant;
        if (!parseVarUInt32(constant))



/*
 * Copyright (C) 2016 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "config.h"
#include "WASMMemory.h"

#if ENABLE(WEBASSEMBLY)

namespace JSC { namespace WASM {

Memory::Memory(uint32_t startingSize, uint32_t maxSize, const Vector<unsigned>& pinnedSizeRegisters)
: m_size(startingSize)
, m_maxSize(maxSize)
{
    ASSERT(pinnedSizeRegisters.size() > 0);
    // Perhaps we should try MAP_32BIT on X86-64 since that might allow B3 to emit better Loads/Stores.
    void* result = mmap(nullptr, maxSize, PROT_NONE, MAP_PRIVATE | MAP_ANON, 0, 0);
    if (!result)
        return;

    if (mprotect(result, startingSize, PROT_READ | PROT_WRITE)) {
        munmap(result, maxSize);
        return;
    }

    unsigned remainingPinnedRegisters = pinnedSizeRegisters.size() + 1;
    jscCallingConvention().m_calleeSaveRegisters.forEach([&] (Reg reg) {
        GPRReg gpr = reg.gpr();
        if (gpr == CCallHelpers::framePointerRegister || gpr == CCallHelpers::stackPointerRegister)
            return;
        if (!remainingPinnedRegisters)
            return;
        if (remainingPinnedRegisters == 1) {
            m_pinnedRegisters.baseMemoryPointer = gpr;
            remainingPinnedRegisters--;
        } else
            m_pinnedRegisters.sizeRegisters.append({ gpr, pinnedSizeRegisters[--remainingPinnedRegisters - 1] });
    });

    ASSERT(!remainingPinnedRegisters);
    m_memory = result;
}

} // namespace JSC

} // namespace WASM

#endif // ENABLE(WEBASSEMBLY)



/*
 * Copyright (C) 2016 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#pragma once

#if ENABLE(WEBASSEMBLY)

#include "WASMCallingConvention.h"

#include <wtf/Vector.h>

namespace JSC { namespace WASM {

struct PinnedSizeRegisterInfo {
    GPRReg sizeRegister;
    unsigned sizeOffset;
};

struct PinnedRegisterInfo {
    Vector<PinnedSizeRegisterInfo> sizeRegisters;
    GPRReg baseMemoryPointer;
};

class Memory {
    WTF_MAKE_NONCOPYABLE(Memory);
    WTF_MAKE_FAST_ALLOCATED;
public:

    Memory() = default;
    Memory(uint32_t startingSize, uint32_t maxSize, const Vector<unsigned>& pinnedSizeRegisters);

    ~Memory()
    {
        if (m_memory)
            munmap(m_memory, m_maxSize);
    }

    void* memory() const { return m_memory; }
    uint32_t size() const { return m_size; }
    const PinnedRegisterInfo& pinnedRegisters() const { return m_pinnedRegisters; }

    bool growMemory(uint32_t newSize)
    {
        ASSERT(m_memory);
        if (newSize > m_maxSize)
            return false;

        return !mprotect(m_memory, newSize, PROT_READ | PROT_WRITE);
    }

    static ptrdiff_t offsetOfSize() { return OBJECT_OFFSETOF(Memory, m_size); }
    
private:
    void* m_memory { nullptr };
    PinnedRegisterInfo m_pinnedRegisters;
    uint32_t m_size { 0 };
    uint32_t m_maxSize { 0 };
};

} } // namespace JSC::WASM

#endif // ENABLE(WEBASSEMLY)

Lines 28-37 a/Source/JavaScriptCore/wasm/WASMModuleParser.cpp_sec1
- a/Source/JavaScriptCore/wasm/WASMModuleParser.cpp -4 / +46 lines
28		28
29	#if ENABLE(WEBASSEMBLY)	29	#if ENABLE(WEBASSEMBLY)
30		30
		31	#include "JSWASMModule.h"
31	#include "WASMFormat.h"	32	#include "WASMFormat.h"
32	#include "WASMOps.h"	33	#include "WASMOps.h"
33	#include "WASMSections.h"	34	#include "WASMSections.h"
34		35
		36	#include <sys/mman.h>
		37
35	namespace JSC { namespace WASM {	38	namespace JSC { namespace WASM {
36		39
37	static const bool verbose = false;	40	static const bool verbose = false;
Lines 62-76 bool ModuleParser::parse() a/Source/JavaScriptCore/wasm/WASMModuleParser.cpp_sec2
62	if (verbose)	65	if (verbose)
63	dataLogLn("Starting to parse next section at offset: ", m_offset);	66	dataLogLn("Starting to parse next section at offset: ", m_offset);
64		67
65	Sections::Section section = Sections::Unknown;
66	uint8_t sectionByte;	68	uint8_t sectionByte;
67	if (!parseUInt7(sectionByte))	69	if (!parseUInt7(sectionByte))
68	return false;	70	return false;
69		71
		72	if (verbose)
		73	dataLogLn("Section byte: ", sectionByte);
		74
		75	Sections::Section section = Sections::Unknown;
70	if (sectionByte) {	76	if (sectionByte) {
71	if (sectionByte >= Sections::Unknown)	77	if (sectionByte < Sections::Unknown)
72	section = Sections::Unknown;
73	else
74	section = static_cast<Sections::Section>(sectionByte);	78	section = static_cast<Sections::Section>(sectionByte);
75	} else {	79	} else {
76	uint32_t sectionNameLength;	80	uint32_t sectionNameLength;
Lines 96-101 bool ModuleParser::parse() a/Source/JavaScriptCore/wasm/WASMModuleParser.cpp_sec3
96	unsigned end = m_offset + sectionLength;	100	unsigned end = m_offset + sectionLength;
97		101
98	switch (section) {	102	switch (section) {
		103
		104	case Sections::Memory: {
		105	if (verbose)
		106	dataLogLn("Parsing Memory.");
		107	if (!parseMemory())
		108	return false;
		109	break;
		110	}
		111
99	case Sections::FunctionTypes: {	112	case Sections::FunctionTypes: {
100	if (verbose)	113	if (verbose)
101	dataLogLn("Parsing types.");	114	dataLogLn("Parsing types.");
Lines 143-148 bool ModuleParser::parse() a/Source/JavaScriptCore/wasm/WASMModuleParser.cpp_sec4
143	return true;	156	return true;
144	}	157	}
145		158
		159	bool ModuleParser::parseMemory()
		160	{
		161	uint32_t maxPageNum = std::numeric_limits<uint32_t>::max() / 64 / KB;
		162	uint8_t flags;
		163	if (!parseVarUInt1(flags))
		164	return false;
		165
		166	uint32_t size;
		167	if (!parseVarUInt32(size))
		168	return false;
		169	if (size > maxPageNum)
		170	return false;
		171
		172	uint32_t max = maxPageNum;
		173	if (flags) {
		174	if (!parseVarUInt32(max))
		175	return false;
		176	if (size > max \|\| max > maxPageNum)
		177	return false;
		178	}
		179
		180	max = 64 KB;
		181	size = 64 KB;
		182
		183	Vector<unsigned> pinnedSizes = { 0 };
		184	m_memory = std::make_unique<Memory>(maxPageNum * 64 * KB, maxPageNum * 64 * KB, pinnedSizes);
		185	return m_memory->memory();
		186	}
		187
146	bool ModuleParser::parseFunctionTypes()	188	bool ModuleParser::parseFunctionTypes()
147	{	189	{
148	uint32_t count;	190	uint32_t count;



#if ENABLE(WEBASSEMBLY)

#include "WASMOps.h"
#include "WASMMemory.h"
#include "WASMParser.h"
#include <wtf/Vector.h>



    bool WARN_UNUSED_RETURN parse();

    const Vector<FunctionInformation>& functionInformation() const { return m_functions; }
    std::unique_ptr<Memory>& memory() { return m_memory; }

private:
    bool WARN_UNUSED_RETURN parseMemory();
    bool WARN_UNUSED_RETURN parseFunctionTypes();
    bool WARN_UNUSED_RETURN parseFunctionSignatures();
    bool WARN_UNUSED_RETURN parseFunctionDefinitions();
    bool WARN_UNUSED_RETURN parseFunctionDefinition(uint32_t number);
    bool WARN_UNUSED_RETURN parseBlock();
    bool WARN_UNUSED_RETURN parseExpression(OpType);

    Vector<FunctionInformation> m_functions;
    Vector<Signature> m_signatures;
    std::unique_ptr<Memory> m_memory;
};

} } // namespace JSC::WASM



    macro(I64LeU, 0x6d, BelowEqual) \


#define FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
    macro(I32Load8S, 0x20, NA) \
    macro(I32Load8U, 0x21, NA) \
    macro(I32Load16S, 0x22, NA) \
    /* macro(I32Load16U, 0x23, NA) */ \
    macro(I64Load8S, 0x24, NA) \
    macro(I64Load8U, 0x25, NA) \
    macro(I64Load16S, 0x26, NA) \
    /* macro(I64Load16U, 0x27, NA) */ \
    macro(I64Load32S, 0x28, NA) \
    macro(I64Load32U, 0x29, NA) \
    macro(I32Load, 0x2a, NA) \
    macro(I64Load, 0x2b, NA) \


#define FOR_EACH_WASM_MEMORY_STORE_OP(macro) \
    macro(I32Store8, 0x2e, NA) \
    macro(I32Store16, 0x2f, NA) \
    macro(I64Store8, 0x30, NA) \
    macro(I64Store16, 0x31, NA) \
    macro(I64Store32, 0x32, NA) \
    macro(I32Store, 0x33, NA) \
    macro(I64Store, 0x34, NA) \


#define FOR_EACH_WASM_OP(macro) \
    FOR_EACH_WASM_SPECIAL_OP(macro) \
    FOR_EACH_WASM_CONTROL_FLOW_OP(macro) \
    FOR_EACH_WASM_UNARY_OP(macro) \
    FOR_EACH_WASM_BINARY_OP(macro) \
    FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
    FOR_EACH_WASM_MEMORY_STORE_OP(macro)

#define CREATE_ENUM_VALUE(name, id, b3op) name = id,


    FOR_EACH_WASM_UNARY_OP(CREATE_ENUM_VALUE)
};

enum class LoadOpType : uint8_t {
    FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_ENUM_VALUE)
};

enum class StoreOpType : uint8_t {
    FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_ENUM_VALUE)
};

#undef CREATE_ENUM_VALUE

inline bool isControlOp(OpType op)




#include "B3Compilation.h"
#include "WASMB3IRGenerator.h"
#include "WASMCallingConvention.h"
#include "WASMModuleParser.h"
#include <wtf/DataLog.h>


    for (const FunctionInformation& info : moduleParser.functionInformation()) {
        if (verbose)
            dataLogLn("Processing funcion starting at: ", info.start, " and ending at: ", info.end);
        result.append(parseAndCompile(vm, source, moduleParser.memory().get(), info));
    }
    memory = WTFMove(moduleParser.memory());
}

} } // namespace JSC::WASM




#include "CompilationResult.h"
#include "VM.h"
#include "WASMFormat.h"
#include <wtf/ThreadSafeRefCounted.h>
#include <wtf/Vector.h>

namespace JSC { namespace WASM {
class Memory;
namespace B3 {
class Compilation;
} // namespace B3

namespace WASM {

// TODO: This should create a WASM Module not a list of functions.
class Plan {
public:
    JS_EXPORT_PRIVATE Plan(VM&, Vector<uint8_t> source);

    Vector<std::unique_ptr<FunctionCompilation>> result;
    std::unique_ptr<Memory> memory;
};

} } // namespace JSC::WASM

Lines 33-38 struct Sections { a/Source/JavaScriptCore/wasm/WASMSections.h_sec1
- a/Source/JavaScriptCore/wasm/WASMSections.h +1 lines
33	enum Section : uint8_t {	33	enum Section : uint8_t {
34	FunctionTypes = 1,	34	FunctionTypes = 1,
35	Signatures = 3,	35	Signatures = 3,
		36	Memory = 5,
36	Definitions = 10,	37	Definitions = 10,
37	Unknown	38	Unknown
38	};	39	};

Return to Bug 161710

Lines 1-3 a/Source/JavaScriptCore/ChangeLog_sec1
- a/Source/JavaScriptCore/ChangeLog +41 lines
		1	2016-09-26 Keith Miller <keith_miller@apple.com>
		2
		3	Add support for WASM Memory.
		4	https://bugs.webkit.org/show_bug.cgi?id=161710
		5
		6	Reviewed by NOBODY (OOPS!).
		7
		8	This patch add initial support for WASM memory operations. First,
		9	it adds the concept of a WASM Module memory management object.
		10	This object currently mmaps a 32-bit address space for WASM use,
		11	although it marks all the memory outside the current breakpoint as
		12	PROT_NONE. For now, we do a range check on each store and load. In
		13	the future, we should change this to be an signal handler that
		14	checks what module the program trapped in.
		15
		16	* testWASM.cpp:
		17	(runWASMTests):
		18	* wasm/WASMB3IRGenerator.cpp:
		19	(JSC::WASM::parseAndCompile):
		20	* wasm/WASMB3IRGenerator.h:
		21	* wasm/WASMFormat.h:
		22	(JSC::WASM::Memory::Memory):
		23	(JSC::WASM::Memory::~Memory):
		24	(JSC::WASM::Memory::memory):
		25	(JSC::WASM::Memory::size):
		26	(JSC::WASM::Memory::growMemory):
		27	(JSC::WASM::Memory::offsetOfSize):
		28	* wasm/WASMFunctionParser.h:
		29	(JSC::WASM::FunctionParser<Context>::parseExpression):
		30	* wasm/WASMModuleParser.cpp:
		31	(JSC::WASM::ModuleParser::parse):
		32	(JSC::WASM::ModuleParser::parseMemory):
		33	* wasm/WASMModuleParser.h:
		34	(JSC::WASM::ModuleParser::functionInformation):
		35	(JSC::WASM::ModuleParser::memory):
		36	* wasm/WASMOps.h:
		37	* wasm/WASMPlan.cpp:
		38	(JSC::WASM::Plan::Plan):
		39	* wasm/WASMPlan.h:
		40	* wasm/WASMSections.h:
		41
1	2016-09-26 Don Olmstead <don.olmstead@am.sony.com>	42	2016-09-26 Don Olmstead <don.olmstead@am.sony.com>
2		43
3	[JSC] Allow fixedExecutableMemoryPoolSize to be set during build	44	[JSC] Allow fixedExecutableMemoryPoolSize to be set during build

Lines 1204-1209 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec1
- a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj +8 lines
1204	534C457C1BC72411007476A7 /* JSTypedArrayViewConstructor.h in Headers / = {isa = PBXBuildFile; fileRef = 534C457B1BC72411007476A7 / JSTypedArrayViewConstructor.h */; };	1204	534C457C1BC72411007476A7 /* JSTypedArrayViewConstructor.h in Headers / = {isa = PBXBuildFile; fileRef = 534C457B1BC72411007476A7 / JSTypedArrayViewConstructor.h */; };
1205	534C457E1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp in Sources / = {isa = PBXBuildFile; fileRef = 534C457D1BC72549007476A7 / JSTypedArrayViewConstructor.cpp */; };	1205	534C457E1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp in Sources / = {isa = PBXBuildFile; fileRef = 534C457D1BC72549007476A7 / JSTypedArrayViewConstructor.cpp */; };
1206	53529A4C1C457B75000B49C6 /* APIUtils.h in Headers / = {isa = PBXBuildFile; fileRef = 53529A4B1C457B75000B49C6 / APIUtils.h */; };	1206	53529A4C1C457B75000B49C6 /* APIUtils.h in Headers / = {isa = PBXBuildFile; fileRef = 53529A4B1C457B75000B49C6 / APIUtils.h */; };
		1207	535557141D9D9EA5006D583B /* WASMMemory.h in Headers / = {isa = PBXBuildFile; fileRef = 535557131D9D9EA5006D583B / WASMMemory.h */; };
		1208	535557161D9DFA32006D583B /* WASMMemory.cpp in Sources / = {isa = PBXBuildFile; fileRef = 535557151D9DFA32006D583B / WASMMemory.cpp */; };
1207	5370B4F51BF26202005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp in Sources / = {isa = PBXBuildFile; fileRef = 5370B4F31BF25EA2005C40FC / AdaptiveInferredPropertyValueWatchpointBase.cpp */; };	1209	5370B4F51BF26202005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp in Sources / = {isa = PBXBuildFile; fileRef = 5370B4F31BF25EA2005C40FC / AdaptiveInferredPropertyValueWatchpointBase.cpp */; };
1208	5370B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers / = {isa = PBXBuildFile; fileRef = 5370B4F41BF25EA2005C40FC / AdaptiveInferredPropertyValueWatchpointBase.h */; };	1210	5370B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers / = {isa = PBXBuildFile; fileRef = 5370B4F41BF25EA2005C40FC / AdaptiveInferredPropertyValueWatchpointBase.h */; };
1209	53917E7B1B7906FA000EBD33 /* JSGenericTypedArrayViewPrototypeFunctions.h in Headers / = {isa = PBXBuildFile; fileRef = 53917E7A1B7906E4000EBD33 / JSGenericTypedArrayViewPrototypeFunctions.h */; };	1211	53917E7B1B7906FA000EBD33 /* JSGenericTypedArrayViewPrototypeFunctions.h in Headers / = {isa = PBXBuildFile; fileRef = 53917E7A1B7906E4000EBD33 / JSGenericTypedArrayViewPrototypeFunctions.h */; };
Lines 3418-3423 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec2
3418	534C457B1BC72411007476A7 /* JSTypedArrayViewConstructor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSTypedArrayViewConstructor.h; sourceTree = "<group>"; };	3420	534C457B1BC72411007476A7 /* JSTypedArrayViewConstructor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSTypedArrayViewConstructor.h; sourceTree = "<group>"; };
3419	534C457D1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSTypedArrayViewConstructor.cpp; sourceTree = "<group>"; };	3421	534C457D1BC72549007476A7 /* JSTypedArrayViewConstructor.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSTypedArrayViewConstructor.cpp; sourceTree = "<group>"; };
3420	53529A4B1C457B75000B49C6 /* APIUtils.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APIUtils.h; sourceTree = "<group>"; };	3422	53529A4B1C457B75000B49C6 /* APIUtils.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = APIUtils.h; sourceTree = "<group>"; };
		3423	535557131D9D9EA5006D583B /* WASMMemory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WASMMemory.h; sourceTree = "<group>"; };
		3424	535557151D9DFA32006D583B /* WASMMemory.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WASMMemory.cpp; sourceTree = "<group>"; };
3421	5370B4F31BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AdaptiveInferredPropertyValueWatchpointBase.cpp; sourceTree = "<group>"; };	3425	5370B4F31BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AdaptiveInferredPropertyValueWatchpointBase.cpp; sourceTree = "<group>"; };
3422	5370B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AdaptiveInferredPropertyValueWatchpointBase.h; sourceTree = "<group>"; };	3426	5370B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AdaptiveInferredPropertyValueWatchpointBase.h; sourceTree = "<group>"; };
3423	53917E7A1B7906E4000EBD33 /* JSGenericTypedArrayViewPrototypeFunctions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSGenericTypedArrayViewPrototypeFunctions.h; sourceTree = "<group>"; };	3427	53917E7A1B7906E4000EBD33 /* JSGenericTypedArrayViewPrototypeFunctions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSGenericTypedArrayViewPrototypeFunctions.h; sourceTree = "<group>"; };
Lines 5619-5624 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec3
5619	53F40E901D5903020099A1B6 /* WASMOps.h */,	5623	53F40E901D5903020099A1B6 /* WASMOps.h */,
5620	7BC547D21B69599B00959B58 /* WASMFormat.h */,	5624	7BC547D21B69599B00959B58 /* WASMFormat.h */,
5621	53F40E8A1D5901BB0099A1B6 /* WASMFunctionParser.h */,	5625	53F40E8A1D5901BB0099A1B6 /* WASMFunctionParser.h */,
		5626	535557151D9DFA32006D583B /* WASMMemory.cpp */,
		5627	535557131D9D9EA5006D583B /* WASMMemory.h */,
5622	53F40E961D5A7BEC0099A1B6 /* WASMModuleParser.cpp */,	5628	53F40E961D5A7BEC0099A1B6 /* WASMModuleParser.cpp */,
5623	53F40E941D5A7AEF0099A1B6 /* WASMModuleParser.h */,	5629	53F40E941D5A7AEF0099A1B6 /* WASMModuleParser.h */,
5624	531374BE1D5CE95000AF7A0B /* WASMPlan.cpp */,	5630	531374BE1D5CE95000AF7A0B /* WASMPlan.cpp */,
Lines 7759-7764 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec4
7759	142E3138134FF0A600AFADB5 /* HandleStack.h in Headers */,	7765	142E3138134FF0A600AFADB5 /* HandleStack.h in Headers */,
7760	1478297B1379E8A800A7C2A3 /* HandleTypes.h in Headers */,	7766	1478297B1379E8A800A7C2A3 /* HandleTypes.h in Headers */,
7761	0F10F1A31C420BF0001C07D2 /* AirCustom.h in Headers */,	7767	0F10F1A31C420BF0001C07D2 /* AirCustom.h in Headers */,
		7768	535557141D9D9EA5006D583B /* WASMMemory.h in Headers */,
7762	14BA7A9813AADFF8005B7C2C /* Heap.h in Headers */,	7769	14BA7A9813AADFF8005B7C2C /* Heap.h in Headers */,
7763	0F32BD111BB34F190093A57F /* HeapHelperPool.h in Headers */,	7770	0F32BD111BB34F190093A57F /* HeapHelperPool.h in Headers */,
7764	C2DA778318E259990066FCB6 /* HeapInlines.h in Headers */,	7771	C2DA778318E259990066FCB6 /* HeapInlines.h in Headers */,
Lines 9088-9093 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec5
9088	0F5A1273192D9FDF008764A3 /* DFGDoesGC.cpp in Sources */,	9095	0F5A1273192D9FDF008764A3 /* DFGDoesGC.cpp in Sources */,
9089	0FD3C82614115D4000FD81CB /* DFGDriver.cpp in Sources */,	9096	0FD3C82614115D4000FD81CB /* DFGDriver.cpp in Sources */,
9090	0FF0F19E16B72A0B005DF95B /* DFGEdge.cpp in Sources */,	9097	0FF0F19E16B72A0B005DF95B /* DFGEdge.cpp in Sources */,
		9098	535557161D9DFA32006D583B /* WASMMemory.cpp in Sources */,
9091	0F8F14331ADF090100ED792C /* DFGEpoch.cpp in Sources */,	9099	0F8F14331ADF090100ED792C /* DFGEpoch.cpp in Sources */,
9092	0FBC0AE71496C7C400D4FBDD /* DFGExitProfile.cpp in Sources */,	9100	0FBC0AE71496C7C400D4FBDD /* DFGExitProfile.cpp in Sources */,
9093	A78A9774179738B8009DF744 /* DFGFailedFinalizer.cpp in Sources */,	9101	A78A9774179738B8009DF744 /* DFGFailedFinalizer.cpp in Sources */,

Lines 27-49 a/Source/JavaScriptCore/wasm/WASMCallingConvention.h_sec1
- a/Source/JavaScriptCore/wasm/WASMCallingConvention.h -6 / +50 lines
27		27
28	#if ENABLE(WEBASSEMBLY)	28	#if ENABLE(WEBASSEMBLY)
29		29
		30	#include "AllowMacroScratchRegisterUsage.h"
30	#include "B3ArgumentRegValue.h"	31	#include "B3ArgumentRegValue.h"
31	#include "B3BasicBlock.h"	32	#include "B3BasicBlock.h"
		33	#include "B3ConstrainedValue.h"
32	#include "B3Const64Value.h"	34	#include "B3Const64Value.h"
33	#include "B3MemoryValue.h"	35	#include "B3MemoryValue.h"
		36	#include "B3PatchpointValue.h"
		37	#include "B3Procedure.h"
		38	#include "B3StackmapGenerationParams.h"
34	#include "CallFrame.h"	39	#include "CallFrame.h"
		40	#include "LinkBuffer.h"
35	#include "RegisterSet.h"	41	#include "RegisterSet.h"
36	#include "WASMFormat.h"	42	#include "WASMFormat.h"
37		43
38	namespace JSC { namespace WASM {	44	namespace JSC { namespace WASM {
39		45
40	typedef unsigned (*NextOffset)(unsigned currentOffset, Type type);	46	typedef unsigned (*NextOffset)(unsigned currentOffset, B3::Type type);
41		47
42	template<unsigned offset, NextOffset updateOffset>	48	template<unsigned headerSize, NextOffset updateOffset>
43	class CallingConvention {	49	class CallingConvention {
44	public:	50	public:
45	static const unsigned headerSize = offset;
46
47	CallingConvention(Vector<GPRReg>&& registerArguments, RegisterSet&& calleeSaveRegisters)	51	CallingConvention(Vector<GPRReg>&& registerArguments, RegisterSet&& calleeSaveRegisters)
48	: m_registerArguments(registerArguments)	52	: m_registerArguments(registerArguments)
49	, m_calleeSaveRegisters(calleeSaveRegisters)	53	, m_calleeSaveRegisters(calleeSaveRegisters)
Lines 64-81 public: a/Source/JavaScriptCore/wasm/WASMCallingConvention.h_sec2
64	B3::Value* address = block->appendNew<B3::Value>(proc, B3::Add, origin, framePointer,	68	B3::Value* address = block->appendNew<B3::Value>(proc, B3::Add, origin, framePointer,
65	block->appendNew<B3::Const64Value>(proc, origin, currentOffset));	69	block->appendNew<B3::Const64Value>(proc, origin, currentOffset));
66	argument = block->appendNew<B3::MemoryValue>(proc, B3::Load, toB3Type(argumentTypes[i]), origin, address);	70	argument = block->appendNew<B3::MemoryValue>(proc, B3::Load, toB3Type(argumentTypes[i]), origin, address);
67	currentOffset = updateOffset(currentOffset, argumentTypes[i]);	71	currentOffset = updateOffset(currentOffset, toB3Type(argumentTypes[i]));
68	}	72	}
69	functor(argument, i);	73	functor(argument, i);
70	}	74	}
71	}	75	}
72		76
		77	template<typename Functor>
		78	B3::Value* setupCall(B3::Procedure& proc, B3::BasicBlock* block, B3::Origin origin, MacroAssemblerCodePtr target, const Vector<B3::Value*>& arguments, B3::Type returnType, const Functor& patchpointFunctor) const
		79	{
		80	unsigned stackArgumentCount = arguments.size() < m_registerArguments.size() ? 0 : arguments.size() - m_registerArguments.size();
		81	proc.requestCallArgAreaSizeInBytes(WTF::roundUpToMultipleOf(stackAlignmentBytes(), headerSize + (stackArgumentCount * sizeof(Register))));
		82
		83	unsigned offset = headerSize;
		84	Vector<B3::ConstrainedValue> constrainedArguments;
		85	for (unsigned i = 0; i < arguments.size(); ++i) {
		86	B3::ValueRep rep;
		87	if (i < m_registerArguments.size())
		88	rep = B3::ValueRep::reg(m_registerArguments[i]);
		89	else
		90	rep = B3::ValueRep::stackArgument(offset);
		91	constrainedArguments.append(B3::ConstrainedValue(arguments[i], rep));
		92	offset = updateOffset(offset, arguments[i]->type());
		93	}
		94
		95	B3::PatchpointValue* patchpoint = block->appendNew<B3::PatchpointValue>(proc, returnType, origin);
		96	patchpoint->appendVector(constrainedArguments);
		97	patchpointFunctor(patchpoint);
		98	patchpoint->setGenerator([=] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
		99	AllowMacroScratchRegisterUsage allowScratch(jit);
		100
		101	CCallHelpers::Call call = jit.call();
		102	jit.addPtr(
		103	CCallHelpers::TrustedImm32(-params.proc().frameSize()),
		104	GPRInfo::callFrameRegister, CCallHelpers::stackPointerRegister);
		105	jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
		106	linkBuffer.link(call, FunctionPtr(target.executableAddress()));
		107	});
		108
		109
		110	});
		111
		112	if (returnType != B3::Void)
		113	return patchpoint;
		114	return nullptr;
		115	}
		116
73	const Vector<GPRReg> m_registerArguments;	117	const Vector<GPRReg> m_registerArguments;
74	const RegisterSet m_calleeSaveRegisters;	118	const RegisterSet m_calleeSaveRegisters;
75	const RegisterSet m_callerSaveRegisters;	119	const RegisterSet m_callerSaveRegisters;
76	};	120	};
77		121
78	inline unsigned nextJSCOffset(unsigned currentOffset, Type)	122	inline unsigned nextJSCOffset(unsigned currentOffset, B3::Type)
79	{	123	{
80	return currentOffset + sizeof(Register);	124	return currentOffset + sizeof(Register);
81	}	125	}

Lines 154-159 bool FunctionParser<Context>::parseExpression(OpType op) a/Source/JavaScriptCore/wasm/WASMFunctionParser.h_sec1
- a/Source/JavaScriptCore/wasm/WASMFunctionParser.h +33 lines
154	return true;	154	return true;
155	}	155	}
156		156
		157	FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_CASE) {
		158	// TODO: What do I do with this?
		159	uint32_t alignment;
		160	if (!parseVarUInt32(alignment))
		161	return false;
		162
		163	uint32_t offset;
		164	if (!parseVarUInt32(offset))
		165	return false;
		166
		167	ExpressionType pointer = m_expressionStack.takeLast();
		168	ExpressionType result;
		169	if (!m_context.load(static_cast<LoadOpType>(op), offset, pointer, result))
		170	return false;
		171	m_expressionStack.append(result);
		172	return true;
		173	}
		174
		175	FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_CASE) {
		176	// TODO: What do I do with this?
		177	uint32_t alignment;
		178	if (!parseVarUInt32(alignment))
		179	return false;
		180
		181	uint32_t offset;
		182	if (!parseVarUInt32(offset))
		183	return false;
		184
		185	ExpressionType value = m_expressionStack.takeLast();
		186	ExpressionType pointer = m_expressionStack.takeLast();
		187	return m_context.store(static_cast<StoreOpType>(op), offset, pointer, value);
		188	}
		189
157	case OpType::I32Const: {	190	case OpType::I32Const: {
158	uint32_t constant;	191	uint32_t constant;
159	if (!parseVarUInt32(constant))	192	if (!parseVarUInt32(constant))

Line 0 a/Source/JavaScriptCore/wasm/WASMMemory.cpp_sec1
- a/Source/JavaScriptCore/wasm/WASMMemory.cpp +70 lines
		1	/*
		2	* Copyright (C) 2016 Apple Inc. All rights reserved.
		3	*
		4	* Redistribution and use in source and binary forms, with or without
		5	* modification, are permitted provided that the following conditions
		6	* are met:
		7	* 1. Redistributions of source code must retain the above copyright
		8	* notice, this list of conditions and the following disclaimer.
		9	* 2. Redistributions in binary form must reproduce the above copyright
		10	* notice, this list of conditions and the following disclaimer in the
		11	* documentation and/or other materials provided with the distribution.
		12	*
		13	* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
		14	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		15	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		16	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
		17	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
		18	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
		19	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
		20	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
		21	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
		23	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		24	*/
		25
		26	#include "config.h"
		27	#include "WASMMemory.h"
		28
		29	#if ENABLE(WEBASSEMBLY)
		30
		31	namespace JSC { namespace WASM {
		32
		33	Memory::Memory(uint32_t startingSize, uint32_t maxSize, const Vector<unsigned>& pinnedSizeRegisters)
		34	: m_size(startingSize)
		35	, m_maxSize(maxSize)
		36	{
		37	ASSERT(pinnedSizeRegisters.size() > 0);
		38	// Perhaps we should try MAP_32BIT on X86-64 since that might allow B3 to emit better Loads/Stores.
		39	void* result = mmap(nullptr, maxSize, PROT_NONE, MAP_PRIVATE \| MAP_ANON, 0, 0);
		40	if (!result)
		41	return;
		42
		43	if (mprotect(result, startingSize, PROT_READ \| PROT_WRITE)) {
		44	munmap(result, maxSize);
		45	return;
		46	}
		47
		48	unsigned remainingPinnedRegisters = pinnedSizeRegisters.size() + 1;
		49	jscCallingConvention().m_calleeSaveRegisters.forEach([&] (Reg reg) {
		50	GPRReg gpr = reg.gpr();
		51	if (gpr == CCallHelpers::framePointerRegister \|\| gpr == CCallHelpers::stackPointerRegister)
		52	return;
		53	if (!remainingPinnedRegisters)
		54	return;
		55	if (remainingPinnedRegisters == 1) {
		56	m_pinnedRegisters.baseMemoryPointer = gpr;
		57	remainingPinnedRegisters--;
		58	} else
		59	m_pinnedRegisters.sizeRegisters.append({ gpr, pinnedSizeRegisters[--remainingPinnedRegisters - 1] });
		60	});
		61
		62	ASSERT(!remainingPinnedRegisters);
		63	m_memory = result;
		64	}
65
66	} // namespace JSC
67
68	} // namespace WASM
69
70	#endif // ENABLE(WEBASSEMBLY)

Lines 103-113 namespace JSC { namespace WASM { a/Source/JavaScriptCore/wasm/WASMOps.h_sec1
- a/Source/JavaScriptCore/wasm/WASMOps.h -1 / +36 lines
103	macro(I64LeU, 0x6d, BelowEqual) \	103	macro(I64LeU, 0x6d, BelowEqual) \
104		104
105		105
		106	#define FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
		107	macro(I32Load8S, 0x20, NA) \
		108	macro(I32Load8U, 0x21, NA) \
		109	macro(I32Load16S, 0x22, NA) \
		110	/* macro(I32Load16U, 0x23, NA) */ \
		111	macro(I64Load8S, 0x24, NA) \
		112	macro(I64Load8U, 0x25, NA) \
		113	macro(I64Load16S, 0x26, NA) \
		114	/* macro(I64Load16U, 0x27, NA) */ \
		115	macro(I64Load32S, 0x28, NA) \
		116	macro(I64Load32U, 0x29, NA) \
		117	macro(I32Load, 0x2a, NA) \
		118	macro(I64Load, 0x2b, NA) \
		119
		120
		121	#define FOR_EACH_WASM_MEMORY_STORE_OP(macro) \
		122	macro(I32Store8, 0x2e, NA) \
		123	macro(I32Store16, 0x2f, NA) \
		124	macro(I64Store8, 0x30, NA) \
		125	macro(I64Store16, 0x31, NA) \
		126	macro(I64Store32, 0x32, NA) \
		127	macro(I32Store, 0x33, NA) \
		128	macro(I64Store, 0x34, NA) \
		129
		130
106	#define FOR_EACH_WASM_OP(macro) \	131	#define FOR_EACH_WASM_OP(macro) \
107	FOR_EACH_WASM_SPECIAL_OP(macro) \	132	FOR_EACH_WASM_SPECIAL_OP(macro) \
108	FOR_EACH_WASM_CONTROL_FLOW_OP(macro) \	133	FOR_EACH_WASM_CONTROL_FLOW_OP(macro) \
109	FOR_EACH_WASM_UNARY_OP(macro) \	134	FOR_EACH_WASM_UNARY_OP(macro) \
110	FOR_EACH_WASM_BINARY_OP(macro)	135	FOR_EACH_WASM_BINARY_OP(macro) \
		136	FOR_EACH_WASM_MEMORY_LOAD_OP(macro) \
		137	FOR_EACH_WASM_MEMORY_STORE_OP(macro)
111		138
112	#define CREATE_ENUM_VALUE(name, id, b3op) name = id,	139	#define CREATE_ENUM_VALUE(name, id, b3op) name = id,
113		140
Lines 123-128 enum class UnaryOpType : uint8_t { a/Source/JavaScriptCore/wasm/WASMOps.h_sec2
123	FOR_EACH_WASM_UNARY_OP(CREATE_ENUM_VALUE)	150	FOR_EACH_WASM_UNARY_OP(CREATE_ENUM_VALUE)
124	};	151	};
125		152
		153	enum class LoadOpType : uint8_t {
		154	FOR_EACH_WASM_MEMORY_LOAD_OP(CREATE_ENUM_VALUE)
		155	};
		156
		157	enum class StoreOpType : uint8_t {
		158	FOR_EACH_WASM_MEMORY_STORE_OP(CREATE_ENUM_VALUE)
		159	};
		160
126	#undef CREATE_ENUM_VALUE	161	#undef CREATE_ENUM_VALUE
127		162
128	inline bool isControlOp(OpType op)	163	inline bool isControlOp(OpType op)

Lines 30-35 a/Source/JavaScriptCore/wasm/WASMPlan.cpp_sec1
- a/Source/JavaScriptCore/wasm/WASMPlan.cpp -1 / +3 lines
30		30
31	#include "B3Compilation.h"	31	#include "B3Compilation.h"
32	#include "WASMB3IRGenerator.h"	32	#include "WASMB3IRGenerator.h"
		33	#include "WASMCallingConvention.h"
33	#include "WASMModuleParser.h"	34	#include "WASMModuleParser.h"
34	#include <wtf/DataLog.h>	35	#include <wtf/DataLog.h>
35		36
Lines 53-60 Plan::Plan(VM& vm, Vector<uint8_t> source) a/Source/JavaScriptCore/wasm/WASMPlan.cpp_sec2
53	for (const FunctionInformation& info : moduleParser.functionInformation()) {	54	for (const FunctionInformation& info : moduleParser.functionInformation()) {
54	if (verbose)	55	if (verbose)
55	dataLogLn("Processing funcion starting at: ", info.start, " and ending at: ", info.end);	56	dataLogLn("Processing funcion starting at: ", info.start, " and ending at: ", info.end);
56	result.append(parseAndCompile(vm, source, info));	57	result.append(parseAndCompile(vm, source, moduleParser.memory().get(), info));
57	}	58	}
		59	memory = WTFMove(moduleParser.memory());
58	}	60	}
59		61
60	} } // namespace JSC::WASM	62	} } // namespace JSC::WASM

Lines 29-51 a/Source/JavaScriptCore/wasm/WASMPlan.h_sec1
- a/Source/JavaScriptCore/wasm/WASMPlan.h -8 / +5 lines
29		29
30	#include "CompilationResult.h"	30	#include "CompilationResult.h"
31	#include "VM.h"	31	#include "VM.h"
		32	#include "WASMFormat.h"
32	#include <wtf/ThreadSafeRefCounted.h>	33	#include <wtf/ThreadSafeRefCounted.h>
33	#include <wtf/Vector.h>	34	#include <wtf/Vector.h>
34		35
35	namespace JSC {	36	namespace JSC { namespace WASM {
36		37	class Memory;
37	namespace B3 {
38	class Compilation;
39	} // namespace B3
40
41	namespace WASM {
42		38
43	// TODO: This should create a WASM Module not a list of functions.	39	// TODO: This should create a WASM Module not a list of functions.
44	class Plan {	40	class Plan {
45	public:	41	public:
46	JS_EXPORT_PRIVATE Plan(VM&, Vector<uint8_t> source);	42	JS_EXPORT_PRIVATE Plan(VM&, Vector<uint8_t> source);
47		43
48	Vector<std::unique_ptr<B3::Compilation>> result;	44	Vector<std::unique_ptr<FunctionCompilation>> result;
		45	std::unique_ptr<Memory> memory;
49	};	46	};
50		47
51	} } // namespace JSC::WASM	48	} } // namespace JSC::WASM