x64: Use 8-bit jumps in pseudo-insts (bytecodealliance#11271)

* x64: Use 8-bit jumps in pseudo-insts

Cranelift does not currently implement any form of "relaxation" of
instructions where, for example, a 32-bit jump is shrunk to an 8-bit
jump if the destination actually fits. In lieu of this Cranelift
pessimistically emits 32-bit jumps on x64, for example, for all jumps
between basic blocks. This is a difficult problem to solve in general
but for pseudo-instructions it's a much more targeted problem which
should be easier to solve.

This commit updates all pseudo-instructions in the x64 backend to use
8-bit jumps instead of full 32-bit jumps within their code bodies. It's
statically known that the instructions bodies being generate are all
small enough to fit in 8 bits. This helps shrink the generated code for
a number of instructions whenever a pseudo-inst is used instead of basic
blocks.

Optimizing jumps between basic blocks is left as a future optimization
as it's likely to be much more difficult to implement than this.

* Fix emit tests

Author: alexcrichton

cranelift/codegen/src/isa/x64/inst/emit.rs

@@ -39,6 +39,15 @@ fn one_way_jmp(sink: &mut MachBuffer<Inst>, cc: CC, label: MachLabel) {
     debug_assert_eq!(sink.cur_offset(), cond_disp_off + 4);
 }
 
+/// Like `one_way_jmp` but only used if the destination is <=127 bytes away.
+fn short_one_way_jmp(sink: &mut MachBuffer<Inst>, cc: CC, label: MachLabel) {
+    let cond_start = sink.cur_offset();
+    let cond_disp_off = cond_start + 1;
+    sink.use_label_at_offset(cond_disp_off, label, LabelUse::JmpRel8);
+    emit_short_jcc_no_offset(sink, cc);
+    debug_assert_eq!(sink.cur_offset(), cond_disp_off + 1);
+}
+
 /// Like `one_way_jmp` above emitting a conditional jump, but also using
 /// `MachBuffer::add_cond_branch`.
 fn cond_jmp(sink: &mut MachBuffer<Inst>, cc: CC, label: MachLabel) {
@@ -86,6 +95,34 @@ fn emit_jcc_no_offset(sink: &mut MachBuffer<Inst>, cc: CC) {
     });
 }
 
+fn emit_short_jcc_no_offset(sink: &mut MachBuffer<Inst>, cc: CC) {
+    // See `emit_jcc_no_offset` above for comments about subtle mismatches in
+    // `CC` and `jcc` naming.
+    let inst: AsmInst = match cc {
+        CC::Z => asm::inst::je_d8::new(0).into(),
+        CC::NZ => asm::inst::jne_d8::new(0).into(),
+        CC::B => asm::inst::jb_d8::new(0).into(),
+        CC::NB => asm::inst::jae_d8::new(0).into(),
+        CC::BE => asm::inst::jbe_d8::new(0).into(),
+        CC::NBE => asm::inst::ja_d8::new(0).into(),
+        CC::L => asm::inst::jl_d8::new(0).into(),
+        CC::LE => asm::inst::jle_d8::new(0).into(),
+        CC::NL => asm::inst::jge_d8::new(0).into(),
+        CC::NLE => asm::inst::jg_d8::new(0).into(),
+        CC::O => asm::inst::jo_d8::new(0).into(),
+        CC::NO => asm::inst::jno_d8::new(0).into(),
+        CC::P => asm::inst::jp_d8::new(0).into(),
+        CC::NP => asm::inst::jnp_d8::new(0).into(),
+        CC::S => asm::inst::js_d8::new(0).into(),
+        CC::NS => asm::inst::jns_d8::new(0).into(),
+    };
+    inst.encode(&mut external::AsmCodeSink {
+        sink,
+        incoming_arg_offset: 0,
+        slot_offset: 0,
+    });
+}
+
 /// Emits an unconditional branch.
 fn uncond_jmp(sink: &mut MachBuffer<Inst>, label: MachLabel) {
     let uncond_start = sink.cur_offset();
@@ -253,7 +290,7 @@ pub(crate) fn emit(
             // go to the `idiv`.
             let inst = Inst::cmp_mi_sxb(size, *divisor, -1);
             inst.emit(sink, info, state);
-            one_way_jmp(sink, CC::NZ, do_op);
+            short_one_way_jmp(sink, CC::NZ, do_op);
 
             // ... otherwise the divisor is -1 and the result is always 0. This
             // is written to the destination register which will be %rax for
@@ -343,7 +380,7 @@ pub(crate) fn emit(
             let next = sink.get_label();
 
             // Jump if cc is *not* set.
-            one_way_jmp(sink, cc.invert(), next);
+            short_one_way_jmp(sink, cc.invert(), next);
             Inst::gen_move(dst.map(|r| r.to_reg()), consequent.to_reg(), *ty)
                 .emit(sink, info, state);
 
@@ -421,7 +458,7 @@ pub(crate) fn emit(
             // jne  .loop_start
             // TODO: Encoding the conditional jump as a short jump
             // could save us us 4 bytes here.
-            one_way_jmp(sink, CC::NZ, loop_start);
+            short_one_way_jmp(sink, CC::NZ, loop_start);
 
             // The regular prologue code is going to emit a `sub` after this, so we need to
             // reset the stack pointer
@@ -939,8 +976,8 @@ pub(crate) fn emit(
 
             cmp_op.emit(sink, info, state);
 
-            one_way_jmp(sink, CC::NZ, do_min_max);
-            one_way_jmp(sink, CC::P, propagate_nan);
+            short_one_way_jmp(sink, CC::NZ, do_min_max);
+            short_one_way_jmp(sink, CC::P, propagate_nan);
 
             // Ordered and equal. The operands are bit-identical unless they are zero
             // and negative zero. These instructions merge the sign bits in that
@@ -957,7 +994,7 @@ pub(crate) fn emit(
             sink.bind_label(propagate_nan, state.ctrl_plane_mut());
             add_op.emit(sink, info, state);
 
-            one_way_jmp(sink, CC::P, done);
+            short_one_way_jmp(sink, CC::P, done);
 
             sink.bind_label(do_min_max, state.ctrl_plane_mut());
             min_max_op.emit(sink, info, state);
@@ -1020,7 +1057,7 @@ pub(crate) fn emit(
             // TODO use tst src, src here.
             asm::inst::cmpq_mi_sxb::new(src, 0).emit(sink, info, state);
 
-            one_way_jmp(sink, CC::L, handle_negative);
+            short_one_way_jmp(sink, CC::L, handle_negative);
 
             // Handle a positive int64, which is the "easy" case: a signed conversion will do the
             // right thing.
@@ -1159,14 +1196,14 @@ pub(crate) fn emit(
             let inst = Inst::cmp_mi_sxb(*dst_size, Gpr::unwrap_new(dst.to_reg()), 1);
             inst.emit(sink, info, state);
 
-            one_way_jmp(sink, CC::NO, done); // no overflow => done
+            short_one_way_jmp(sink, CC::NO, done); // no overflow => done
 
             // Check for NaN.
             cmp_op.emit(sink, info, state);
 
             if *is_saturating {
                 let not_nan = sink.get_label();
-                one_way_jmp(sink, CC::NP, not_nan); // go to not_nan if not a NaN
+                short_one_way_jmp(sink, CC::NP, not_nan); // go to not_nan if not a NaN
 
                 // For NaN, emit 0.
                 let inst: AsmInst = match *dst_size {
@@ -1194,7 +1231,7 @@ pub(crate) fn emit(
                 inst.emit(sink, info, state);
 
                 // Jump if >= to done.
-                one_way_jmp(sink, CC::NB, done);
+                short_one_way_jmp(sink, CC::NB, done);
 
                 // Otherwise, put INT_MAX.
                 if *dst_size == OperandSize::Size64 {
@@ -1387,12 +1424,12 @@ pub(crate) fn emit(
             inst.emit(sink, info, state);
 
             let handle_large = sink.get_label();
-            one_way_jmp(sink, CC::NB, handle_large); // jump to handle_large if src >= large_threshold
+            short_one_way_jmp(sink, CC::NB, handle_large); // jump to handle_large if src >= large_threshold
 
             if *is_saturating {
                 // If not NaN jump over this 0-return, otherwise return 0
                 let not_nan = sink.get_label();
-                one_way_jmp(sink, CC::NP, not_nan);
+                short_one_way_jmp(sink, CC::NP, not_nan);
 
                 xor_op(dst, dst).emit(sink, info, state);
 
@@ -1413,7 +1450,7 @@ pub(crate) fn emit(
             let inst = Inst::cmp_mi_sxb(*dst_size, Gpr::unwrap_new(dst.to_reg()), 0);
             inst.emit(sink, info, state);
 
-            one_way_jmp(sink, CC::NL, done); // if dst >= 0, jump to done
+            short_one_way_jmp(sink, CC::NL, done); // if dst >= 0, jump to done
 
             if *is_saturating {
                 // The input was "small" (< 2**(width -1)), so the only way to get an integer
@@ -1448,7 +1485,7 @@ pub(crate) fn emit(
 
             if *is_saturating {
                 let next_is_large = sink.get_label();
-                one_way_jmp(sink, CC::NL, next_is_large); // if dst >= 0, jump to next_is_large
+                short_one_way_jmp(sink, CC::NL, next_is_large); // if dst >= 0, jump to next_is_large
 
                 // The input was "large" (>= 2**(width -1)), so the only way to get an integer
                 // overflow is because the input was too large: saturate to the max value.
@@ -1633,7 +1670,7 @@ pub(crate) fn emit(
             inst.emit(sink, info, state);
 
             // jnz again
-            one_way_jmp(sink, CC::NZ, again_label);
+            short_one_way_jmp(sink, CC::NZ, again_label);
         }
 
         Inst::Atomic128RmwSeq {
@@ -1753,7 +1790,7 @@ pub(crate) fn emit(
             .emit(sink, info, state);
 
             // jnz again
-            one_way_jmp(sink, CC::NZ, again_label);
+            short_one_way_jmp(sink, CC::NZ, again_label);
         }
 
         Inst::Atomic128XchgSeq {
@@ -1793,7 +1830,7 @@ pub(crate) fn emit(
             .emit(sink, info, state);
 
             // jnz again
-            one_way_jmp(sink, CC::NZ, again_label);
+            short_one_way_jmp(sink, CC::NZ, again_label);
         }
 
         Inst::ElfTlsGetAddr { symbol, dst } => {

cranelift/codegen/src/isa/x64/inst/emit_tests.rs

@@ -292,7 +292,7 @@ fn test_x64_emit() {
             temp: w_r11.map(Gpr::unwrap_new),
             dst_old: w_rax.map(Gpr::unwrap_new),
         },
-        "490FB6014989C34D0BDAF0450FB0190F85EFFFFFFF",
+        "490FB6014989C34D0BDAF0450FB01975F3",
         "atomically { 8_bits_at_[%r9] Or= %r10; %rax = old_value_at_[%r9]; %r11, %rflags = trash }",
     ));
     insns.push((
@@ -304,7 +304,7 @@ fn test_x64_emit() {
             temp: w_r11.map(Gpr::unwrap_new),
             dst_old: w_rax.map(Gpr::unwrap_new)
         },
-        "490FB7014989C34D23DAF066450FB1190F85EEFFFFFF",
+        "490FB7014989C34D23DAF066450FB11975F2",
         "atomically { 16_bits_at_[%r9] And= %r10; %rax = old_value_at_[%r9]; %r11, %rflags = trash }"
     ));
     insns.push((
@@ -316,7 +316,7 @@ fn test_x64_emit() {
             temp: w_r11.map(Gpr::unwrap_new),
             dst_old: w_rax.map(Gpr::unwrap_new)
         },
-        "418B014989C34D23DA49F7D3F0450FB1190F85ECFFFFFF",
+        "418B014989C34D23DA49F7D3F0450FB11975F0",
         "atomically { 32_bits_at_[%r9] Nand= %r10; %rax = old_value_at_[%r9]; %r11, %rflags = trash }"
     ));
     insns.push((
@@ -328,7 +328,7 @@ fn test_x64_emit() {
             temp: w_r11.map(Gpr::unwrap_new),
             dst_old: w_rax.map(Gpr::unwrap_new)
         },
-        "418B014989C34539DA4D0F46DAF0450FB1190F85EBFFFFFF",
+        "418B014989C34539DA4D0F46DAF0450FB11975EF",
         "atomically { 32_bits_at_[%r9] Umin= %r10; %rax = old_value_at_[%r9]; %r11, %rflags = trash }"
     ));
     insns.push((
@@ -340,7 +340,7 @@ fn test_x64_emit() {
             temp: w_r11.map(Gpr::unwrap_new),
             dst_old: w_rax.map(Gpr::unwrap_new)
         },
-        "498B014989C34D39DA4D0F4DDAF04D0FB1190F85EBFFFFFF",
+        "498B014989C34D39DA4D0F4DDAF04D0FB11975EF",
         "atomically { 64_bits_at_[%r9] Smax= %r10; %rax = old_value_at_[%r9]; %r11, %rflags = trash }"
     ));
 
@@ -356,7 +356,7 @@ fn test_x64_emit() {
             dst_old_low: w_rax.map(Gpr::unwrap_new),
             dst_old_high: w_rdx.map(Gpr::unwrap_new),
         },
-        "498B01498B51084889C34889D1490BDA490BCBF0490FC7090F85E9FFFFFF",
+        "498B01498B51084889C34889D1490BDA490BCBF0490FC70975ED",
         "atomically { %rdx:%rax = 0(%r9); %rcx:%rbx = %rdx:%rax Or %r11:%r10; 0(%r9) = %rcx:%rbx }",
     ));
     insns.push((
@@ -370,7 +370,7 @@ fn test_x64_emit() {
             dst_old_low: w_rax.map(Gpr::unwrap_new),
             dst_old_high: w_rdx.map(Gpr::unwrap_new),
         },
-        "498B01498B51084889C34889D14923DA4923CBF0490FC7090F85E9FFFFFF",
+        "498B01498B51084889C34889D14923DA4923CBF0490FC70975ED",
         "atomically { %rdx:%rax = 0(%r9); %rcx:%rbx = %rdx:%rax And %r11:%r10; 0(%r9) = %rcx:%rbx }"
     ));
     insns.push((
@@ -384,7 +384,7 @@ fn test_x64_emit() {
             dst_old_low: w_rax.map(Gpr::unwrap_new),
             dst_old_high: w_rdx.map(Gpr::unwrap_new),
         },
-        "498B01498B51084889C34889D14C39D3491BCB4889D1490F43DA490F43CBF0490FC7090F85DEFFFFFF",
+        "498B01498B51084889C34889D14C39D3491BCB4889D1490F43DA490F43CBF0490FC70975E2",
         "atomically { %rdx:%rax = 0(%r9); %rcx:%rbx = %rdx:%rax Umin %r11:%r10; 0(%r9) = %rcx:%rbx }"
     ));
     insns.push((
@@ -398,7 +398,7 @@ fn test_x64_emit() {
             dst_old_low: w_rax.map(Gpr::unwrap_new),
             dst_old_high: w_rdx.map(Gpr::unwrap_new),
         },
-        "498B01498B51084889C34889D14903DA4913CBF0490FC7090F85E9FFFFFF",
+        "498B01498B51084889C34889D14903DA4913CBF0490FC70975ED",
         "atomically { %rdx:%rax = 0(%r9); %rcx:%rbx = %rdx:%rax Add %r11:%r10; 0(%r9) = %rcx:%rbx }"
     ));
     insns.push((
@@ -409,7 +409,7 @@ fn test_x64_emit() {
             dst_old_low: w_rax.map(Gpr::unwrap_new),
             dst_old_high: w_rdx.map(Gpr::unwrap_new),
         },
-        "498B01498B5108F0490FC7090F85F5FFFFFF",
+        "498B01498B5108F0490FC70975F9",
         "atomically { %rdx:%rax = 0(%r9); 0(%r9) = %rcx:%rbx }",
     ));
 

cranelift/codegen/src/isa/x64/inst/mod.rs

@@ -1562,6 +1562,14 @@ pub enum LabelUse {
     /// next instruction (so the size of the payload -- 4 bytes -- is subtracted from the payload).
     JmpRel32,
 
+    /// An 8-bit offset from location of relocation itself, added to the
+    /// existing value at that location.
+    ///
+    /// Used for control flow instructions which consider an offset from the
+    /// start of the next instruction (so the size of the payload -- 1 byte --
+    /// is subtracted from the payload).
+    JmpRel8,
+
     /// A 32-bit offset from location of relocation itself, added to the existing value at that
     /// location.
     PCRel32,
@@ -1573,18 +1581,21 @@ impl MachInstLabelUse for LabelUse {
     fn max_pos_range(self) -> CodeOffset {
         match self {
             LabelUse::JmpRel32 | LabelUse::PCRel32 => 0x7fff_ffff,
+            LabelUse::JmpRel8 => 0x7f,
         }
     }
 
     fn max_neg_range(self) -> CodeOffset {
         match self {
             LabelUse::JmpRel32 | LabelUse::PCRel32 => 0x8000_0000,
+            LabelUse::JmpRel8 => 0x80,
         }
     }
 
     fn patch_size(self) -> CodeOffset {
         match self {
             LabelUse::JmpRel32 | LabelUse::PCRel32 => 4,
+            LabelUse::JmpRel8 => 1,
         }
     }
 
@@ -1599,6 +1610,9 @@ impl MachInstLabelUse for LabelUse {
                 let value = pc_rel.wrapping_add(addend).wrapping_sub(4);
                 buffer.copy_from_slice(&value.to_le_bytes()[..]);
             }
+            LabelUse::JmpRel8 => {
+                buffer[0] = buffer[0].wrapping_add(pc_rel as u8).wrapping_sub(1);
+            }
             LabelUse::PCRel32 => {
                 let addend = u32::from_le_bytes([buffer[0], buffer[1], buffer[2], buffer[3]]);
                 let value = pc_rel.wrapping_add(addend);
@@ -1610,12 +1624,21 @@ impl MachInstLabelUse for LabelUse {
     fn supports_veneer(self) -> bool {
         match self {
             LabelUse::JmpRel32 | LabelUse::PCRel32 => false,
+
+            // Technically this is possible to have a veneer because it can jump
+            // to a 32-bit jump which keeps going. That being said at this time
+            // this variant is only used in `emit.rs` for jumps that are already
+            // known to be short so it's a bug if we jump to a jump that's too
+            // far away. In the future if general-purpose basic-block
+            // terminators are switched to using short jumps to get promoted to
+            // a long jump then this may wish to change.
+            LabelUse::JmpRel8 => false,
         }
     }
 
     fn veneer_size(self) -> CodeOffset {
         match self {
-            LabelUse::JmpRel32 | LabelUse::PCRel32 => 0,
+            LabelUse::JmpRel32 | LabelUse::PCRel32 | LabelUse::JmpRel8 => 0,
         }
     }
 
@@ -1625,7 +1648,7 @@ impl MachInstLabelUse for LabelUse {
 
     fn generate_veneer(self, _: &mut [u8], _: CodeOffset) -> (CodeOffset, LabelUse) {
         match self {
-            LabelUse::JmpRel32 | LabelUse::PCRel32 => {
+            LabelUse::JmpRel32 | LabelUse::PCRel32 | LabelUse::JmpRel8 => {
                 panic!("Veneer not supported for JumpRel32 label-use.");
             }
         }

cranelift/filetests/filetests/isa/x64/cmp-mem-bug.clif

@@ -81,9 +81,9 @@ block0(v0: f64, v1: i64):
 ;   movzbq %dil, %rax
 ;   ucomisd %xmm1, %xmm0
 ;   movdqa %xmm0, %xmm2
-;   jnp 0x2a
+;   jnp 0x26
 ;   movaps %xmm2, %xmm0
-;   je 0x33
+;   je 0x2b
 ;   movaps %xmm2, %xmm0
 ;   movq %rbp, %rsp
 ;   popq %rbp