[wasm] Remove a long-living CodeSpaceWriteScope

The {CodeSpaceWriteScope} in {InstanceBuilder::Build} was kept open while processing imports, which could compile another wasm module via {compiler::ResolveWasmImportCall} and {WasmEngine::SyncCompileTranslatedAsmJs}. This leads to errors since {CodeSpaceWriteScope}s for different modules cannot be held open at the same time. This CL fixes that by only opening the {CodeSpaceWriteScope} for the actual compilation of import wrappers. Drive-by: Only call {ProcessImports} if there are imports to be processed, to avoid some of the overhead of {ProcessImports} and {CompileImportWrappers}. R=jkummerow@chromium.org Bug: chromium:1239522 Change-Id: Ifbaf64a4be92088ae4a3fd7e9700a33397b2a967 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097283 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#76311}

[wasm] Remove a long-living CodeSpaceWriteScope
The {CodeSpaceWriteScope} in {InstanceBuilder::Build} was kept open while processing imports, which could compile another wasm module via {compiler::ResolveWasmImportCall} and {WasmEngine::SyncCompileTranslatedAsmJs}. This leads to errors since {CodeSpaceWriteScope}s for different modules cannot be held open at the same time. This CL fixes that by only opening the {CodeSpaceWriteScope} for the actual compilation of import wrappers. Drive-by: Only call {ProcessImports} if there are imports to be processed, to avoid some of the overhead of {ProcessImports} and {CompileImportWrappers}. R=jkummerow@chromium.org Bug: chromium:1239522 Change-Id: Ifbaf64a4be92088ae4a3fd7e9700a33397b2a967 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097283 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#76311}
a8609e06 · Clemens Backes · V8 LUCI CQ · 9d14f87d · a8609e06 · a8609e06
Commit a8609e06 authored Aug 16, 2021 by Clemens Backes Committed by V8 LUCI CQ Aug 16, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 6 deletions

module-instantiate.cc src/wasm/module-instantiate.cc +7 -6

regress-1239522.js test/mjsunit/regress/wasm/regress-1239522.js +16 -0

No files found.
--- a/src/wasm/module-instantiate.cc
+++ b/src/wasm/module-instantiate.cc
@@ -65,6 +65,7 @@ class CompileImportWrapperJob final : public JobTask {
  }

  void Run(JobDelegate* delegate) override {
+    CodeSpaceWriteScope code_space_write_scope(native_module_);
    while (base::Optional<WasmImportWrapperCache::CacheKey> key =
               queue_->pop()) {
      CompileImportWrapper(native_module_, counters_, key->kind, key->signature,
@@ -385,7 +386,7 @@ class InstanceBuilder {

  // Process the imports, including functions, tables, globals, and memory, in
  // order, loading them from the {ffi_} object. Returns the number of imported
-  // functions.
+  // functions, or {-1} on error.
  int ProcessImports(Handle<WasmInstanceObject> instance);

  template <typename T>
@@ -638,14 +639,14 @@ MaybeHandle<WasmInstanceObject> InstanceBuilder::Build() {
    instance->set_indirect_function_tables(*tables);
  }

-  CodeSpaceWriteScope native_modification_scope(native_module);
-
  //--------------------------------------------------------------------------
  // Process the imports for the module.
  //--------------------------------------------------------------------------
-  int num_imported_functions = ProcessImports(instance);
-  if (num_imported_functions < 0) return {};
-  wasm_module_instantiated.imported_function_count = num_imported_functions;
+  if (!module_->import_table.empty()) {
+    int num_imported_functions = ProcessImports(instance);
+    if (num_imported_functions < 0) return {};
+    wasm_module_instantiated.imported_function_count = num_imported_functions;
+  }

  //--------------------------------------------------------------------------
  // Create maps for managed objects (GC proposal).

--- a/test/mjsunit/regress/wasm/regress-1239522.js
+++ b/test/mjsunit/regress/wasm/regress-1239522.js
+// Copyright 2021 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+var asm = function(global) {
+  'use asm';
+  function f() {}
+  return f;
+};
+function asm2(global, imports) {
+  'use asm';
+  var asm = imports.asm;
+  function f() {}
+  return {f: f};
+}
+asm2(this, {asm: asm});