[wasm] Don't extract call target from WasmExportedFunction

We need to change WasmExportedFunction to call imported functions via
the import table, so there will be no embedded call target.
This also removes the necessity to generate an unreachable call after
the runtime call for js-incompatible signatures.

R=titzer@chromium.org

Bug: chromium:843563,v8:6668
Change-Id: I82cb31930f6b61ad59fde63a8c5ae631da3d1a14
Reviewed-on: https://chromium-review.googlesource.com/1063771
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53239}

src/compiler/wasm-compiler.cc

@@ -4335,24 +4335,6 @@ class WasmWrapperGraphBuilder : public WasmGraphBuilder {
       // js_context independent.
       BuildCallToRuntimeWithContext(Runtime::kWasmThrowTypeError, js_context,
                                     nullptr, 0);
-
-      // TODO(titzer): remove the below weird special case.
-      // Add a dummy call to the wasm function so that the generated wrapper
-      // contains a reference to the wrapped wasm function. Without this
-      // reference the wasm function could not be re-imported into another wasm
-      // module.
-      int pos = 0;
-      args[pos++] = wasm_code_node;
-      args[pos++] = instance_node_.get();
-      args[pos++] = *effect_;
-      args[pos++] = *control_;
-
-      // We only need a dummy call descriptor.
-      wasm::FunctionSig dummy_sig(0, 0, nullptr);
-      auto call_descriptor =
-          GetWasmCallDescriptor(mcgraph()->zone(), &dummy_sig);
-      *effect_ = graph()->NewNode(mcgraph()->common()->Call(call_descriptor),
-                                  pos, args);
       Return(jsgraph()->UndefinedConstant());
       return;
     }

src/wasm/module-compiler.cc

@@ -203,8 +203,9 @@ class JSToWasmWrapperCache {
       Handle<Code> code = isolate->factory()->CopyCode(code_cache_[cached_idx]);
       // Now patch the call to wasm code.
       RelocIterator it(*code, RelocInfo::ModeMask(RelocInfo::JS_TO_WASM_CALL));
-      DCHECK(!it.done());
-      it.rinfo()->set_js_to_wasm_address(call_target);
+      // If there is no reloc info, then it's an incompatible signature or calls
+      // an import.
+      if (!it.done()) it.rinfo()->set_js_to_wasm_address(call_target);
       return code;
     }
 
@@ -2115,9 +2116,9 @@ int InstanceBuilder::ProcessImports(Handle<WasmInstanceObject> instance) {
             return -1;
           }
           // The import reference is the instance object itself.
-          ImportedFunctionEntry(instance, func_index)
-              .set_wasm_to_wasm(*imported_instance,
-                                imported_function->GetWasmCallTarget());
+          ImportedFunctionEntry entry(instance, func_index);
+          Address imported_target = imported_function->GetWasmCallTarget();
+          entry.set_wasm_to_wasm(*imported_instance, imported_target);
           // TODO(clemensh): Remove this. NativeModule must be instance
           // independent.
           native_module->set_code(func_index, imported_function->GetWasmCode());
@@ -2131,8 +2132,8 @@ int InstanceBuilder::ProcessImports(Handle<WasmInstanceObject> instance) {
 
           WasmCode* wasm_code = native_module->AddCodeCopy(
               wrapper_code, wasm::WasmCode::kWasmToJsWrapper, func_index);
-          ImportedFunctionEntry(instance, func_index)
-              .set_wasm_to_js(*js_receiver, wasm_code);
+          ImportedFunctionEntry entry(instance, func_index);
+          entry.set_wasm_to_js(*js_receiver, wasm_code);
         }
         num_imported_functions++;
         break;

src/wasm/wasm-objects.cc

@@ -892,6 +892,14 @@ void WasmInstanceObject::InstallFinalizer(Isolate* isolate,
                           InstanceFinalizer, v8::WeakCallbackType::kFinalizer);
 }
 
+Address WasmInstanceObject::GetCallTarget(uint32_t func_index) {
+  wasm::NativeModule* native_module = compiled_module()->GetNativeModule();
+  if (func_index < native_module->num_imported_functions()) {
+    return imported_function_targets()[func_index];
+  }
+  return native_module->GetCallTargetForFunction(func_index);
+}
+
 bool WasmExportedFunction::IsWasmExportedFunction(Object* object) {
   if (!object->IsJSFunction()) return false;
   Handle<JSFunction> js_function(JSFunction::cast(object));
@@ -952,18 +960,7 @@ wasm::WasmCode* WasmExportedFunction::GetWasmCode() {
 }
 
 Address WasmExportedFunction::GetWasmCallTarget() {
-  DisallowHeapAllocation no_gc;
-  DCHECK_EQ(code()->kind(), Code::JS_TO_WASM_FUNCTION);
-  int mask = RelocInfo::ModeMask(RelocInfo::JS_TO_WASM_CALL);
-  RelocIterator it(code(), mask);
-  DCHECK(!it.done());
-  Address target = it.rinfo()->js_to_wasm_address();
-#ifdef DEBUG
-  // There should only be this one call to wasm code.
-  it.next();
-  DCHECK(it.done());
-#endif
-  return target;
+  return instance()->GetCallTarget(function_index());
 }
 
 WasmModule* WasmSharedModuleData::module() const {

src/wasm/wasm-objects.h

@@ -354,6 +354,8 @@ class WasmInstanceObject : public JSObject {
   static void InstallFinalizer(Isolate* isolate,
                                Handle<WasmInstanceObject> instance);
 
+  Address GetCallTarget(uint32_t func_index);
+
   // Iterates all fields in the object except the untagged fields.
   class BodyDescriptor;
   // No weak fields.

test/inspector/inspector.status

@@ -24,4 +24,8 @@
   '*': [SKIP],
 }],  # variant == no_wasm_traps
 
+[ALWAYS, {
+  # https://crbug.com/v8/7767
+  'debugger/wasm-imports': [SKIP],
+}],  # ALWAYS
 ]