Only create ir::FuncRefs for direct calls (#11408)

We would previously always create Cranelift `ir::FuncRef`s for the callee of a
Wasm `call` instruction, even if that was a call to an imported function that
actually gets translated to an indirect call in CLIF. This commit makes it so
that we delay `ir::FuncRef` creation until we actually emit a direct call.

Also I found that we were not looking for already-created `ir::SigRef`s when
creating `ir::FuncRef`s, so I fixed that as well, which removes a couple
duplicate signature definitions in our disas tests.

Author: fitzgen

crates/cranelift/src/func_environ.rs

@@ -22,11 +22,11 @@ use smallvec::SmallVec;
 use std::mem;
 use wasmparser::{Operator, WasmFeatures};
 use wasmtime_environ::{
-    BuiltinFunctionIndex, DataIndex, ElemIndex, EngineOrModuleTypeIndex, FuncIndex, GlobalIndex,
-    IndexType, Memory, MemoryIndex, Module, ModuleInternedTypeIndex, ModuleTranslation,
-    ModuleTypesBuilder, PtrSize, Table, TableIndex, TripleExt, Tunables, TypeConvert, TypeIndex,
-    VMOffsets, WasmCompositeInnerType, WasmFuncType, WasmHeapTopType, WasmHeapType, WasmRefType,
-    WasmResult, WasmValType,
+    BuiltinFunctionIndex, DataIndex, DefinedFuncIndex, ElemIndex, EngineOrModuleTypeIndex,
+    FuncIndex, GlobalIndex, IndexType, Memory, MemoryIndex, Module, ModuleInternedTypeIndex,
+    ModuleTranslation, ModuleTypesBuilder, PtrSize, Table, TableIndex, TripleExt, Tunables,
+    TypeConvert, TypeIndex, VMOffsets, WasmCompositeInnerType, WasmFuncType, WasmHeapTopType,
+    WasmHeapType, WasmRefType, WasmResult, WasmValType,
 };
 use wasmtime_environ::{FUNCREF_INIT_BIT, FUNCREF_MASK};
 use wasmtime_math::f64_cvt_to_int_bounds;
@@ -1176,9 +1176,14 @@ pub(crate) struct WasmEntities {
     /// `ir::SigRef` in the Cranelift function we are building.
     pub(crate) sig_refs: SecondaryMap<ModuleInternedTypeIndex, PackedOption<ir::SigRef>>,
 
-    /// Map from a Wasm function index to its associated function reference in
-    /// the Cranelift function we are building.
-    pub(crate) func_refs: SecondaryMap<FuncIndex, PackedOption<ir::FuncRef>>,
+    /// Map from a defined Wasm function index to its associated function
+    /// reference in the Cranelift function we are building.
+    pub(crate) defined_func_refs: SecondaryMap<DefinedFuncIndex, PackedOption<ir::FuncRef>>,
+
+    /// Map from an imported Wasm function index for which we statically know
+    /// which function will always be used to satisfy that import to its
+    /// associated function reference in the Cranelift function we are building.
+    pub(crate) imported_func_refs: SecondaryMap<FuncIndex, PackedOption<ir::FuncRef>>,
 
     /// Map from a Wasm table index to its associated implementation in the
     /// Cranelift function we are building.
@@ -1207,7 +1212,8 @@ impl FuncEnvironment<'_> {
         get_or_create_global(globals) : make_global : GlobalIndex => GlobalVariable;
         get_or_create_heap(memories) : make_heap : MemoryIndex => Heap;
         get_or_create_interned_sig_ref(sig_refs) : make_sig_ref : ModuleInternedTypeIndex => ir::SigRef;
-        get_or_create_func_ref(func_refs) : make_func_ref : FuncIndex => ir::FuncRef;
+        get_or_create_defined_func_ref(defined_func_refs) : make_defined_func_ref : DefinedFuncIndex => ir::FuncRef;
+        get_or_create_imported_func_ref(imported_func_refs) : make_imported_func_ref : FuncIndex => ir::FuncRef;
         get_or_create_table(tables) : make_table : TableIndex => TableData;
     }
 
@@ -1253,39 +1259,48 @@ impl FuncEnvironment<'_> {
         sig_ref
     }
 
-    fn make_func_ref(&mut self, func: &mut ir::Function, index: FuncIndex) -> ir::FuncRef {
-        let sig = self.module.functions[index]
+    fn make_defined_func_ref(
+        &mut self,
+        func: &mut ir::Function,
+        def_func_index: DefinedFuncIndex,
+    ) -> ir::FuncRef {
+        let func_index = self.module.func_index(def_func_index);
+        let ty = self.module.functions[func_index]
             .signature
             .unwrap_module_type_index();
-        let wasm_func_ty = self.types[sig].unwrap_func();
-        let sig = crate::wasm_call_signature(self.isa, wasm_func_ty, &self.tunables);
-        let signature = func.import_signature(sig);
-        self.sig_ref_to_ty[signature] = Some(wasm_func_ty);
+        let signature = self.get_or_create_interned_sig_ref(func, ty);
         let name =
             ir::ExternalName::User(func.declare_imported_user_function(ir::UserExternalName {
                 namespace: crate::NS_WASM_FUNC,
-                index: index.as_u32(),
+                index: func_index.as_u32(),
             }));
         func.import_function(ir::ExtFuncData {
             name,
             signature,
+            colocated: true,
+        })
+    }
 
-            // the value of this flag determines the codegen for calls to this
-            // function. if this flag is `false` then absolute relocations will
-            // be generated for references to the function, which requires
-            // load-time relocation resolution. if this flag is set to `true`
-            // then relative relocations are emitted which can be resolved at
-            // object-link-time, just after all functions are compiled.
-            //
-            // this flag is set to `true` for functions defined in the object
-            // we'll be defining in this compilation unit, or everything local
-            // to the wasm module. this means that between functions in a wasm
-            // module there's relative calls encoded. all calls external to a
-            // wasm module (e.g. imports or libcalls) are either encoded through
-            // the `vmcontext` as relative jumps (hence no relocations) or
-            // they're libcalls with absolute relocations.
-            colocated: self.module.defined_func_index(index).is_some()
-                || self.translation.known_imported_functions[index].is_some(),
+    fn make_imported_func_ref(
+        &mut self,
+        func: &mut ir::Function,
+        func_index: FuncIndex,
+    ) -> ir::FuncRef {
+        assert!(self.module.is_imported_function(func_index));
+        assert!(self.translation.known_imported_functions[func_index].is_some());
+        let ty = self.module.functions[func_index]
+            .signature
+            .unwrap_module_type_index();
+        let signature = self.get_or_create_interned_sig_ref(func, ty);
+        let name =
+            ir::ExternalName::User(func.declare_imported_user_function(ir::UserExternalName {
+                namespace: crate::NS_WASM_FUNC,
+                index: func_index.as_u32(),
+            }));
+        func.import_function(ir::ExtFuncData {
+            name,
+            signature,
+            colocated: true,
         })
     }
 
@@ -1628,11 +1643,11 @@ impl<'a, 'func, 'module_env> Call<'a, 'func, 'module_env> {
         }
     }
 
-    /// Do a direct call to the given callee function.
+    /// Do a Wasm-level direct call to the given callee function.
     pub fn direct_call(
         mut self,
         callee_index: FuncIndex,
-        callee: ir::FuncRef,
+        sig_ref: ir::SigRef,
         call_args: &[ir::Value],
     ) -> WasmResult<ir::Inst> {
         let mut real_call_args = Vec::with_capacity(call_args.len() + 2);
@@ -1643,7 +1658,7 @@ impl<'a, 'func, 'module_env> Call<'a, 'func, 'module_env> {
             .unwrap();
 
         // Handle direct calls to locally-defined functions.
-        if !self.env.module.is_imported_function(callee_index) {
+        if let Some(def_func_index) = self.env.module.defined_func_index(callee_index) {
             // First append the callee vmctx address, which is the same as the caller vmctx in
             // this case.
             real_call_args.push(caller_vmctx);
@@ -1655,13 +1670,15 @@ impl<'a, 'func, 'module_env> Call<'a, 'func, 'module_env> {
             real_call_args.extend_from_slice(call_args);
 
             // Finally, make the direct call!
+            let callee = self
+                .env
+                .get_or_create_defined_func_ref(self.builder.func, def_func_index);
             return Ok(self.direct_call_inst(callee, &real_call_args));
         }
 
         // Handle direct calls to imported functions. We use an indirect call
         // so that we don't have to patch the code at runtime.
         let pointer_type = self.env.pointer_type();
-        let sig_ref = self.builder.func.dfg.ext_funcs[callee].signature;
         let vmctx = self.env.vmctx(self.builder.func);
         let base = self.builder.ins().global_value(pointer_type, vmctx);
 
@@ -1694,6 +1711,9 @@ impl<'a, 'func, 'module_env> Call<'a, 'func, 'module_env> {
         // pass the callee's vmctx that we just loaded, not our own). Otherwise,
         // we really do an indirect call.
         if self.env.translation.known_imported_functions[callee_index].is_some() {
+            let callee = self
+                .env
+                .get_or_create_imported_func_ref(self.builder.func, callee_index);
             Ok(self.direct_call_inst(callee, &real_call_args))
         } else {
             let func_addr = self
@@ -1704,7 +1724,7 @@ impl<'a, 'func, 'module_env> Call<'a, 'func, 'module_env> {
         }
     }
 
-    /// Do an indirect call through the given funcref table.
+    /// Do a Wasm-level indirect call through the given funcref table.
     pub fn indirect_call(
         mut self,
         features: &WasmFeatures,
@@ -2773,10 +2793,10 @@ impl FuncEnvironment<'_> {
         &mut self,
         builder: &mut FunctionBuilder,
         callee_index: FuncIndex,
-        callee: ir::FuncRef,
+        sig_ref: ir::SigRef,
         call_args: &[ir::Value],
     ) -> WasmResult<ir::Inst> {
-        Call::new(builder, self).direct_call(callee_index, callee, call_args)
+        Call::new(builder, self).direct_call(callee_index, sig_ref, call_args)
     }
 
     pub fn translate_call_ref(
@@ -2793,10 +2813,10 @@ impl FuncEnvironment<'_> {
         &mut self,
         builder: &mut FunctionBuilder,
         callee_index: FuncIndex,
-        callee: ir::FuncRef,
+        sig_ref: ir::SigRef,
         call_args: &[ir::Value],
     ) -> WasmResult<()> {
-        Call::new_tail(builder, self).direct_call(callee_index, callee, call_args)?;
+        Call::new_tail(builder, self).direct_call(callee_index, sig_ref, call_args)?;
         Ok(())
     }
 

crates/cranelift/src/translate/code_translator.rs

@@ -588,25 +588,21 @@ pub fn translate_operator(
          ************************************************************************************/
         Operator::Call { function_index } => {
             let function_index = FuncIndex::from_u32(*function_index);
-            let fref = environ.get_or_create_func_ref(builder.func, function_index);
+            let ty = environ.module.functions[function_index]
+                .signature
+                .unwrap_module_type_index();
+            let sig_ref = environ.get_or_create_interned_sig_ref(builder.func, ty);
             let num_args = environ.num_params_for_func(function_index);
 
             // Bitcast any vector arguments to their default type, I8X16, before calling.
             let args = stack.peekn_mut(num_args);
-            bitcast_wasm_params(
-                environ,
-                builder.func.dfg.ext_funcs[fref].signature,
-                args,
-                builder,
-            );
+            bitcast_wasm_params(environ, sig_ref, args, builder);
 
-            let call = environ.translate_call(builder, function_index, fref, args)?;
+            let call = environ.translate_call(builder, function_index, sig_ref, args)?;
             let inst_results = builder.inst_results(call);
             debug_assert_eq!(
                 inst_results.len(),
-                builder.func.dfg.signatures[builder.func.dfg.ext_funcs[fref].signature]
-                    .returns
-                    .len(),
+                builder.func.dfg.signatures[sig_ref].returns.len(),
                 "translate_call results should match the call signature"
             );
             stack.popn(num_args);
@@ -662,19 +658,17 @@ pub fn translate_operator(
          ************************************************************************************/
         Operator::ReturnCall { function_index } => {
             let function_index = FuncIndex::from_u32(*function_index);
-            let fref = environ.get_or_create_func_ref(builder.func, function_index);
+            let ty = environ.module.functions[function_index]
+                .signature
+                .unwrap_module_type_index();
+            let sig_ref = environ.get_or_create_interned_sig_ref(builder.func, ty);
             let num_args = environ.num_params_for_func(function_index);
 
             // Bitcast any vector arguments to their default type, I8X16, before calling.
             let args = stack.peekn_mut(num_args);
-            bitcast_wasm_params(
-                environ,
-                builder.func.dfg.ext_funcs[fref].signature,
-                args,
-                builder,
-            );
+            bitcast_wasm_params(environ, sig_ref, args, builder);
 
-            environ.translate_return_call(builder, function_index, fref, args)?;
+            environ.translate_return_call(builder, function_index, sig_ref, args)?;
 
             stack.popn(num_args);
             stack.reachable = false;

tests/disas/call-indirect.wat

@@ -0,0 +1,57 @@
+;;! target = "x86_64"
+
+(module
+  (table (export "t") 0 100 funcref)
+  (func (export "f") (param i32 i32) (result i32)
+    (call_indirect (param i32) (result i32) (local.get 0) (local.get 1))
+  )
+)
+
+;; function u0:0(i64 vmctx, i64, i32, i32) -> i32 tail {
+;;     gv0 = vmctx
+;;     gv1 = load.i64 notrap aligned readonly gv0+8
+;;     gv2 = load.i64 notrap aligned gv1+16
+;;     gv3 = vmctx
+;;     gv4 = load.i64 notrap aligned gv3+48
+;;     gv5 = load.i64 notrap aligned gv3+56
+;;     sig0 = (i64 vmctx, i64, i32) -> i32 tail
+;;     sig1 = (i64 vmctx, i32, i64) -> i64 tail
+;;     fn0 = colocated u1:9 sig1
+;;     stack_limit = gv2
+;;
+;;                                 block0(v0: i64, v1: i64, v2: i32, v3: i32):
+;; @0035                               v5 = load.i64 notrap aligned v0+56
+;; @0035                               v6 = ireduce.i32 v5
+;; @0035                               v7 = icmp uge v3, v6
+;; @0035                               v8 = uextend.i64 v3
+;; @0035                               v9 = load.i64 notrap aligned v0+48
+;;                                     v30 = iconst.i64 3
+;; @0035                               v10 = ishl v8, v30  ; v30 = 3
+;; @0035                               v11 = iadd v9, v10
+;; @0035                               v12 = iconst.i64 0
+;; @0035                               v13 = select_spectre_guard v7, v12, v11  ; v12 = 0
+;; @0035                               v14 = load.i64 user5 aligned table v13
+;;                                     v29 = iconst.i64 -2
+;; @0035                               v15 = band v14, v29  ; v29 = -2
+;; @0035                               brif v14, block3(v15), block2
+;;
+;;                                 block2 cold:
+;; @0035                               v17 = iconst.i32 0
+;; @0035                               v19 = uextend.i64 v3
+;; @0035                               v20 = call fn0(v0, v17, v19)  ; v17 = 0
+;; @0035                               jump block3(v20)
+;;
+;;                                 block3(v16: i64):
+;; @0035                               v22 = load.i64 notrap aligned readonly can_move v0+40
+;; @0035                               v23 = load.i32 notrap aligned readonly can_move v22+4
+;; @0035                               v24 = load.i32 user6 aligned readonly v16+16
+;; @0035                               v25 = icmp eq v24, v23
+;; @0035                               trapz v25, user7
+;; @0035                               v26 = load.i64 notrap aligned readonly v16+8
+;; @0035                               v27 = load.i64 notrap aligned readonly v16+24
+;; @0035                               v28 = call_indirect sig0, v26(v27, v0, v2)
+;; @0038                               jump block1
+;;
+;;                                 block1:
+;; @0038                               return v28
+;; }

tests/disas/component-model/exported-module-makes-adapters-indirect.wat

@@ -64,7 +64,6 @@
 ;;     gv2 = load.i64 notrap aligned gv1+16
 ;;     gv3 = vmctx
 ;;     sig0 = (i64 vmctx, i64, i32) -> i32 tail
-;;     fn0 = u0:0 sig0
 ;;     stack_limit = gv2
 ;;
 ;;                                 block0(v0: i64, v1: i64):

tests/disas/component-model/inlining-fuzz-bug.wat

@@ -54,10 +54,9 @@
 ;;     gv13 = load.i64 notrap aligned gv12+16
 ;;     sig0 = (i64 vmctx, i64) -> i32 tail
 ;;     sig1 = (i64 vmctx, i64) -> i32 tail
-;;     sig2 = (i64 vmctx, i64) -> i32 tail
 ;;     fn0 = colocated u0:0 sig0
 ;;     fn1 = colocated u0:0 sig1
-;;     fn2 = colocated u0:1 sig2
+;;     fn2 = colocated u0:1 sig1
 ;;     stack_limit = gv2
 ;;
 ;;                                 block0(v0: i64, v1: i64):

tests/disas/component-model/multiple-instantiations-makes-adapters-indirect.wat

@@ -70,7 +70,6 @@
 ;;     gv2 = load.i64 notrap aligned gv1+16
 ;;     gv3 = vmctx
 ;;     sig0 = (i64 vmctx, i64, i32) -> i32 tail
-;;     fn0 = u0:0 sig0
 ;;     stack_limit = gv2
 ;;
 ;;                                 block0(v0: i64, v1: i64):

tests/disas/gc/drc/br-on-cast-fail.wat

@@ -27,10 +27,7 @@
 ;;     gv6 = load.i64 notrap aligned gv4+32
 ;;     sig0 = (i64 vmctx, i32, i32) -> i32 tail
 ;;     sig1 = (i64 vmctx, i64) tail
-;;     sig2 = (i64 vmctx, i64) tail
 ;;     fn0 = colocated u1:35 sig0
-;;     fn1 = u0:0 sig1
-;;     fn2 = u0:1 sig2
 ;;     stack_limit = gv2
 ;;
 ;;                                 block0(v0: i64, v1: i64, v2: i32):
@@ -81,6 +78,6 @@
 ;;                                 block2:
 ;; @0038                               v30 = load.i64 notrap aligned readonly can_move v0+72
 ;; @0038                               v29 = load.i64 notrap aligned readonly can_move v0+88
-;; @0038                               call_indirect sig2, v30(v29, v0)
+;; @0038                               call_indirect sig1, v30(v29, v0)
 ;; @003a                               return
 ;; }

tests/disas/gc/drc/br-on-cast.wat

@@ -27,10 +27,7 @@
 ;;     gv6 = load.i64 notrap aligned gv4+32
 ;;     sig0 = (i64 vmctx, i32, i32) -> i32 tail
 ;;     sig1 = (i64 vmctx, i64) tail
-;;     sig2 = (i64 vmctx, i64) tail
 ;;     fn0 = colocated u1:35 sig0
-;;     fn1 = u0:0 sig1
-;;     fn2 = u0:1 sig2
 ;;     stack_limit = gv2
 ;;
 ;;                                 block0(v0: i64, v1: i64, v2: i32):
@@ -81,6 +78,6 @@
 ;;                                 block2:
 ;; @0039                               v30 = load.i64 notrap aligned readonly can_move v0+72
 ;; @0039                               v29 = load.i64 notrap aligned readonly can_move v0+88
-;; @0039                               call_indirect sig2, v30(v29, v0)
+;; @0039                               call_indirect sig1, v30(v29, v0)
 ;; @003b                               return
 ;; }