Merge branch 'main' into wasm-reduce-header

Author: tlively

CHANGELOG.md

@@ -15,16 +15,31 @@ full changeset diff at the end of each section.
 Current Trunk
 -------------
 
+v124
+----
+
+ - Add Custom Descriptors support. (Fuzzing: #7796)
+ - Add Stack Switching support. (Fuzzing: #7834)
+ - Add Compilation Hints + Branch Hinting support. (Fuzzing #7704)
+ - Build mimalloc with `MI_NO_OPT_ARCH` to fix Raspberry Pi 4 on Arm64. (#7837)
  - `wasm-split`'s `--multi-split` mode now supports more options:
    `--no-placeholders`, `--import-namespace`, `--emit-module-names`,
    `--emit-text`, `--symbolmap`, and `--placeholdermap`. Because
    `--no-placeholders` is false by default and until now `--multi-split` didn't
    use placeholders at all, this is a breaking change. If you want to continue
    to do multi-split without placeholders, you need to explicitly specify
-   `--no-placeholders`.
+   `--no-placeholders`. (#7781, #7789, #7792)
+ - InstrumentMemory: Allow filtering by instruction, and instrument memory.grow.
+   (#7388)
+ - Add support for more source map fields, "sourcesContent", "file", and
+   "sourceRoot". (#7473)
+ - [GC] Add a TypeRefiningGUFA pass. (#7433)
+ - [C/JS APIs] Allow JS and C to read the start function of a module (#7424)
  - Add a `--string-lifting` pass that raises imported string operations and
    constants into stringref in Binaryen IR (which can then be fully optimized,
-   and typically lowered back down with `--string-lowering`).
+   and typically lowered back down with `--string-lowering`). (#7389)
+ - Fuzzer: Improve handling of small inputs and their debugging using a new
+   `BINARYEN_FUZZER_MAX_BYTES` env var. (#7832)
 
 v123
 ----

CMakeLists.txt

@@ -7,7 +7,7 @@ cmake_minimum_required(VERSION 3.16.3)
 # to reduce this for compatability with emsdk.
 set(CMAKE_OSX_DEPLOYMENT_TARGET "10.14" CACHE STRING "Minimum OS X deployment version")
 
-project(binaryen LANGUAGES C CXX VERSION 123)
+project(binaryen LANGUAGES C CXX VERSION 124)
 include(GNUInstallDirs)
 
 # The C++ standard whose features are required to build Binaryen.

src/ir/struct-utils.h

@@ -29,21 +29,58 @@ using StructField = std::pair<HeapType, Index>;
 
 namespace StructUtils {
 
+// A value that has a single bool, and implements combine() so it can be used in
+// StructValues.
+struct CombinableBool {
+  bool value = false;
+
+  CombinableBool() {}
+  CombinableBool(bool value) : value(value) {}
+
+  operator bool() const { return value; }
+
+  bool combine(const CombinableBool& other) {
+    if (!value && other.value) {
+      value = true;
+      return true;
+    }
+    return false;
+  }
+};
+
+static const Index DescriptorIndex = -1;
+
 // A vector of a template type's values. One such vector will be used per struct
 // type, where each element in the vector represents a field. We always assume
 // that the vectors are pre-initialized to the right length before accessing any
 // data, which this class enforces using assertions, and which is implemented in
 // StructValuesMap.
 template<typename T> struct StructValues : public std::vector<T> {
   T& operator[](size_t index) {
+    if (index == DescriptorIndex) {
+      return desc;
+    }
     assert(index < this->size());
     return std::vector<T>::operator[](index);
   }
 
   const T& operator[](size_t index) const {
+    if (index == DescriptorIndex) {
+      return desc;
+    }
     assert(index < this->size());
     return std::vector<T>::operator[](index);
   }
+
+  // Store the descriptor as another field. (This could be a std::optional to
+  // indicate that the descriptor's existence depends on the type, but that
+  // would add overhead & code clutter (type checks). If there is no descriptor,
+  // this will just hang around with the default values, not harming anything
+  // except perhaps for looking a little odd during debugging. And whenever we
+  // combine() a non-existent descriptor, we are doing unneeded work, but the
+  // data here is typically just a few bools, so it is simpler and likely
+  // faster to just copy those rather than check if the type has a descriptor.)
+  T desc;
 };
 
 // Maps heap types to a StructValues for that heap type.
@@ -69,6 +106,7 @@ struct StructValuesMap : public std::unordered_map<HeapType, StructValues<T>> {
       for (Index i = 0; i < info.size(); i++) {
         combinedInfos[type][i].combine(info[i]);
       }
+      combinedInfos[type].desc.combine(info.desc);
     }
   }
 
@@ -80,6 +118,8 @@ struct StructValuesMap : public std::unordered_map<HeapType, StructValues<T>> {
         x.dump(o);
         o << " ";
       };
+      o << " desc: ";
+      vec.desc.dump(o);
       o << '\n';
     }
   }
@@ -129,14 +169,17 @@ struct FunctionStructValuesMap
 //
 //   void noteCopy(HeapType type, Index index, T& info);
 //
-// * Note a read
+// * Note a read.
 //
 //   void noteRead(HeapType type, Index index, T& info);
 //
 // We track information from struct.new and struct.set/struct.get separately,
 // because in struct.new we know more about the type - we know the actual exact
 // type being written to, and not just that it is of a subtype of the
 // instruction's type, which helps later.
+//
+// Descriptors are treated as fields in that we call the above functions on
+// them. We pass DescriptorIndex for their index as a fake value.
 template<typename T, typename SubType>
 struct StructScanner
   : public WalkerPass<PostWalker<StructScanner<T, SubType>>> {
@@ -168,6 +211,10 @@ struct StructScanner
         noteExpressionOrCopy(curr->operands[i], heapType, i, infos[i]);
       }
     }
+
+    if (curr->desc) {
+      self().noteExpression(curr->desc, heapType, DescriptorIndex, infos.desc);
+    }
   }
 
   void visitStructSet(StructSet* curr) {
@@ -236,6 +283,42 @@ struct StructScanner
     noteExpressionOrCopy(curr->replacement, heapType, index, info);
   }
 
+  void visitRefCast(RefCast* curr) {
+    if (curr->desc) {
+      // We may try to read a descriptor from anything arriving in |curr->ref|,
+      // but the only things that matter are the things we cast to: other types
+      // can lack a descriptor, and are skipped anyhow. So the only effective
+      // read is of the cast type.
+      handleDescRead(curr->getCastType());
+    }
+  }
+
+  void visitBrOn(BrOn* curr) {
+    if (curr->desc &&
+        (curr->op == BrOnCastDesc || curr->op == BrOnCastDescFail)) {
+      handleDescRead(curr->getCastType());
+    }
+  }
+
+  void visitRefGetDesc(RefGetDesc* curr) {
+    // Unlike a cast, anything in |curr->ref| may be read from.
+    handleDescRead(curr->ref->type);
+  }
+
+  void handleDescRead(Type type) {
+    if (type == Type::unreachable) {
+      return;
+    }
+    auto heapType = type.getHeapType();
+    if (heapType.isStruct()) {
+      // Any subtype of the reference here may be read from.
+      self().noteRead(heapType,
+                      DescriptorIndex,
+                      functionSetGetInfos[this->getFunction()][heapType].desc);
+      return;
+    }
+  }
+
   void
   noteExpressionOrCopy(Expression* expr, HeapType type, Index index, T& info) {
     // Look at the value falling through, if it has the exact same type
@@ -268,8 +351,8 @@ struct StructScanner
   FunctionStructValuesMap<T>& functionSetGetInfos;
 };
 
-// Helper class to propagate information about fields to sub- and/or super-
-// classes in the type hierarchy. While propagating it calls a method
+// Helper class to propagate information to sub- and/or super- classes in the
+// type hierarchy. While propagating it calls a method
 //
 //  to.combine(from)
 //
@@ -286,18 +369,32 @@ template<typename T> class TypeHierarchyPropagator {
 
   SubTypes subTypes;
 
+  // Propagate given a StructValuesMap, which means we need to take into
+  // account fields.
   void propagateToSuperTypes(StructValuesMap<T>& infos) {
     propagate(infos, false, true);
   }
-
   void propagateToSubTypes(StructValuesMap<T>& infos) {
     propagate(infos, true, false);
   }
-
   void propagateToSuperAndSubTypes(StructValuesMap<T>& infos) {
     propagate(infos, true, true);
   }
 
+  // Propagate on a simpler map of structs and infos (that is, not using
+  // separate values for the fields, as StructValuesMap does). This is useful
+  // when not tracking individual fields, but something more general about
+  // types.
+  using StructMap = std::unordered_map<HeapType, T>;
+
+  void propagateToSuperTypes(StructMap& infos) {
+    propagate(infos, false, true);
+  }
+  void propagateToSubTypes(StructMap& infos) { propagate(infos, true, false); }
+  void propagateToSuperAndSubTypes(StructMap& infos) {
+    propagate(infos, true, true);
+  }
+
 private:
   void propagate(StructValuesMap<T>& combinedInfos,
                  bool toSubTypes,
@@ -320,6 +417,11 @@ template<typename T> class TypeHierarchyPropagator {
               work.push(*superType);
             }
           }
+          // Propagate the descriptor to the super, if the super has one.
+          if (superType->getDescriptorType() &&
+              superInfos.desc.combine(infos.desc)) {
+            work.push(*superType);
+          }
         }
       }
 
@@ -333,6 +435,41 @@ template<typename T> class TypeHierarchyPropagator {
               work.push(subType);
             }
           }
+          // Propagate the descriptor.
+          if (subInfos.desc.combine(infos.desc)) {
+            work.push(subType);
+          }
+        }
+      }
+    }
+  }
+
+  void propagate(StructMap& combinedInfos, bool toSubTypes, bool toSuperTypes) {
+    UniqueDeferredQueue<HeapType> work;
+    for (auto& [type, _] : combinedInfos) {
+      work.push(type);
+    }
+    while (!work.empty()) {
+      auto type = work.pop();
+      auto& info = combinedInfos[type];
+
+      if (toSuperTypes) {
+        // Propagate to the supertype.
+        if (auto superType = type.getDeclaredSuperType()) {
+          auto& superInfo = combinedInfos[*superType];
+          if (superInfo.combine(info)) {
+            work.push(*superType);
+          }
+        }
+      }
+
+      if (toSubTypes) {
+        // Propagate shared fields to the subtypes.
+        for (auto subType : subTypes.getImmediateSubTypes(type)) {
+          auto& subInfo = combinedInfos[subType];
+          if (subInfo.combine(info)) {
+            work.push(subType);
+          }
         }
       }
     }