Register machine wasmi execution engine
#729
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BENCHMARKS
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Codecov Report
@@ Coverage Diff @@
## master #729 +/- ##
==========================================
+ Coverage 79.42% 81.07% +1.65%
==========================================
Files 105 270 +165
Lines 9075 23217 +14142
==========================================
+ Hits 7208 18824 +11616
- Misses 1867 4393 +2526
... and 1 file with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
This was referenced May 30, 2023
yjhmelody
reviewed
Jun 16, 2023
Robbepop
changed the title
wasmi execution engine (take 2)wasmi execution engine (take 2)
10 tasks
yjhmelody
reviewed
Jul 13, 2023
These are (probably) more efficient than their ReturnMany and ReturnNezMany respective counterparts because they store the returned registers inline.
This also tests the new Return2 and Return3 instructions.
All call instructions now uniformly require their parameters to be placed in contiguous register spans. This necessitates copy instructions before a call is initiated in some cases. Future plans include to optimise longer sequences of copy instructions but we left that optimisation out for now.
They now have the same form as their nested call counterparts.
This is missing translation tests for now.
We do this by avoiding or at least limiting the procedure to a conservative subset of all instructions that could have been affected by the register space fragmentation.
|
As discussed with @athei I will merge this PR now and start working on the remaining TODO items in isolation via follow-up PRs. For this process I am going to write a bunch of issues to track their progress. The register-machine backend introduced by this PR passes the entire Wasm spec testsuite. However, this does not mean it is bug free and stable. I actually am aware of a few bugs that are going to be fixed soon. The roadmap of
|
Robbepop
changed the title
wasmi execution engine (take 2)wasmi execution engine
This was referenced Sep 22, 2023
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #361.
Precursor: #367
ToDo
These items are things we want to do before merging the PR:
For function calls we need to setup the arguments so that they are all stored in contiguous registers. Currently we do this for function calls with exactly 1 argument even though this is not needed. Thus during translation we should implement a check and simplify (and thus optimize) function call argument encoding for those function calls.
ConsumeFuelinstructions and their fixed costs.So far we have concentrated on getting the Wasm to
wasmibytecode translation up and running with the most simple setup possible. This means we ignored translation ofConsumeFuelinstructions and their associated fuel costs so far and are in need of doing this work before we merge the PR. There should not be any difficulties compared to the already existing implementation for the stack-machine engine backend.local.setstack preservation:Currently for every
local.setorlocal.teethat we encounter while translating Wasm bytecode towasmibytecode we iterate all values on the emulated value stack. Usually this isn't a big deal since the stack usually doesn't grow big in practical workloads. However, this can be easily attacked by a Wasm blob that blows up the stack and then performs tons oflocal.setinstructions. We can eliminate this attack vector by storing thelocal.getprovider indices on the emulated stack on a separate stack and iterate on it instead. While iterating we also remove thelocal.getindices from the stack so that a consecutivelocal.setoperation will see an empty stack and thus perform no operations. We simply cache thelocal.getproviders this way.local.setresult replacement optimization when preservinglocal.getat the same time:When translating
local.setorlocal.teewe replace the result register of the previous instruction instead of emitting a copy instruction if possible. However, when preserving alocal.geton the emulation stack we do not perform this optimization. The problem is that the copy instruction required for the preservation is required to take place before the instructionithat should have its result register replaced. However, the instructioniis already encoded and could in the worst case consist of multiple instruction words which would require to shift already encoded instructions by one index. In theory this could also interfere with pre-calculated branch offset calculations but so far this has not been demonstrated and might not be true.After successful translation of Wasm bytecode the
wasmitranslation performs a final pass over all encoded instructions to defragment the register space. This is needed for registers that have been preserved forlocal.setin certain situations. However, this entire process is very costly and can be avoided entirely or partially. We can avoid it entirely since this only ever needs to be done if there were actual register preservations during the translation procesure. Furthermore we only need to defragment all instructions that have been encoded after encountering the firstlocal.setregister preservation. This way we can keep the simple loop over all instructions but still avoid most of the unnecessary work and thus speed up the translation performance.Currently, when preserving
local.get xvalues on the stack upon alocal.set xtranslation, a new register is reserved for the Nlocal.get xvalues that have been found and replaced on the emulated value stack at the time of translation. When this happens multiple times, a new register slot on the preservation stack is registered each time. Right now, we do not track how many of the preservedlocal.get xvalues have already been used. However, if we would do this we could recycle no longer used preservation register slots instead of allocating a new slot all the time which could lead to fewer registers used especially by larger functions. A major data structure that would allow this efficiently in O(1) is the so-called Stash data structure.Plan & Steps
wasmiexecutor.unreachableinstructionselectandselect <ty>Instructionsi32.{eq, eqz, ne, lt_{s|u}, le_{s|u}, gt_{s|u}, ge_{s|u}}instructionsi64.{eq, eqz, ne, lt_{s|u}, le_{s|u}, gt_{s|u}, ge_{s|u}}instructionsf32.{eq, ne, lt, le, gt, ge}instructionsf64.{eq, ne, lt, le, gt, ge}instructionsloadInstructions (or equivalents)i32.loadandi32.loadN_{s|u}instructionsi64.loadandi64.loadN_{s|u}instructionsf32.loadinstructionf64.loadinstructionstoreinstructions (or equivalents)i32.storeandi32.storeNinstructionsi64.storeandi64.storeNinstructionsf32.storeinstructionf64.storeinstructioni32compute instructions, e.g.i32.popcnt,i32.add,i32.rotletc..i64compute instructions, e.g.i64.popcnt,i64.add,i32.rotletc..f32compute instructions, e.g.f32.sqrt,f32.add, etc..f64compute instructions, e.g.f32.sqrt,f32.add, etc..sign-extensionproposal instructionsnon-trapping float-to-int conversionproposal instructionsglobal.getglobal.set(and immediate versions)tableinstructionstable.sizeinstructiontable.growinstructiontable.getinstructiontable.setinstructiontable.fillinstructiontable.copyinstructiontable.initinstructionmemoryinstructionsmemory.sizeinstructionmemory.growinstructionmemory.fillinstructionmemory.copyinstructionmemory.initinstructionwasmibytecodewasmiinstructions.blockcontrol flowloopcontrol flowifcontrol flowbr_tableselect(from Wasm MVP)select (result <ty>)(fromreference-typesproposal)dropinstructionunreachableinstructionlocal.setandlocal.teei32.{eq, ne, eqz}instructionsi64.{eq, ne, eqz}instructionsf32.{eq, ne}instructionsf64.{eq, ne}instructionsi32.{lt_s, lt_u, le_s, le_u, gt_s, gt_u, ge_s, ge_u}instructionsi64.{lt_s, lt_u, le_s, le_u, gt_s, gt_u, ge_s, ge_u}instructionsf32.{lt, le, gt, ge}instructionsf64.{lt, le, gt, ge}instructionsloadInstructions (or equivalents)i32.loadandi32.loadN_{s|u}instructionsi64.loadandi64.loadN_{s|u}instructionsf32.loadinstructionf64.loadinstructionstoreinstructions (or equivalents)i32.storeandi32.storeNinstructionsi64.storeandi64.storeNinstructionsf32.storeinstructionf64.storeinstructioni32.{clz, ctz, popcnt}i64.{clz, ctz, popcnt}f32.{abs, neg, ceil, floor, trunc, nearest, sqrt}f64.{abs, neg, ceil, floor, trunc, nearest, sqrt}i32.{add, mul, and, or, xor}i64.{add, mul, and, or, xor}f32.{add, mul, min, max}f64.{add, mul, min, max}i32.subi64.subf32.{sub, div, copysign}f64.{sub, div, copysign}i32.{shl, shr_s, shr_u, rotl, rotr}i64.{shl, shr_s, shr_u, rotl, rotr}i32.{div_u, div_s, rem_u, rem_s}i64.{div_u, div_s, rem_u, rem_s}sign-extensionproposal instructionsnon-trapping float-to-int conversionproposal instructionsglobal.getinstructionglobal.setinstructionreftypeinstructionsref.nullref.is_nullref.functableinstructionstable.sizeinstructiontable.growinstructiontable.getinstructiontable.setinstructiontable.fillinstructiontable.copyinstructiontable.initinstructionelem.dropinstructionmemoryinstructionsmemory.sizeinstructionmemory.growinstructionmemory.fillinstructionmemory.copyinstructionmemory.initinstructiondata.dropinstructionwasmiregister-machine bytecoderef.funcinstructionloadinstructionsstoreinstructionstableinstructionstable.getinstructionstable.setinstructionstable.sizeinstructiontable.copyinstructiontable.initinstructiontable.fillinstructiontable.growinstructionelem.dropinstructionmemoryinstructionsmemory.sizeinstructionmemory.copyinstructionmemory.initinstructionmemory.fillinstructionmemory.growinstructiondata.dropinstructionglobalinstructionsglobal.getinstructionsglobal.setinstructionsi32instructionsi64instructionsf32instructionsf64instructionsi32instructionsi64instructionsf32instructionsf64instructionsUnresolved Questions
Ideas
The following list contains ideas that spun up and might be iterated here for experimentation purposes.
br 0in Wasm basicblockcontrol frames should not be translated as a branch and instead as a Wasmendof the basicblocksince all code after thebr 0is unreachable. Fortunately this bytecode sequence seems to not be very common in practical Wasm blobs.ConstRefin order to store the actual value in a const pool which is external to the bytecode itself. This has several downsides for performance and also for bytecode integrity. Performance is affected since an additional indirect memory fetch is required in order to compute on the constant value. Bytecode integrity is worse since analysingwasmibytecode now also needs to inspect the external const pool. The latter point affects testability ofwasmibytecode. A way to improve this situation in both areas is to store the 64-bit constants inline. The problem is that for this 8 bytes are required but instruction words only support up to 6 bytes of parameters per word. Thus there is a need to split up the 64-bit constant into multiple pieces. The experiment in this GitHub Gist shows that a solution that splits the 64-bit constant value into 3 pieces (2 x 2-byte and 1 x 4-byte pieces) can be done efficiently on x86 and Wasm platforms. However, further benchmark tests are required to proof this.{i32, i64}.{div_u, div_s, rem_u, rem_s}we can apply a bytecode encoding optimization for the cases where the right-hand side divisor is a constant value. During translation we guarantee for all those operations that the right-hand side constant value is non-zero due to the fact that a zero right-hand side value is translated as atrapinstruction during translation. Therefore we can replace theConst32orConst16parameter of those instructions with aNonZero32orNonZero16value and use Rust's built-inDiv<NonZeroU{32,64}> for u{32,64}andRem<NonZeroU{32,64}> for u{32,64}. Note that those APIs are only available for unsigned integers.i32.add_assign. The advantage is that we no longer have to store both,resultandlhsfields since they are always the same and always of typeRegister. This also allows to have inlineConst32orConstRefrhsfields and thus we could save some encoding space, too. Another benefit is that the instruction is probably also a bit faster at execution since the compiler has more information about which registers to read to and write from. However, this has to be checked with experiments. A downside of having these op-assign instructions is that they do not play well withlocal.setandlocal.teeoptimizations where we replace theresultregister of the previous instruction during translation phaseAddAssignor+=operator:I32AddAssign(UnaryInstr)I32AddAssignImm(UnaryInstrImm32): Requires just 1Instructionfor encoding.I64AddAssign(UnaryInstr)I64AddAssignImm(UnaryInstrImm): Requires just 1Instructionfor encoding.I64AddAssignImm32(UnaryInstrImm32): 32-bit small value optimization instead of 16-bitF32AddAssign(UnaryInstr)F32AddAssignImm(UnaryInstrImm32): Requires just 1Instructionfor encoding.F64AddAssign(UnaryInstr)F64AddAssignImm(UnaryInstrImm): Requires just 1Instructionfor encoding.global.op_assigninstructionsglobal.get g; i32.add; global.set gwhich we then could represent using a singlewasmiinstructions such asglobal.i32.add g rorglobal.i32.add_imm g cwheregrepresents a global,rrepresents an input register andca constant value. Further research is needed to find out how common these sequences are and if the proposedglobal.op_assigninstruction are actually improving execution performance significantly.wasmibytecode. For examplespidermonkey.wasmcontains exactly a single global variable that is only sparsely used thoughout the Wasm file.loadandstoreinstructions.loadandstoreinstructions that oddly compute aptr+offsetorptr*scale + offsetor evenptr shift scale + offsetoutside of Wasm'sloadandstoreinstructions. Technically we can makeloadandstoreinstructions very powerful by including simple pointer arithmetic into these instructions.