[wasm][gc] Introduce GlobalWasmCodeRef for use in FrameArray

{FrameArray} needs a way to keep {WasmCode} alive from a JS container.
This CL instruces {GlobalWasmCodeRef}, which is the equivalent to a
global handle: It increments the {WasmCode} reference counter on
construction and decrements it on destruction.
The {GlobalWasmCodeRef} is held in a {Managed} from JS.

R=titzer@chromium.org

Bug: v8:8217
Change-Id: I5604a666840c27078db63c8618412ca412525be1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533862
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60441}

src/isolate.cc

@@ -2104,15 +2104,18 @@ bool Isolate::ComputeLocationFromStackTrace(MessageLocation* target,
       Handle<WasmInstanceObject> instance(elements->WasmInstance(i), this);
       uint32_t func_index =
           static_cast<uint32_t>(elements->WasmFunctionIndex(i)->value());
-      wasm::WasmCode* wasm_code = reinterpret_cast<wasm::WasmCode*>(
-          elements->WasmCodeObject(i)->foreign_address());
       int code_offset = elements->Offset(i)->value();
       bool is_at_number_conversion =
           elements->IsAsmJsWasmFrame(i) &&
           elements->Flags(i)->value() & FrameArray::kAsmJsAtNumberConversion;
+      // WasmCode* held alive by the {GlobalWasmCodeRef}.
+      wasm::WasmCode* code =
+          Managed<wasm::GlobalWasmCodeRef>::cast(elements->WasmCodeObject(i))
+              ->get()
+              ->code();
       int byte_offset =
           FrameSummary::WasmCompiledFrameSummary::GetWasmSourcePosition(
-              wasm_code, code_offset);
+              code, code_offset);
       int pos = WasmModuleObject::GetSourcePosition(
           handle(instance->module_object(), this), func_index, byte_offset,
           is_at_number_conversion);

src/messages.cc

@@ -690,8 +690,10 @@ void WasmStackFrame::FromFrameArray(Isolate* isolate, Handle<FrameArray> array,
   if (array->IsWasmInterpretedFrame(frame_ix)) {
     code_ = nullptr;
   } else {
-    code_ = reinterpret_cast<wasm::WasmCode*>(
-        array->WasmCodeObject(frame_ix)->foreign_address());
+    // The {WasmCode*} is held alive by the {GlobalWasmCodeRef}.
+    auto global_wasm_code_ref =
+        Managed<wasm::GlobalWasmCodeRef>::cast(array->WasmCodeObject(frame_ix));
+    code_ = global_wasm_code_ref->get()->code();
   }
   offset_ = array->Offset(frame_ix)->value();
 }

src/objects.cc

@@ -4131,11 +4131,15 @@ Handle<FrameArray> FrameArray::AppendWasmFrame(
   const int new_length = LengthFor(frame_count + 1);
   Handle<FrameArray> array = EnsureSpace(isolate, in, new_length);
   // The {code} will be {nullptr} for interpreted wasm frames.
-  Handle<Foreign> code_foreign =
-      isolate->factory()->NewForeign(reinterpret_cast<Address>(code));
+  Handle<Object> code_ref = isolate->factory()->undefined_value();
+  if (code) {
+    auto native_module = wasm_instance->module_object()->shared_native_module();
+    code_ref = Managed<wasm::GlobalWasmCodeRef>::Allocate(
+        isolate, 0, code, std::move(native_module));
+  }
   array->SetWasmInstance(frame_count, *wasm_instance);
   array->SetWasmFunctionIndex(frame_count, Smi::FromInt(wasm_function_index));
-  array->SetWasmCodeObject(frame_count, *code_foreign);
+  array->SetWasmCodeObject(frame_count, *code_ref);
   array->SetOffset(frame_count, Smi::FromInt(offset));
   array->SetFlags(frame_count, Smi::FromInt(flags));
   array->set(kFrameCountIndex, Smi::FromInt(frame_count + 1));

src/objects/frame-array.h

@@ -20,7 +20,7 @@ class Handle;
 #define FRAME_ARRAY_FIELD_LIST(V)     \
   V(WasmInstance, WasmInstanceObject) \
   V(WasmFunctionIndex, Smi)           \
-  V(WasmCodeObject, Foreign)          \
+  V(WasmCodeObject, Object)           \
   V(Receiver, Object)                 \
   V(Function, JSFunction)             \
   V(Code, AbstractCode)               \

src/wasm/wasm-code-manager.h

@@ -620,6 +620,31 @@ class V8_EXPORT_PRIVATE WasmCodeRefScope {
   DISALLOW_COPY_AND_ASSIGN(WasmCodeRefScope);
 };
 
+// Similarly to a global handle, a {GlobalWasmCodeRef} stores a single
+// ref-counted pointer to a {WasmCode} object.
+class GlobalWasmCodeRef {
+ public:
+  explicit GlobalWasmCodeRef(WasmCode* code,
+                             std::shared_ptr<NativeModule> native_module)
+      : code_(code), native_module_(std::move(native_module)) {
+    code_->IncRef();
+  }
+
+  ~GlobalWasmCodeRef() {
+    if (code_->DecRef()) code_->native_module()->FreeCode(VectorOf(&code_, 1));
+  }
+
+  // Get a pointer to the contained {WasmCode} object. This is only guaranteed
+  // to exist as long as this {GlobalWasmCodeRef} exists.
+  WasmCode* code() const { return code_; }
+
+ private:
+  WasmCode* const code_;
+  // Also keep the {NativeModule} alive.
+  const std::shared_ptr<NativeModule> native_module_;
+  DISALLOW_COPY_AND_ASSIGN(GlobalWasmCodeRef);
+};
+
 }  // namespace wasm
 }  // namespace internal
 }  // namespace v8