[wasm] Make Wasm builtin calls skip trampolines

Change builtin calls in wasm-compiler.cc to use CallBuiltinPointer rather than CallCodeObject which means they bypass the trampoline. Since the Code objects are no longer being called, remove them from the executable Code object allow-list in builtins.cc. Bug: v8:9338 Change-Id: I9835bab859c4d5e45dbfb4c7a339ccf74e719237 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893337 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#64744}
2019-11-04 13:38:51 +00:00 · 2019-11-04 13:38:51 +00:00 · e794a9e725
commit e794a9e725
parent fcbe7498c5
2 changed files with 36 additions and 59 deletions
--- a/src/builtins/builtins.cc
+++ b/src/builtins/builtins.cc
@ -452,12 +452,8 @@ bool Builtins::CodeObjectIsExecutable(int builtin_index) {
  // pared down as much as possible.
  switch (builtin_index) {
    case Builtins::kInterpreterEntryTrampoline:
-    case Builtins::kToNumber:
-    case Builtins::kI64ToBigInt:
-    case Builtins::kBigIntToI64:
    case Builtins::kCompileLazy:
    case Builtins::kCompileLazyDeoptimizedCode:
-    case Builtins::kAllocateHeapNumber:
    case Builtins::kCEntry_Return1_DontSaveFPRegs_ArgvOnStack_NoBuiltinExit:
    case Builtins::kCEntry_Return1_DontSaveFPRegs_ArgvOnStack_BuiltinExit:
    case Builtins::kCEntry_Return1_DontSaveFPRegs_ArgvInRegister_NoBuiltinExit:
@ -478,11 +474,6 @@ bool Builtins::CodeObjectIsExecutable(int builtin_index) {
    case Builtins::kArgumentsAdaptorTrampoline:
    case Builtins::kHandleApiCall:
    case Builtins::kInstantiateAsmJs:
-    case Builtins::kIterableToFixedArrayForWasm:
-
-      // required for ia32
-    case Builtins::kI32PairToBigInt:
-    case Builtins::kBigIntToI32Pair:
      return true;
    default:
      return false;
--- a/src/compiler/wasm-compiler.cc
+++ b/src/compiler/wasm-compiler.cc
@ -5179,15 +5179,24 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
    return call_descriptor;
  }

+  Node* GetBuiltinPointerTarget(Builtins::Name builtin_id) {
+    static_assert(std::is_same<Smi, BuiltinPtr>(), "BuiltinPtr must be Smi");
+    return graph()->NewNode(mcgraph()->common()->NumberConstant(builtin_id));
+  }
+
+  Node* GetTargetForBuiltinCall(wasm::WasmCode::RuntimeStubId wasm_stub,
+                                Builtins::Name builtin_id) {
+    return (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
+               ? mcgraph()->RelocatableIntPtrConstant(wasm_stub,
+                                                      RelocInfo::WASM_STUB_CALL)
+               : GetBuiltinPointerTarget(builtin_id);
+  }
+
  Node* BuildAllocateHeapNumberWithValue(Node* value, Node* control) {
    MachineOperatorBuilder* machine = mcgraph()->machine();
    CommonOperatorBuilder* common = mcgraph()->common();
-    Node* target =
-        (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-            ? mcgraph()->RelocatableIntPtrConstant(
-                  wasm::WasmCode::kAllocateHeapNumber,
-                  RelocInfo::WASM_STUB_CALL)
-            : BuildLoadBuiltinFromIsolateRoot(Builtins::kAllocateHeapNumber);
+    Node* target = GetTargetForBuiltinCall(wasm::WasmCode::kAllocateHeapNumber,
+                                           Builtins::kAllocateHeapNumber);
    if (!allocate_heap_number_operator_.is_set()) {
      auto call_descriptor = Linkage::GetStubCallDescriptor(
          mcgraph()->zone(), AllocateHeapNumberDescriptor(), 0,
@ -5244,13 +5253,6 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
    return undefined_value_node_.get();
  }

-  Node* BuildLoadBuiltinFromIsolateRoot(int builtin_index) {
-    DCHECK(Builtins::IsBuiltinId(builtin_index));
-    Node* isolate_root = BuildLoadIsolateRoot();
-    return LOAD_TAGGED_POINTER(isolate_root,
-                               IsolateData::builtin_slot_offset(builtin_index));
-  }
-
  Node* BuildChangeInt32ToTagged(Node* value) {
    MachineOperatorBuilder* machine = mcgraph()->machine();
    CommonOperatorBuilder* common = mcgraph()->common();
@ -5387,14 +5389,11 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
    auto call_descriptor = Linkage::GetStubCallDescriptor(
        mcgraph()->zone(), TypeConversionDescriptor{}, 0,
        CallDescriptor::kNoFlags, Operator::kNoProperties, stub_mode_);
-    Node* stub_code =
-        (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-            ? mcgraph()->RelocatableIntPtrConstant(wasm::WasmCode::kToNumber,
-                                                   RelocInfo::WASM_STUB_CALL)
-            : BuildLoadBuiltinFromIsolateRoot(Builtins::kToNumber);
+    Node* target =
+        GetTargetForBuiltinCall(wasm::WasmCode::kToNumber, Builtins::kToNumber);

    Node* result = SetEffect(
-        graph()->NewNode(mcgraph()->common()->Call(call_descriptor), stub_code,
+        graph()->NewNode(mcgraph()->common()->Call(call_descriptor), target,
                         node, js_context, Effect(), Control()));

    SetSourcePosition(result, 1);
@ -5481,21 +5480,15 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {

    Node* target;
    if (mcgraph()->machine()->Is64()) {
-      target =
-          (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-              ? mcgraph()->RelocatableIntPtrConstant(
-                    wasm::WasmCode::kI64ToBigInt, RelocInfo::WASM_STUB_CALL)
-              : BuildLoadBuiltinFromIsolateRoot(Builtins::kI64ToBigInt);
+      target = GetTargetForBuiltinCall(wasm::WasmCode::kI64ToBigInt,
+                                       Builtins::kI64ToBigInt);
    } else {
      DCHECK(mcgraph()->machine()->Is32());
      // On 32-bit platforms we already set the target to the
      // I32PairToBigInt builtin here, so that we don't have to replace the
      // target in the int64-lowering.
-      target =
-          (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-              ? mcgraph()->RelocatableIntPtrConstant(
-                    wasm::WasmCode::kI32PairToBigInt, RelocInfo::WASM_STUB_CALL)
-              : BuildLoadBuiltinFromIsolateRoot(Builtins::kI32PairToBigInt);
+      target = GetTargetForBuiltinCall(wasm::WasmCode::kI32PairToBigInt,
+                                       Builtins::kI32PairToBigInt);
    }

    return SetEffect(
@ -5508,21 +5501,15 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {

    Node* target;
    if (mcgraph()->machine()->Is64()) {
-      target =
-          (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-              ? mcgraph()->RelocatableIntPtrConstant(
-                    wasm::WasmCode::kBigIntToI64, RelocInfo::WASM_STUB_CALL)
-              : BuildLoadBuiltinFromIsolateRoot(Builtins::kBigIntToI64);
+      target = GetTargetForBuiltinCall(wasm::WasmCode::kBigIntToI64,
+                                       Builtins::kBigIntToI64);
    } else {
      DCHECK(mcgraph()->machine()->Is32());
      // On 32-bit platforms we already set the target to the
      // BigIntToI32Pair builtin here, so that we don't have to replace the
      // target in the int64-lowering.
-      target =
-          (stub_mode_ == StubCallMode::kCallWasmRuntimeStub)
-              ? mcgraph()->RelocatableIntPtrConstant(
-                    wasm::WasmCode::kBigIntToI32Pair, RelocInfo::WASM_STUB_CALL)
-              : BuildLoadBuiltinFromIsolateRoot(Builtins::kBigIntToI32Pair);
+      target = GetTargetForBuiltinCall(wasm::WasmCode::kBigIntToI32Pair,
+                                       Builtins::kBigIntToI32Pair);
    }

    return SetEffect(SetControl(
@ -5673,14 +5660,14 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
  Node* BuildMultiReturnFixedArrayFromIterable(const wasm::FunctionSig* sig,
                                               Node* iterable, Node* context) {
    Node* iterable_to_fixed_array =
-        BuildLoadBuiltinFromIsolateRoot(Builtins::kIterableToFixedArrayForWasm);
+        GetBuiltinPointerTarget(Builtins::kIterableToFixedArrayForWasm);
    IterableToFixedArrayForWasmDescriptor interface_descriptor;
    Node* length = BuildChangeUint31ToSmi(
        Uint32Constant(static_cast<uint32_t>(sig->return_count())));
    auto call_descriptor = Linkage::GetStubCallDescriptor(
        mcgraph()->zone(), interface_descriptor,
        interface_descriptor.GetStackParameterCount(), CallDescriptor::kNoFlags,
-        Operator::kNoProperties, StubCallMode::kCallCodeObject);
+        Operator::kNoProperties, StubCallMode::kCallBuiltinPointer);
    return SetEffect(graph()->NewNode(
        mcgraph()->common()->Call(call_descriptor), iterable_to_fixed_array,
        iterable, length, context, Effect(), Control()));
@ -5923,15 +5910,15 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
      case WasmImportCallKind::kUseCallBuiltin: {
        base::SmallVector<Node*, 16> args(wasm_count + 7);
        int pos = 0;
-        args[pos++] =
-            BuildLoadBuiltinFromIsolateRoot(Builtins::kCall_ReceiverIsAny);
+        args[pos++] = GetBuiltinPointerTarget(Builtins::kCall_ReceiverIsAny);
        args[pos++] = callable_node;
        args[pos++] = mcgraph()->Int32Constant(wasm_count);  // argument count
        args[pos++] = undefined_node;                        // receiver

        auto call_descriptor = Linkage::GetStubCallDescriptor(
            graph()->zone(), CallTrampolineDescriptor{}, wasm_count + 1,
-            CallDescriptor::kNoFlags, Operator::kNoProperties);
+            CallDescriptor::kNoFlags, Operator::kNoProperties,
+            StubCallMode::kCallBuiltinPointer);

        // Convert wasm numbers to JS values.
        pos = AddArgumentNodes(VectorOf(args), pos, wasm_count, sig_);
@ -6196,8 +6183,7 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
    // Call the underlying closure.
    base::SmallVector<Node*, 16> args(wasm_count + 7);
    int pos = 0;
-    args[pos++] =
-        BuildLoadBuiltinFromIsolateRoot(Builtins::kCall_ReceiverIsAny);
+    args[pos++] = GetBuiltinPointerTarget(Builtins::kCall_ReceiverIsAny);
    args[pos++] = callable;
    args[pos++] = mcgraph()->Int32Constant(wasm_count);   // argument count
    args[pos++] = BuildLoadUndefinedValueFromInstance();  // receiver
@ -6205,7 +6191,7 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
    auto call_descriptor = Linkage::GetStubCallDescriptor(
        graph()->zone(), CallTrampolineDescriptor{}, wasm_count + 1,
        CallDescriptor::kNoFlags, Operator::kNoProperties,
-        StubCallMode::kCallCodeObject);
+        StubCallMode::kCallBuiltinPointer);

    // Convert parameter JS values to wasm numbers and back to JS values.
    for (int i = 0; i < wasm_count; ++i) {
@ -6378,7 +6364,7 @@ std::unique_ptr<OptimizedCompilationJob> NewJSToWasmCompilationJob(
  Node* effect = nullptr;

  WasmWrapperGraphBuilder builder(zone.get(), &mcgraph, sig, nullptr,
-                                  StubCallMode::kCallCodeObject,
+                                  StubCallMode::kCallBuiltinPointer,
                                  enabled_features);
  builder.set_control_ptr(&control);
  builder.set_effect_ptr(&effect);
@ -6793,7 +6779,7 @@ MaybeHandle<Code> CompileJSToJSWrapper(Isolate* isolate,
  Node* effect = nullptr;

  WasmWrapperGraphBuilder builder(zone.get(), &mcgraph, sig, nullptr,
-                                  StubCallMode::kCallCodeObject,
+                                  StubCallMode::kCallBuiltinPointer,
                                  wasm::WasmFeaturesFromIsolate(isolate));
  builder.set_control_ptr(&control);
  builder.set_effect_ptr(&effect);
@ -6840,7 +6826,7 @@ MaybeHandle<Code> CompileCWasmEntry(Isolate* isolate, wasm::FunctionSig* sig) {
  Node* effect = nullptr;

  WasmWrapperGraphBuilder builder(zone.get(), &mcgraph, sig, nullptr,
-                                  StubCallMode::kCallCodeObject,
+                                  StubCallMode::kCallBuiltinPointer,
                                  wasm::WasmFeaturesFromIsolate(isolate));
  builder.set_control_ptr(&control);
  builder.set_effect_ptr(&effect);