Relaxed Wasm SIMD implementation

85da494

Source/JavaScriptCore/wasm/WasmSIMDOpcodes.h

+macro(RelaxedMin, relaxed_min, ...)
+macro(RelaxedMax, relaxed_max, ...)
+macro(RelaxedQ15Mulr, relaxed_q15mulr_s, ...)
+macro(RelaxedDotI8x16I7x16, relaxed_dot_i8x16_i7x16_s, ...)
+macro(RelaxedDotI8x16I7x16Add, relaxed_dot_i8x16_i7x16_add_s, ...)

JSTests/wasm/stress/simd-const-relaxed-f32-madd.js

-//@ requireOptions("--useWasmSIMD=1", "--useWasmRelaxedSIMD=1", "--useWasmIPIntSIMD=0")
+//@ requireOptions("--useWasmSIMD=1", "--useWasmRelaxedSIMD=1")
-//@ $skipModes << "wasm-no-jit".to_sym
-//@ $skipModes << "wasm-no-wasm-jit".to_sym
-// FIXME: remove --useWasmIPIntSIMD=0 and don't skip no-jit once IPInt support is implemented

JSC compiles Wasm through a tiered pipeline: IPInt interprets bytecode directly, BBQ emits fast unoptimized machine code, and OMG runs a full B3-based optimizing compiler. Relaxed SIMD is a Wasm proposal that intentionally permits implementation-defined behavior within specified bounds — operations like relaxed_min and lane_select may produce different results depending on the underlying hardware instruction.

This commit implements relaxed Wasm SIMD across all three tiers for both x64 and ARM64. New operations: dot product variants (i16x8.relaxed_dot_i8x16_i7x16_s, i32x4.relaxed_dot_i8x16_i7x16_add_s), relaxed min/max, and Q15 multiply-rounding. FMA and truncation operations already existed but were gated behind --useWasmIPIntSIMD=0 and no-jit skip flags; this commit removes those gates.

Wasm relaxed SIMD opcode
        │
        ▼
  FunctionParser.h (decode)
        │
   ┌────┴────────────────┐
   │                     │
   ▼                     ▼
IPInt                  BBQ / OMG
(InPlaceInterpreter    (WasmBBQJIT64.cpp /
 .asm)                  WasmOMGIRGenerator.cpp)
                              │
                         B3 SIMDValue
                         (new opcodes)
                              │
                         B3LowerToAir
                              │
                         Air opcodes
                              │
                    MacroAssembler layer
                  (ARM64 / x86_64 SIMD insns)

Significance

This adds substantial new attack surface: four new SIMD operation families, each with three independent tier implementations, new B3 IR opcodes, new Air opcodes, and new assembler primitives — and the relaxed SIMD spec's intentional non-determinism gives bugs cover, since an incorrect result may still appear "within spec" on paper.

Audit directions

Aaaa Aa Aaa Aaaa Aaa Aaaaaaaaa Aaaaaaaa Aaa Aaaaa Aaaaaaaaaaa Aaaaaaaaaaaaaaa a Aaaaaaaaaa Aaaaaaaaaa Aaaaaaa Aaaaa Aaa Aa a Aaaaaaa Aa Aaaaaa Aaaaaaaaaa Aa Aaaa Aaaaaaaaaa Aaa Aaaaa Aaa Aaaaaaa Aaaa Aaaaaaaa Aa Aaaaaaaaaaaaaaaaaaaa Aa Aaaaaaa Aaaaaaaaa Aa Aaaaa Aa Aaa Aaaaaaaa Aaaa Aa Aaaaaaaaaaaa Aaaaaaaaaa Aaaaaaaaaa Aa Aaaaaaaa Aaaaaaa Aaaaaaa Aaaaa Aaaaaaa Aaaaa Aaaaaaa Aa Aaaaaaa Aaaaaa Aaaaaa Aaa Aa Aaaaaaa Aaaa Aa Aaaaaaaaa Aaaaaaaaaa Aaaa Aaaaaaa Aaaaaaaa Aaaaaaaaaaaaaaaaaaaaa Aaa Aaaaaa Aaaaaaaaaaaaaaaaa Aaa Aaaaaaaaaa Aaaaaaaaaaaaaa a Aaaaaaaaa Aaaa Aaa Aaaaa Aaa Aaaaaaaaa Aa Aaaaaaaaaaa Aaaaaaaa Aaaaaaaaaa Aa Aaaaa Aaaa Aaaaaaaaaaa Aaa Aaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaa a Aaaaaaa Aaaaaaaa Aa Aaa Aaaaaaaaaa Aaaaaaaa a Aaaaaaaa Aaaaaaaaaa Aaaa Aaaa Aaaaa Aaaaaaa Aaaa Aaaaaaa

🔒

New multi-tier SIMD paths and a CPU feature-gated fallback — several edge cases across tiers warrant close investigation.

Subscribe to read more