[vm/ffi] Express FFI call closures explicitly in AST

Instead of implicitly creating closures for FFI
asFunction/lookupFunction APIs in the VM, now they are explicitly expressed in the kernel AST. That makes it possible to analyze
them in TFA.

FFI calls from Dart code into native are now performed in the following way:

```
  block {
    Pointer #ffiTarget0 = target;
    @pragma('vm:ffi:call-closure', _FfiCall<Int32 Function(Int32)>(isLeaf: false))
    #ffiClosure0(int arg1) {
      _nativeEffect(arg1);
      return _ffiCall<int>(#ffiTarget0);
    }
  } =>#ffiClosure0;
```

_ffiCall method is recognized by the VM and its call is replaced
directly with FFI calling sequence. _ffiCall uses closure
parameters implicitly. No extra trampolines are generated for FFI calls.

TEST=existing
Fixes #54172
Issue #39692

CoreLibraryReviewExempt: Implementation change only.
Change-Id: I92b3ff7391470686151ad0807e2cdbbf1a69d256
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/339662
Commit-Queue: Alexander Markov <[email protected]>
Reviewed-by: Daco Harkes <[email protected]>

Author: alexmarkov

pkg/vm/lib/transformations/ffi/common.dart

@@ -230,7 +230,7 @@ class FfiTransformer extends Transformer {
   final Procedure abiSpecificIntegerArrayElemAt;
   final Procedure abiSpecificIntegerArraySetElemAt;
   final Procedure asFunctionMethod;
-  final Procedure asFunctionInternal;
+  final Procedure ffiCallMethod;
   final Procedure sizeOfMethod;
   final Procedure lookupFunctionMethod;
   final Procedure fromFunctionMethod;
@@ -283,6 +283,8 @@ class FfiTransformer extends Transformer {
   final Field nativeCallablePointerField;
   final Procedure nativeAddressOf;
   final Procedure nativePrivateAddressOf;
+  final Class ffiCallClass;
+  final Field ffiCallIsLeafField;
 
   late final InterfaceType nativeFieldWrapperClass1Type;
   late final InterfaceType voidType;
@@ -463,8 +465,7 @@ class FfiTransformer extends Transformer {
             index.getProcedure('dart:ffi', 'AbiSpecificIntegerArray', '[]='),
         asFunctionMethod = index.getProcedure(
             'dart:ffi', 'NativeFunctionPointer', 'asFunction'),
-        asFunctionInternal =
-            index.getTopLevelProcedure('dart:ffi', '_asFunctionInternal'),
+        ffiCallMethod = index.getTopLevelProcedure('dart:ffi', '_ffiCall'),
         sizeOfMethod = index.getTopLevelProcedure('dart:ffi', 'sizeOf'),
         lookupFunctionMethod = index.getProcedure(
             'dart:ffi', 'DynamicLibraryExtension', 'lookupFunction'),
@@ -571,7 +572,9 @@ class FfiTransformer extends Transformer {
         nativeAddressOf =
             index.getMember('dart:ffi', 'Native', 'addressOf') as Procedure,
         nativePrivateAddressOf =
-            index.getMember('dart:ffi', 'Native', '_addressOf') as Procedure {
+            index.getMember('dart:ffi', 'Native', '_addressOf') as Procedure,
+        ffiCallClass = index.getClass('dart:ffi', '_FfiCall'),
+        ffiCallIsLeafField = index.getField('dart:ffi', '_FfiCall', 'isLeaf') {
     nativeFieldWrapperClass1Type = nativeFieldWrapperClass1Class.getThisType(
         coreTypes, Nullability.nonNullable);
     voidType = nativeTypesClasses[NativeType.kVoid]!
@@ -1199,37 +1202,6 @@ class FfiTransformer extends Transformer {
       ..fileOffset = nestedExpression.fileOffset;
   }
 
-  /// Creates an invocation to asFunctionInternal.
-  ///
-  /// Adds a native effect invoking a compound constructors if this is used
-  /// as return type.
-  Expression buildAsFunctionInternal({
-    required Expression functionPointer,
-    required DartType nativeSignature,
-    required DartType dartSignature,
-    required bool isLeaf,
-    required int fileOffset,
-  }) {
-    final asFunctionInternalInvocation = StaticInvocation(
-        asFunctionInternal,
-        Arguments([
-          functionPointer,
-          BoolLiteral(isLeaf),
-        ], types: [
-          dartSignature,
-          nativeSignature,
-        ]))
-      ..fileOffset = fileOffset;
-
-    final possibleCompoundReturn = findCompoundReturnType(dartSignature);
-    if (possibleCompoundReturn != null) {
-      return invokeCompoundConstructor(
-          asFunctionInternalInvocation, possibleCompoundReturn);
-    }
-
-    return asFunctionInternalInvocation;
-  }
-
   /// Returns the compound [Class] if a compound is returned, otherwise `null`.
   Class? findCompoundReturnType(DartType dartSignature) {
     if (dartSignature is! FunctionType) {

pkg/vm/lib/transformations/ffi/use_sites.dart

@@ -113,9 +113,14 @@ mixin _FfiUseSiteTransformer on FfiTransformer {
   // callback.
   int callbackCount = 0;
 
+  // Used to create private top-level trampoline methods with unique names
+  // for each call.
+  int callCount = 0;
+
   @override
   TreeNode visitLibrary(Library node) {
     callbackCount = 0;
+    callCount = 0;
     return super.visitLibrary(node);
   }
 
@@ -349,10 +354,12 @@ mixin _FfiUseSiteTransformer on FfiTransformer {
         );
         final DartType nativeSignature = nativeType.typeArguments[0];
 
-        return buildAsFunctionInternal(
+        return _replaceAsFunction(
           functionPointer: node.arguments.positional[0],
+          pointerType: InterfaceType(
+              pointerClass, Nullability.nonNullable, [nativeType]),
           nativeSignature: nativeSignature,
-          dartSignature: dartType,
+          dartSignature: dartType as FunctionType,
           isLeaf: isLeaf,
           fileOffset: node.fileOffset,
         );
@@ -428,6 +435,84 @@ mixin _FfiUseSiteTransformer on FfiTransformer {
     return node;
   }
 
+  /// Create Dart function which calls native code.
+  ///
+  /// Adds a native effect invoking a compound constructors if this is used
+  /// as return type.
+  Expression _replaceAsFunction({
+    required Expression functionPointer,
+    required DartType pointerType,
+    required DartType nativeSignature,
+    required FunctionType dartSignature,
+    required bool isLeaf,
+    required int fileOffset,
+  }) {
+    assert(dartSignature.namedParameters.isEmpty);
+    final functionPointerVarName = '#ffiTarget$callCount';
+    final closureName = '#ffiClosure$callCount';
+    ++callCount;
+
+    final pointerVar = VariableDeclaration(functionPointerVarName,
+        initializer: functionPointer, type: pointerType, isSynthesized: true);
+
+    final positionalParameters = [
+      for (int i = 0; i < dartSignature.positionalParameters.length; ++i)
+        VariableDeclaration(
+          'arg${i + 1}',
+          type: dartSignature.positionalParameters[i],
+        )
+    ];
+
+    final closure = FunctionDeclaration(
+        VariableDeclaration(closureName,
+            type: dartSignature, isSynthesized: true)
+          ..addAnnotation(ConstantExpression(
+              InstanceConstant(coreTypes.pragmaClass.reference, [], {
+            coreTypes.pragmaName.fieldReference:
+                StringConstant('vm:ffi:call-closure'),
+            coreTypes.pragmaOptions.fieldReference: InstanceConstant(
+              ffiCallClass.reference,
+              [nativeSignature],
+              {
+                ffiCallIsLeafField.fieldReference: BoolConstant(isLeaf),
+              },
+            ),
+          }))),
+        FunctionNode(
+            Block([
+              for (final param in positionalParameters)
+                ExpressionStatement(StaticInvocation(
+                    nativeEffectMethod, Arguments([VariableGet(param)]))),
+              ReturnStatement(StaticInvocation(
+                  ffiCallMethod,
+                  Arguments([
+                    VariableGet(pointerVar),
+                  ], types: [
+                    dartSignature.returnType,
+                  ]))
+                ..fileOffset = fileOffset),
+            ]),
+            positionalParameters: positionalParameters,
+            requiredParameterCount: dartSignature.requiredParameterCount,
+            returnType: dartSignature.returnType)
+          ..fileOffset = fileOffset)
+      ..fileOffset = fileOffset;
+
+    final result = BlockExpression(
+        Block([
+          pointerVar,
+          closure,
+        ]),
+        VariableGet(closure.variable));
+
+    final possibleCompoundReturn = findCompoundReturnType(dartSignature);
+    if (possibleCompoundReturn != null) {
+      return invokeCompoundConstructor(result, possibleCompoundReturn);
+    }
+
+    return result;
+  }
+
   Expression invokeCompoundConstructors(
           Expression nestedExpression, List<Class> compoundClasses) =>
       compoundClasses
@@ -462,10 +547,6 @@ mixin _FfiUseSiteTransformer on FfiTransformer {
   // 'lookupFunction' are constants, so by inlining the call to 'asFunction' at
   // the call-site, we ensure that there are no generic calls to 'asFunction'.
   Expression _replaceLookupFunction(StaticInvocation node) {
-    // The generated code looks like:
-    //
-    // _asFunctionInternal<DS, NS>(lookup<NativeFunction<NS>>(symbolName),
-    //     isLeaf)
     final DartType nativeSignature = node.arguments.types[0];
     final DartType dartSignature = node.arguments.types[1];
 
@@ -478,21 +559,19 @@ mixin _FfiUseSiteTransformer on FfiTransformer {
     final FunctionType lookupFunctionType =
         libraryLookupMethod.getterType as FunctionType;
 
-    final Expression lookupResult = InstanceInvocation(
-        InstanceAccessKind.Instance,
-        node.arguments.positional[0],
-        libraryLookupMethod.name,
-        lookupArgs,
+    final lookupResult = InstanceInvocation(InstanceAccessKind.Instance,
+        node.arguments.positional[0], libraryLookupMethod.name, lookupArgs,
         interfaceTarget: libraryLookupMethod,
         functionType: FunctionTypeInstantiator.instantiate(
             lookupFunctionType, lookupTypeArgs));
 
     final isLeaf = getIsLeafBoolean(node) ?? false;
 
-    return buildAsFunctionInternal(
+    return _replaceAsFunction(
       functionPointer: lookupResult,
+      pointerType: lookupResult.functionType.returnType,
       nativeSignature: nativeSignature,
-      dartSignature: dartSignature,
+      dartSignature: dartSignature as FunctionType,
       isLeaf: isLeaf,
       fileOffset: node.fileOffset,
     );

pkg/vm/testcases/transformations/ffi/as_function.dart

@@ -0,0 +1,37 @@
+// Copyright (c) 2023, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+// Tests for NativeFunctionPointer.asFunction transformation.
+
+import 'dart:ffi';
+
+testVoidNoArg() {
+  final pointer =
+      Pointer<NativeFunction<Void Function()>>.fromAddress(0xdeadbeef);
+  final function = pointer.asFunction<void Function()>();
+  function();
+}
+
+testIntInt() {
+  final pointer =
+      Pointer<NativeFunction<Int32 Function(Int64)>>.fromAddress(0xdeadbeef);
+  final function = pointer.asFunction<int Function(int)>();
+  return function(42);
+}
+
+testLeaf5Args() {
+  final pointer = Pointer<
+      NativeFunction<
+          Int32 Function(
+              Int32, Int32, Int32, Int32, Int32)>>.fromAddress(0xdeadbeef);
+  final function =
+      pointer.asFunction<int Function(int, int, int, int, int)>(isLeaf: true);
+  return function(1, 2, 3, 4, 5);
+}
+
+void main() {
+  testVoidNoArg();
+  testIntInt();
+  testLeaf5Args();
+}

pkg/vm/testcases/transformations/ffi/as_function.dart.aot.expect

@@ -0,0 +1,63 @@
+library #lib;
+import self as self;
+import "dart:ffi" as ffi;
+import "dart:core" as core;
+import "dart:_internal" as _in;
+
+import "dart:ffi";
+
+static method testVoidNoArg() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<() → ffi::Void>> pointer = [@vm.inferred-type.metadata=dart.ffi::Pointer] ffi::Pointer::fromAddress<ffi::NativeFunction<() → ffi::Void>>(3735928559);
+  final () → void function = block {
+    [@vm.inferred-type.metadata=dart.ffi::Pointer] synthesized ffi::Pointer<ffi::NativeFunction<() → ffi::Void>> #ffiTarget0 = pointer;
+    @#C4
+    function #ffiClosure0() → void {
+      return ffi::_ffiCall<void>(#ffiTarget0);
+    }
+  } =>#ffiClosure0;
+  function(){() → void};
+}
+[@vm.unboxing-info.metadata=()->i]static method testIntInt() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>> pointer = [@vm.inferred-type.metadata=dart.ffi::Pointer] ffi::Pointer::fromAddress<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>>(3735928559);
+  final (core::int) → core::int function = block {
+    [@vm.inferred-type.metadata=dart.ffi::Pointer] synthesized ffi::Pointer<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>> #ffiTarget1 = pointer;
+    @#C6
+    function #ffiClosure1(core::int arg1) → core::int {
+      _in::_nativeEffect(arg1);
+      return ffi::_ffiCall<core::int>(#ffiTarget1);
+    }
+  } =>#ffiClosure1;
+  return function(42){(core::int) → core::int};
+}
+[@vm.unboxing-info.metadata=()->i]static method testLeaf5Args() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>> pointer = [@vm.inferred-type.metadata=dart.ffi::Pointer] ffi::Pointer::fromAddress<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>>(3735928559);
+  final (core::int, core::int, core::int, core::int, core::int) → core::int function = block {
+    [@vm.inferred-type.metadata=dart.ffi::Pointer] synthesized ffi::Pointer<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>> #ffiTarget2 = pointer;
+    @#C9
+    function #ffiClosure2(core::int arg1, core::int arg2, core::int arg3, core::int arg4, core::int arg5) → core::int {
+      _in::_nativeEffect(arg1);
+      _in::_nativeEffect(arg2);
+      _in::_nativeEffect(arg3);
+      _in::_nativeEffect(arg4);
+      _in::_nativeEffect(arg5);
+      return ffi::_ffiCall<core::int>(#ffiTarget2);
+    }
+  } =>#ffiClosure2;
+  return function(1, 2, 3, 4, 5){(core::int, core::int, core::int, core::int, core::int) → core::int};
+}
+static method main() → void {
+  self::testVoidNoArg();
+  self::testIntInt();
+  self::testLeaf5Args();
+}
+constants  {
+  #C1 = "vm:ffi:call-closure"
+  #C2 = false
+  #C3 = ffi::_FfiCall<() → ffi::Void> {isLeaf:#C2}
+  #C4 = core::pragma {name:#C1, options:#C3}
+  #C5 = ffi::_FfiCall<(ffi::Int64) → ffi::Int32> {isLeaf:#C2}
+  #C6 = core::pragma {name:#C1, options:#C5}
+  #C7 = true
+  #C8 = ffi::_FfiCall<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32> {isLeaf:#C7}
+  #C9 = core::pragma {name:#C1, options:#C8}
+}

pkg/vm/testcases/transformations/ffi/as_function.dart.expect

@@ -0,0 +1,63 @@
+library #lib;
+import self as self;
+import "dart:ffi" as ffi;
+import "dart:core" as core;
+import "dart:_internal" as _in;
+
+import "dart:ffi";
+
+static method testVoidNoArg() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<() → ffi::Void>> pointer = ffi::Pointer::fromAddress<ffi::NativeFunction<() → ffi::Void>>(3735928559);
+  final () → void function = block {
+    synthesized ffi::Pointer<ffi::NativeFunction<() → ffi::Void>> #ffiTarget0 = pointer;
+    @#C4
+    function #ffiClosure0() → void {
+      return ffi::_ffiCall<void>(#ffiTarget0);
+    }
+  } =>#ffiClosure0;
+  function(){() → void};
+}
+static method testIntInt() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>> pointer = ffi::Pointer::fromAddress<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>>(3735928559);
+  final (core::int) → core::int function = block {
+    synthesized ffi::Pointer<ffi::NativeFunction<(ffi::Int64) → ffi::Int32>> #ffiTarget1 = pointer;
+    @#C6
+    function #ffiClosure1(core::int arg1) → core::int {
+      _in::_nativeEffect(arg1);
+      return ffi::_ffiCall<core::int>(#ffiTarget1);
+    }
+  } =>#ffiClosure1;
+  return function(42){(core::int) → core::int};
+}
+static method testLeaf5Args() → dynamic {
+  final ffi::Pointer<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>> pointer = ffi::Pointer::fromAddress<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>>(3735928559);
+  final (core::int, core::int, core::int, core::int, core::int) → core::int function = block {
+    synthesized ffi::Pointer<ffi::NativeFunction<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32>> #ffiTarget2 = pointer;
+    @#C9
+    function #ffiClosure2(core::int arg1, core::int arg2, core::int arg3, core::int arg4, core::int arg5) → core::int {
+      _in::_nativeEffect(arg1);
+      _in::_nativeEffect(arg2);
+      _in::_nativeEffect(arg3);
+      _in::_nativeEffect(arg4);
+      _in::_nativeEffect(arg5);
+      return ffi::_ffiCall<core::int>(#ffiTarget2);
+    }
+  } =>#ffiClosure2;
+  return function(1, 2, 3, 4, 5){(core::int, core::int, core::int, core::int, core::int) → core::int};
+}
+static method main() → void {
+  self::testVoidNoArg();
+  self::testIntInt();
+  self::testLeaf5Args();
+}
+constants  {
+  #C1 = "vm:ffi:call-closure"
+  #C2 = false
+  #C3 = ffi::_FfiCall<() → ffi::Void> {isLeaf:#C2}
+  #C4 = core::pragma {name:#C1, options:#C3}
+  #C5 = ffi::_FfiCall<(ffi::Int64) → ffi::Int32> {isLeaf:#C2}
+  #C6 = core::pragma {name:#C1, options:#C5}
+  #C7 = true
+  #C8 = ffi::_FfiCall<(ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32, ffi::Int32) → ffi::Int32> {isLeaf:#C7}
+  #C9 = core::pragma {name:#C1, options:#C8}
+}