Cranelift: support dynamic contexts in exception-handler lists. (#11321)

In #11285, we realized that Wasm semantics require us to match on
dynamic instances of exception tags, rather than static tag types. This
fundamentally requires the unwinder to be able to resolve the current
Wasm instance for each Wasm frame on the stack that has any handlers,
and our frame format does not provide this today.

We discussed many options, some of which solve the more general problem
(Wasm vmctx for any frame), but ultimately landed on a notion of
"dynamic context for evaluating tags", specific to Cranelift's
exception-catch metadata; and storing that context and carrying it
through to a place that is named in the unwind metadata. The reasoning
is fairly straightforward: we cannot afford a more general approach that
stores vmctx in every frame (I measured this at 20% overhead for a
recursive-Fibonacci benchmark that is call-intensive); and inlining
means that we may have *multiple* contexts at any given program point,
each associated with a different slice of the handler tags; so we need a
mechanism that, *just for a try-call*, intersperses contexts with tags
(or puts a context on each tag) and stores these somewhere that the
exception-unwind ABI doesn't clobber (e.g., on the stack).

This PR implements "option 4" from that issue, namely, *dynamic
exception contexts*. The idea is that this is the dual to exception
payload: while payload lets the unwinder communicate state *to* the
catching code, context lets the unwinder take state *from* the catching
code that lets it decide whether the tag is a match. Because of
inlining, we need to either associate (optional) context with every tag,
or intersperse context-updates with handler tags. I've opted for the
latter for efficiency at the CLIF level (in most cases there will be
multiple tags per context), though they are isomorphic.

The new tag-matching semantics are: when walking up the stack, upon
reaching a `try_call`, evaluate catch-clauses in listed order. A
`context` clause sets the current context. A `tagN: block(...)` clause
attempts to match the throwing exception against `tagN`, *evaluated in
the current context*, and branches to the named block if it matches. A
`default: block(...)` always branches to the named block.

Note that this lets us assume less about tags than before, and this
particularly manifests in the changes to the inliner. Whereas before,
`tagN` is `tagN` and an inner handler for that tag shadows an outer
handler (that is, tags always alias if identical indices); and whereas
before, `tagN` is not `tagM` and so we can order the tags arbitrarily
(that is, tags never alias if non-identical indices); now any two static
tag indices may or may not alias depending on the dynamic context of
each. Or, even in the same context, two may alias, because we leave the
match-predicate as an unspecified (user-chosen) algorithm during
unwinding. (This mirrors the reality that, for example, a Wasm instance
may import two tags, and dynamically these tags may be equal or
different at runtime, even instantiation-to-instantiation.) Cranelift's
only job is to faithfully carry the list of contexts and tags through to
the compiled-code metadata; and to ensure that they remain in the order
they were specified in the CLIF.

This PR introduces the Cranelift-level feature, and it will be used in
a subsequent PR that introduces Wasm exception handling. Because of
that, I've opted not to update the clif-utils runtest "runtime" to read
out contexts and do something with them -- we will have plenty of test
coverage via a bunch of Wasm tests for corner cases such as the above.
This PR does include filetests that show that contexts are carried
through to spillslots and those appear in the metadata.

Fixes #11285.

Author: cfallin

cranelift/codegen/src/inline.rs

@@ -20,7 +20,7 @@
 //! Cranelift the body of the callee that is to be inlined.
 
 use crate::cursor::{Cursor as _, FuncCursor};
-use crate::ir::{self, InstBuilder as _};
+use crate::ir::{self, ExceptionTableData, ExceptionTableItem, InstBuilder as _};
 use crate::result::CodegenResult;
 use crate::trace;
 use crate::traversals::Dfs;
@@ -202,15 +202,6 @@ struct InliningAllocs {
     /// do not require set-membership testing, so a hash set is not a good
     /// choice either.
     calls_needing_exception_table_fixup: Vec<ir::Inst>,
-
-    /// The set of existing tags already caught by an inlined `try_call`
-    /// instruction's exception table, for filtering out duplicate tags when
-    /// merging exception tables.
-    ///
-    /// Note: this is a `HashSet`, and not an `EntitySet`, because tags indices
-    /// are completely arbitrary and there is no guarantee that they start from
-    /// zero or are contiguous.
-    existing_exception_tags: crate::HashSet<Option<ir::ExceptionTag>>,
 }
 
 impl InliningAllocs {
@@ -219,7 +210,6 @@ impl InliningAllocs {
             values,
             constants,
             calls_needing_exception_table_fixup,
-            existing_exception_tags,
         } = self;
 
         values.clear();
@@ -232,11 +222,6 @@ impl InliningAllocs {
         // `calls_needing_exception_table_fixup` because it is a sparse set and
         // we don't know how large it needs to be ahead of time.
         calls_needing_exception_table_fixup.clear();
-
-        // Note: We do not reserve capacity for `existing_exception_tags`
-        // because it is a sparse set and we don't know how large it needs to be
-        // ahead of time.
-        existing_exception_tags.clear();
     }
 
     fn set_inlined_value(
@@ -616,31 +601,24 @@ fn fixup_inlined_call_exception_tables(
                 exception,
                 ..
             } => {
-                // Gather the set of tags that this instruction's exception
-                // table already has entries for.
-                allocs.existing_exception_tags.clear();
-                allocs.existing_exception_tags.extend(
+                // Construct a new exception table that consists of
+                // the inlined instruction's exception table match
+                // sequence, with the inlining site's exception table
+                // appended. This will ensure that the first-match
+                // semantics emulates the original behavior of
+                // matching in the inner frame first.
+                let sig = func.dfg.exception_tables[exception].signature();
+                let normal_return = *func.dfg.exception_tables[exception].normal_return();
+                let exception_data = ExceptionTableData::new(
+                    sig,
+                    normal_return,
                     func.dfg.exception_tables[exception]
-                        .catches()
-                        .map(|(c, _)| c),
-                );
-
-                // Add only the catch edges from our original `try_call`'s
-                // exception table that are not already handled by this
-                // instruction.
-                for i in 0..func.dfg.exception_tables[call_exception_table].len_catches() {
-                    let exception_tables = &mut func.stencil.dfg.exception_tables;
-                    let value_lists = &mut func.stencil.dfg.value_lists;
-
-                    let (tag, block_call) =
-                        exception_tables[call_exception_table].get_catch(i).unwrap();
-                    if allocs.existing_exception_tags.contains(&tag) {
-                        continue;
-                    }
+                        .items()
+                        .chain(func.dfg.exception_tables[call_exception_table].items()),
+                )
+                .deep_clone(&mut func.dfg.value_lists);
 
-                    let block_call = block_call.deep_clone(value_lists);
-                    exception_tables[exception].push_catch(tag, block_call);
-                }
+                func.dfg.exception_tables[exception] = exception_data;
             }
 
             otherwise => unreachable!("unknown non-return call instruction: {otherwise:?}"),
@@ -829,8 +807,18 @@ impl<'a> ir::instructions::InstructionMapper for InliningInstRemapper<'a> {
         let inlined_sig_ref = self.map_sig_ref(exception_table.signature());
         let inlined_normal_return = self.map_block_call(*exception_table.normal_return());
         let inlined_table = exception_table
-            .catches()
-            .map(|(tag, callee_block_call)| (tag, self.map_block_call(*callee_block_call)))
+            .items()
+            .map(|item| match item {
+                ExceptionTableItem::Tag(tag, block_call) => {
+                    ExceptionTableItem::Tag(tag, self.map_block_call(block_call))
+                }
+                ExceptionTableItem::Default(block_call) => {
+                    ExceptionTableItem::Default(self.map_block_call(block_call))
+                }
+                ExceptionTableItem::Context(value) => {
+                    ExceptionTableItem::Context(self.map_value(value))
+                }
+            })
             .collect::<SmallVec<[_; 8]>>();
         self.func
             .dfg

cranelift/codegen/src/ir/dfg.rs

@@ -888,16 +888,25 @@ impl DataFlowGraph {
         &'dfg self,
         inst: Inst,
     ) -> impl DoubleEndedIterator<Item = Value> + 'dfg {
-        self.inst_args(inst).iter().copied().chain(
-            self.insts[inst]
-                .branch_destination(&self.jump_tables, &self.exception_tables)
-                .into_iter()
-                .flat_map(|branch| {
-                    branch
-                        .args(&self.value_lists)
-                        .filter_map(|arg| arg.as_value())
-                }),
-        )
+        self.inst_args(inst)
+            .iter()
+            .copied()
+            .chain(
+                self.insts[inst]
+                    .branch_destination(&self.jump_tables, &self.exception_tables)
+                    .into_iter()
+                    .flat_map(|branch| {
+                        branch
+                            .args(&self.value_lists)
+                            .filter_map(|arg| arg.as_value())
+                    }),
+            )
+            .chain(
+                self.insts[inst]
+                    .exception_table()
+                    .into_iter()
+                    .flat_map(|et| self.exception_tables[et].contexts()),
+            )
     }
 
     /// Map a function over the values of the instruction.