T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cranelift-wasm: Refactor bounds checks to avoid repetition of Spectre and non-Spectre (#6054)

Browse Source
This commit is contained in:
Nick Fitzgerald
2023-03-17 13:30:42 -07:00
committed by GitHub
parent cd1b19a289
commit 90d3eff0f3
40 changed files with 487 additions and 625 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory-egraph.wat
View File

@@ -50,12 +50,12 @@
;;
;; block0(v0: i32, v1: i64):
;; @0057 v5 = load.i64 notrap aligned v1+8
;; @0057 v6 = load.i64 notrap aligned v1
;; @0057 v7 = load.i64 notrap aligned v1
;; @0057 v4 = uextend.i64 v0
;; @0057 v9 = icmp ugt v4, v5
;; @0057 v8 = iconst.i64 0
;; @0057 v7 = iadd v6, v4
;; @0057 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0057 v6 = icmp ugt v4, v5
;; @0057 v9 = iconst.i64 0
;; @0057 v8 = iadd v7, v4
;; @0057 v10 = select_spectre_guard v6, v9, v8 ; v9 = 0
;; @0057 v11 = load.i32 little heap v10
;; v2 -> v11
;; @005f jump block1
@@ -71,14 +71,14 @@
;;
;; block0(v0: i32, v1: i64):
;; @0064 v5 = load.i64 notrap aligned v1+8
;; @0064 v6 = load.i64 notrap aligned v1
;; @0064 v7 = load.i64 notrap aligned v1
;; @0064 v4 = uextend.i64 v0
;; @0064 v10 = icmp ugt v4, v5
;; @0064 v9 = iconst.i64 0
;; @0064 v7 = iadd v6, v4
;; @0064 v6 = icmp ugt v4, v5
;; @0064 v10 = iconst.i64 0
;; @0064 v8 = iadd v7, v4
;; v22 = iconst.i64 1234
;; @0064 v8 = iadd v7, v22 ; v22 = 1234
;; @0064 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0064 v9 = iadd v8, v22 ; v22 = 1234
;; @0064 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0064 v12 = load.i32 little heap v11
;; v2 -> v12
;; @006e jump block1

24
cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory.wat
View File

@@ -53,15 +53,15 @@
;; v12 -> v4
;; @0057 v5 = load.i64 notrap aligned v1+8
;; v13 -> v5
;; @0057 v6 = load.i64 notrap aligned v1
;; @0057 v6 = icmp ugt v4, v5
;; v14 -> v6
;; @0057 v7 = iadd v6, v4
;; @0057 v7 = load.i64 notrap aligned v1
;; v15 -> v7
;; @0057 v8 = iconst.i64 0
;; @0057 v8 = iadd v7, v4
;; v16 -> v8
;; @0057 v9 = icmp ugt v4, v5
;; @0057 v9 = iconst.i64 0
;; v17 -> v9
;; @0057 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0057 v10 = select_spectre_guard v6, v9, v8 ; v9 = 0
;; v18 -> v10
;; @0057 v11 = load.i32 little heap v10
;; v2 -> v11
@@ -83,19 +83,19 @@
;; v13 -> v4
;; @0064 v5 = load.i64 notrap aligned v1+8
;; v14 -> v5
;; @0064 v6 = load.i64 notrap aligned v1
;; @0064 v6 = icmp ugt v4, v5
;; v15 -> v6
;; @0064 v7 = iadd v6, v4
;; @0064 v7 = load.i64 notrap aligned v1
;; v16 -> v7
;; @0064 v8 = iadd v7, v4
;; v17 -> v8
;; v22 = iconst.i64 1234
;; v23 -> v22
;; @0064 v8 = iadd v7, v22 ; v22 = 1234
;; v17 -> v8
;; @0064 v9 = iconst.i64 0
;; @0064 v9 = iadd v8, v22 ; v22 = 1234
;; v18 -> v9
;; @0064 v10 = icmp ugt v4, v5
;; @0064 v10 = iconst.i64 0
;; v19 -> v10
;; @0064 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0064 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; v20 -> v11
;; @0064 v12 = load.i32 little heap v11
;; v2 -> v12

40
cranelift/filetests/filetests/wasm/dynamic-memory-yes-spectre-access-same-index-different-offsets.wat
View File

@@ -63,25 +63,25 @@
;;
;; block0(v0: i32, v1: i64):
;; @0047 v6 = load.i64 notrap aligned v1+8
;; @0047 v7 = load.i64 notrap aligned v1
;; @0047 v8 = load.i64 notrap aligned v1
;; @0047 v5 = uextend.i64 v0
;; @0047 v10 = icmp ugt v5, v6
;; @0047 v9 = iconst.i64 0
;; @0047 v8 = iadd v7, v5
;; @0047 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0047 v7 = icmp ugt v5, v6
;; @0047 v10 = iconst.i64 0
;; @0047 v9 = iadd v8, v5
;; @0047 v11 = select_spectre_guard v7, v10, v9 ; v10 = 0
;; @0047 v12 = load.i32 little heap v11
;; v2 -> v12
;; v33 = iconst.i64 4
;; @004c v17 = iadd v8, v33 ; v33 = 4
;; @004c v20 = select_spectre_guard v10, v9, v17 ; v9 = 0
;; @004c v18 = iadd v9, v33 ; v33 = 4
;; @004c v20 = select_spectre_guard v7, v10, v18 ; v10 = 0
;; @004c v21 = load.i32 little heap v20
;; v3 -> v21
;; @0051 v23 = iconst.i64 0x0010_0003
;; @0051 v24 = uadd_overflow_trap v5, v23, heap_oob ; v23 = 0x0010_0003
;; @0051 v30 = icmp ugt v24, v6
;; @0051 v26 = icmp ugt v24, v6
;; v34 = iconst.i64 0x000f_ffff
;; @0051 v28 = iadd v8, v34 ; v34 = 0x000f_ffff
;; @0051 v31 = select_spectre_guard v30, v9, v28 ; v9 = 0
;; @0051 v29 = iadd v9, v34 ; v34 = 0x000f_ffff
;; @0051 v31 = select_spectre_guard v26, v10, v29 ; v10 = 0
;; @0051 v32 = load.i32 little heap v31
;; v4 -> v32
;; @0056 jump block1
@@ -97,23 +97,23 @@
;;
;; block0(v0: i32, v1: i32, v2: i32, v3: i32, v4: i64):
;; @005d v6 = load.i64 notrap aligned v4+8
;; @005d v7 = load.i64 notrap aligned v4
;; @005d v8 = load.i64 notrap aligned v4
;; @005d v5 = uextend.i64 v0
;; @005d v10 = icmp ugt v5, v6
;; @005d v9 = iconst.i64 0
;; @005d v8 = iadd v7, v5
;; @005d v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @005d v7 = icmp ugt v5, v6
;; @005d v10 = iconst.i64 0
;; @005d v9 = iadd v8, v5
;; @005d v11 = select_spectre_guard v7, v10, v9 ; v10 = 0
;; @005d store little heap v1, v11
;; v30 = iconst.i64 4
;; @0064 v16 = iadd v8, v30 ; v30 = 4
;; @0064 v19 = select_spectre_guard v10, v9, v16 ; v9 = 0
;; @0064 v17 = iadd v9, v30 ; v30 = 4
;; @0064 v19 = select_spectre_guard v7, v10, v17 ; v10 = 0
;; @0064 store little heap v2, v19
;; @006b v21 = iconst.i64 0x0010_0003
;; @006b v22 = uadd_overflow_trap v5, v21, heap_oob ; v21 = 0x0010_0003
;; @006b v28 = icmp ugt v22, v6
;; @006b v24 = icmp ugt v22, v6
;; v31 = iconst.i64 0x000f_ffff
;; @006b v26 = iadd v8, v31 ; v31 = 0x000f_ffff
;; @006b v29 = select_spectre_guard v28, v9, v26 ; v9 = 0
;; @006b v27 = iadd v9, v31 ; v31 = 0x000f_ffff
;; @006b v29 = select_spectre_guard v24, v10, v27 ; v10 = 0
;; @006b store little heap v3, v29
;; @0070 jump block1
;;

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -48,11 +48,11 @@
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd_imm v4, -4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v5
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v6 = icmp ugt v3, v5
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v3
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v6, v9, v8 ; v9 = 0
;; @0040 store little heap v1, v10
;; @0043 jump block1
;;
@@ -69,14 +69,14 @@
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = iadd_imm v4, -4
;; @0048 v6 = global_value.i64 gv2
;; @0048 v7 = iadd v6, v3
;; @0048 v8 = iconst.i64 0
;; @0048 v9 = icmp ugt v3, v5
;; @0048 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0048 v6 = icmp ugt v3, v5
;; @0048 v7 = global_value.i64 gv2
;; @0048 v8 = iadd v7, v3
;; @0048 v9 = iconst.i64 0
;; @0048 v10 = select_spectre_guard v6, v9, v8 ; v9 = 0
;; @0048 v11 = load.i32 little heap v10
;; @004b jump block1(v11)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -48,12 +48,12 @@
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd_imm v4, -4100
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = icmp ugt v3, v5
;; @0040 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0040 v6 = icmp ugt v3, v5
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v3
;; @0040 v9 = iadd_imm v8, 4096
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0040 store little heap v1, v11
;; @0044 jump block1
;;
@@ -70,15 +70,15 @@
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd_imm v4, -4100
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v3
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = icmp ugt v3, v5
;; @0049 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0049 v6 = icmp ugt v3, v5
;; @0049 v7 = global_value.i64 gv2
;; @0049 v8 = iadd v7, v3
;; @0049 v9 = iadd_imm v8, 4096
;; @0049 v10 = iconst.i64 0
;; @0049 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0049 v12 = load.i32 little heap v11
;; @004d jump block1(v12)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat
View File

@@ -49,12 +49,12 @@
;; @0040 v4 = iconst.i64 0xffff_0004
;; @0040 v5 = uadd_overflow_trap v3, v4, heap_oob ; v4 = 0xffff_0004
;; @0040 v6 = global_value.i64 gv1
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v3
;; @0040 v9 = iadd_imm v8, 0xffff_0000
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = icmp ugt v5, v6
;; @0040 v12 = select_spectre_guard v11, v10, v9 ; v10 = 0
;; @0040 v7 = icmp ugt v5, v6
;; @0040 v8 = global_value.i64 gv2
;; @0040 v9 = iadd v8, v3
;; @0040 v10 = iadd_imm v9, 0xffff_0000
;; @0040 v11 = iconst.i64 0
;; @0040 v12 = select_spectre_guard v7, v11, v10 ; v11 = 0
;; @0040 store little heap v1, v12
;; @0047 jump block1
;;
@@ -72,15 +72,15 @@
;; @004c v4 = iconst.i64 0xffff_0004
;; @004c v5 = uadd_overflow_trap v3, v4, heap_oob ; v4 = 0xffff_0004
;; @004c v6 = global_value.i64 gv1
;; @004c v7 = global_value.i64 gv2
;; @004c v8 = iadd v7, v3
;; @004c v9 = iadd_imm v8, 0xffff_0000
;; @004c v10 = iconst.i64 0
;; @004c v11 = icmp ugt v5, v6
;; @004c v12 = select_spectre_guard v11, v10, v9 ; v10 = 0
;; @004c v7 = icmp ugt v5, v6
;; @004c v8 = global_value.i64 gv2
;; @004c v9 = iadd v8, v3
;; @004c v10 = iadd_imm v9, 0xffff_0000
;; @004c v11 = iconst.i64 0
;; @004c v12 = select_spectre_guard v7, v11, v10 ; v11 = 0
;; @004c v13 = load.i32 little heap v12
;; @0053 jump block1(v13)
;;
;; block1(v2: i32):
;; @0053 return v2
;; }
;; }

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -47,11 +47,11 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp uge v3, v4
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v5 = icmp uge v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v9
;; @0043 jump block1
;;
@@ -67,14 +67,14 @@
;; block0(v0: i32, v1: i64):
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v3
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp uge v3, v4
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v5 = icmp uge v3, v4
;; @0048 v6 = global_value.i64 gv2
;; @0048 v7 = iadd v6, v3
;; @0048 v8 = iconst.i64 0
;; @0048 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0048 v10 = uload8.i32 little heap v9
;; @004b jump block1(v10)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -48,12 +48,12 @@
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd_imm v4, -4097
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = icmp ugt v3, v5
;; @0040 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0040 v6 = icmp ugt v3, v5
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v3
;; @0040 v9 = iadd_imm v8, 4096
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0040 istore8 little heap v1, v11
;; @0044 jump block1
;;
@@ -70,15 +70,15 @@
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd_imm v4, -4097
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v3
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = icmp ugt v3, v5
;; @0049 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0049 v6 = icmp ugt v3, v5
;; @0049 v7 = global_value.i64 gv2
;; @0049 v8 = iadd v7, v3
;; @0049 v9 = iadd_imm v8, 4096
;; @0049 v10 = iconst.i64 0
;; @0049 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0049 v12 = uload8.i32 little heap v11
;; @004d jump block1(v12)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat
View File

@@ -49,12 +49,12 @@
;; @0040 v4 = iconst.i64 0xffff_0001
;; @0040 v5 = uadd_overflow_trap v3, v4, heap_oob ; v4 = 0xffff_0001
;; @0040 v6 = global_value.i64 gv1
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v3
;; @0040 v9 = iadd_imm v8, 0xffff_0000
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = icmp ugt v5, v6
;; @0040 v12 = select_spectre_guard v11, v10, v9 ; v10 = 0
;; @0040 v7 = icmp ugt v5, v6
;; @0040 v8 = global_value.i64 gv2
;; @0040 v9 = iadd v8, v3
;; @0040 v10 = iadd_imm v9, 0xffff_0000
;; @0040 v11 = iconst.i64 0
;; @0040 v12 = select_spectre_guard v7, v11, v10 ; v11 = 0
;; @0040 istore8 little heap v1, v12
;; @0047 jump block1
;;
@@ -72,15 +72,15 @@
;; @004c v4 = iconst.i64 0xffff_0001
;; @004c v5 = uadd_overflow_trap v3, v4, heap_oob ; v4 = 0xffff_0001
;; @004c v6 = global_value.i64 gv1
;; @004c v7 = global_value.i64 gv2
;; @004c v8 = iadd v7, v3
;; @004c v9 = iadd_imm v8, 0xffff_0000
;; @004c v10 = iconst.i64 0
;; @004c v11 = icmp ugt v5, v6
;; @004c v12 = select_spectre_guard v11, v10, v9 ; v10 = 0
;; @004c v7 = icmp ugt v5, v6
;; @004c v8 = global_value.i64 gv2
;; @004c v9 = iadd v8, v3
;; @004c v10 = iadd_imm v9, 0xffff_0000
;; @004c v11 = iconst.i64 0
;; @004c v12 = select_spectre_guard v7, v11, v10 ; v11 = 0
;; @004c v13 = uload8.i32 little heap v12
;; @0053 jump block1(v13)
;;
;; block1(v2: i32):
;; @0053 return v2
;; }
;; }

20
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -47,11 +47,11 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v3, v4
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v5 = icmp ugt v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v9
;; @0043 jump block1
;;
@@ -67,11 +67,11 @@
;; block0(v0: i32, v1: i64):
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v3
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp ugt v3, v4
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v5 = icmp ugt v3, v4
;; @0048 v6 = global_value.i64 gv2
;; @0048 v7 = iadd v6, v3
;; @0048 v8 = iconst.i64 0
;; @0048 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0048 v10 = load.i32 little heap v9
;; @004b jump block1(v10)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 store little heap v1, v10
;; @0044 jump block1
;;
@@ -68,12 +68,12 @@
;; block0(v0: i32, v1: i64):
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v3
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v3, v4
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v5 = icmp ugt v3, v4
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v3
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0049 v11 = load.i32 little heap v10
;; @004d jump block1(v11)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 0xffff_0000
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 0xffff_0000
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 store little heap v1, v10
;; @0047 jump block1
;;
@@ -68,12 +68,12 @@
;; block0(v0: i32, v1: i64):
;; @004c v3 = uextend.i64 v0
;; @004c v4 = global_value.i64 gv1
;; @004c v5 = global_value.i64 gv2
;; @004c v6 = iadd v5, v3
;; @004c v7 = iadd_imm v6, 0xffff_0000
;; @004c v8 = iconst.i64 0
;; @004c v9 = icmp ugt v3, v4
;; @004c v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @004c v5 = icmp ugt v3, v4
;; @004c v6 = global_value.i64 gv2
;; @004c v7 = iadd v6, v3
;; @004c v8 = iadd_imm v7, 0xffff_0000
;; @004c v9 = iconst.i64 0
;; @004c v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @004c v11 = load.i32 little heap v10
;; @0053 jump block1(v11)
;;

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -47,11 +47,11 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp uge v3, v4
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v5 = icmp uge v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v9
;; @0043 jump block1
;;
@@ -67,14 +67,14 @@
;; block0(v0: i32, v1: i64):
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v3
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp uge v3, v4
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v5 = icmp uge v3, v4
;; @0048 v6 = global_value.i64 gv2
;; @0048 v7 = iadd v6, v3
;; @0048 v8 = iconst.i64 0
;; @0048 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0048 v10 = uload8.i32 little heap v9
;; @004b jump block1(v10)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 istore8 little heap v1, v10
;; @0044 jump block1
;;
@@ -68,12 +68,12 @@
;; block0(v0: i32, v1: i64):
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v3
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v3, v4
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v5 = icmp ugt v3, v4
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v3
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0049 v11 = uload8.i32 little heap v10
;; @004d jump block1(v11)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 0xffff_0000
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v3, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v3
;; @0040 v8 = iadd_imm v7, 0xffff_0000
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 istore8 little heap v1, v10
;; @0047 jump block1
;;
@@ -68,12 +68,12 @@
;; block0(v0: i32, v1: i64):
;; @004c v3 = uextend.i64 v0
;; @004c v4 = global_value.i64 gv1
;; @004c v5 = global_value.i64 gv2
;; @004c v6 = iadd v5, v3
;; @004c v7 = iadd_imm v6, 0xffff_0000
;; @004c v8 = iconst.i64 0
;; @004c v9 = icmp ugt v3, v4
;; @004c v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @004c v5 = icmp ugt v3, v4
;; @004c v6 = global_value.i64 gv2
;; @004c v7 = iadd v6, v3
;; @004c v8 = iadd_imm v7, 0xffff_0000
;; @004c v9 = iconst.i64 0
;; @004c v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @004c v11 = uload8.i32 little heap v10
;; @0053 jump block1(v11)
;;

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -47,11 +47,11 @@
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = iadd_imm v3, -4
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v4
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v5 = icmp ugt v0, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v0
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v9
;; @0043 jump block1
;;
@@ -67,14 +67,14 @@
;; block0(v0: i64, v1: i64):
;; @0048 v3 = global_value.i64 gv1
;; @0048 v4 = iadd_imm v3, -4
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v0
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp ugt v0, v4
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v5 = icmp ugt v0, v4
;; @0048 v6 = global_value.i64 gv2
;; @0048 v7 = iadd v6, v0
;; @0048 v8 = iconst.i64 0
;; @0048 v9 = select_spectre_guard v5, v8, v7 ; v8 = 0
;; @0048 v10 = load.i32 little heap v9
;; @004b jump block1(v10)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = iadd_imm v3, -4100
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v0, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v0, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v0
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 store little heap v1, v10
;; @0044 jump block1
;;
@@ -68,15 +68,15 @@
;; block0(v0: i64, v1: i64):
;; @0049 v3 = global_value.i64 gv1
;; @0049 v4 = iadd_imm v3, -4100
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v0
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v0, v4
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v5 = icmp ugt v0, v4
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v0
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0049 v11 = load.i32 little heap v10
;; @004d jump block1(v11)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat
View File

@@ -48,12 +48,12 @@
;; @0040 v3 = iconst.i64 0xffff_0004
;; @0040 v4 = uadd_overflow_trap v0, v3, heap_oob ; v3 = 0xffff_0004
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v0
;; @0040 v8 = iadd_imm v7, 0xffff_0000
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = icmp ugt v4, v5
;; @0040 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0040 v6 = icmp ugt v4, v5
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v0
;; @0040 v9 = iadd_imm v8, 0xffff_0000
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0040 store little heap v1, v11
;; @0047 jump block1
;;
@@ -70,15 +70,15 @@
;; @004c v3 = iconst.i64 0xffff_0004
;; @004c v4 = uadd_overflow_trap v0, v3, heap_oob ; v3 = 0xffff_0004
;; @004c v5 = global_value.i64 gv1
;; @004c v6 = global_value.i64 gv2
;; @004c v7 = iadd v6, v0
;; @004c v8 = iadd_imm v7, 0xffff_0000
;; @004c v9 = iconst.i64 0
;; @004c v10 = icmp ugt v4, v5
;; @004c v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @004c v6 = icmp ugt v4, v5
;; @004c v7 = global_value.i64 gv2
;; @004c v8 = iadd v7, v0
;; @004c v9 = iadd_imm v8, 0xffff_0000
;; @004c v10 = iconst.i64 0
;; @004c v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @004c v12 = load.i32 little heap v11
;; @0053 jump block1(v12)
;;
;; block1(v2: i32):
;; @0053 return v2
;; }
;; }

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -46,11 +46,11 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp uge v0, v3
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 v4 = icmp uge v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v8
;; @0043 jump block1
;;
@@ -65,14 +65,14 @@
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = global_value.i64 gv1
;; @0048 v4 = global_value.i64 gv2
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp uge v0, v3
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v4 = icmp uge v0, v3
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v0
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0048 v9 = uload8.i32 little heap v8
;; @004b jump block1(v9)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -47,12 +47,12 @@
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = iadd_imm v3, -4097
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v0, v4
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 v5 = icmp ugt v0, v4
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v0
;; @0040 v8 = iadd_imm v7, 4096
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0040 istore8 little heap v1, v10
;; @0044 jump block1
;;
@@ -68,15 +68,15 @@
;; block0(v0: i64, v1: i64):
;; @0049 v3 = global_value.i64 gv1
;; @0049 v4 = iadd_imm v3, -4097
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v0
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v0, v4
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v5 = icmp ugt v0, v4
;; @0049 v6 = global_value.i64 gv2
;; @0049 v7 = iadd v6, v0
;; @0049 v8 = iadd_imm v7, 4096
;; @0049 v9 = iconst.i64 0
;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0
;; @0049 v11 = uload8.i32 little heap v10
;; @004d jump block1(v11)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

26
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat
View File

@@ -48,12 +48,12 @@
;; @0040 v3 = iconst.i64 0xffff_0001
;; @0040 v4 = uadd_overflow_trap v0, v3, heap_oob ; v3 = 0xffff_0001
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = global_value.i64 gv2
;; @0040 v7 = iadd v6, v0
;; @0040 v8 = iadd_imm v7, 0xffff_0000
;; @0040 v9 = iconst.i64 0
;; @0040 v10 = icmp ugt v4, v5
;; @0040 v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @0040 v6 = icmp ugt v4, v5
;; @0040 v7 = global_value.i64 gv2
;; @0040 v8 = iadd v7, v0
;; @0040 v9 = iadd_imm v8, 0xffff_0000
;; @0040 v10 = iconst.i64 0
;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @0040 istore8 little heap v1, v11
;; @0047 jump block1
;;
@@ -70,15 +70,15 @@
;; @004c v3 = iconst.i64 0xffff_0001
;; @004c v4 = uadd_overflow_trap v0, v3, heap_oob ; v3 = 0xffff_0001
;; @004c v5 = global_value.i64 gv1
;; @004c v6 = global_value.i64 gv2
;; @004c v7 = iadd v6, v0
;; @004c v8 = iadd_imm v7, 0xffff_0000
;; @004c v9 = iconst.i64 0
;; @004c v10 = icmp ugt v4, v5
;; @004c v11 = select_spectre_guard v10, v9, v8 ; v9 = 0
;; @004c v6 = icmp ugt v4, v5
;; @004c v7 = global_value.i64 gv2
;; @004c v8 = iadd v7, v0
;; @004c v9 = iadd_imm v8, 0xffff_0000
;; @004c v10 = iconst.i64 0
;; @004c v11 = select_spectre_guard v6, v10, v9 ; v10 = 0
;; @004c v12 = uload8.i32 little heap v11
;; @0053 jump block1(v12)
;;
;; block1(v2: i32):
;; @0053 return v2
;; }
;; }

20
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -46,11 +46,11 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp ugt v0, v3
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 v4 = icmp ugt v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v8
;; @0043 jump block1
;;
@@ -65,11 +65,11 @@
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = global_value.i64 gv1
;; @0048 v4 = global_value.i64 gv2
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp ugt v0, v3
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v4 = icmp ugt v0, v3
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v0
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0048 v9 = load.i32 little heap v8
;; @004b jump block1(v9)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -46,12 +46,12 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v4 = icmp ugt v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v9
;; @0044 jump block1
;;
@@ -66,12 +66,12 @@
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = global_value.i64 gv1
;; @0049 v4 = global_value.i64 gv2
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v4 = icmp ugt v0, v3
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v0
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0049 v10 = load.i32 little heap v9
;; @004d jump block1(v10)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat
View File

@@ -46,12 +46,12 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 0xffff_0000
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v4 = icmp ugt v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 0xffff_0000
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v9
;; @0047 jump block1
;;
@@ -66,12 +66,12 @@
;;
;; block0(v0: i64, v1: i64):
;; @004c v3 = global_value.i64 gv1
;; @004c v4 = global_value.i64 gv2
;; @004c v5 = iadd v4, v0
;; @004c v6 = iadd_imm v5, 0xffff_0000
;; @004c v7 = iconst.i64 0
;; @004c v8 = icmp ugt v0, v3
;; @004c v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @004c v4 = icmp ugt v0, v3
;; @004c v5 = global_value.i64 gv2
;; @004c v6 = iadd v5, v0
;; @004c v7 = iadd_imm v6, 0xffff_0000
;; @004c v8 = iconst.i64 0
;; @004c v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @004c v10 = load.i32 little heap v9
;; @0053 jump block1(v10)
;;

22
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -46,11 +46,11 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp uge v0, v3
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 v4 = icmp uge v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v8
;; @0043 jump block1
;;
@@ -65,14 +65,14 @@
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = global_value.i64 gv1
;; @0048 v4 = global_value.i64 gv2
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp uge v0, v3
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v4 = icmp uge v0, v3
;; @0048 v5 = global_value.i64 gv2
;; @0048 v6 = iadd v5, v0
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0048 v9 = uload8.i32 little heap v8
;; @004b jump block1(v9)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -46,12 +46,12 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v4 = icmp ugt v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v9
;; @0044 jump block1
;;
@@ -66,12 +66,12 @@
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = global_value.i64 gv1
;; @0049 v4 = global_value.i64 gv2
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v4 = icmp ugt v0, v3
;; @0049 v5 = global_value.i64 gv2
;; @0049 v6 = iadd v5, v0
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0049 v10 = uload8.i32 little heap v9
;; @004d jump block1(v10)
;;

24
cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat
View File

@@ -46,12 +46,12 @@
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = global_value.i64 gv1
;; @0040 v4 = global_value.i64 gv2
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 0xffff_0000
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 v4 = icmp ugt v0, v3
;; @0040 v5 = global_value.i64 gv2
;; @0040 v6 = iadd v5, v0
;; @0040 v7 = iadd_imm v6, 0xffff_0000
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v9
;; @0047 jump block1
;;
@@ -66,12 +66,12 @@
;;
;; block0(v0: i64, v1: i64):
;; @004c v3 = global_value.i64 gv1
;; @004c v4 = global_value.i64 gv2
;; @004c v5 = iadd v4, v0
;; @004c v6 = iadd_imm v5, 0xffff_0000
;; @004c v7 = iconst.i64 0
;; @004c v8 = icmp ugt v0, v3
;; @004c v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @004c v4 = icmp ugt v0, v3
;; @004c v5 = global_value.i64 gv2
;; @004c v6 = iadd v5, v0
;; @004c v7 = iadd_imm v6, 0xffff_0000
;; @004c v8 = iconst.i64 0
;; @004c v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @004c v10 = uload8.i32 little heap v9
;; @0053 jump block1(v10)
;;

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -43,13 +43,12 @@
;;
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = iconst.i64 0x0fff_fffc
;; @0040 v4 = icmp_imm ugt v3, 0x0fff_fffc
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v3, v4 ; v4 = 0x0fff_fffc
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v9
;; @0040 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v8
;; @0043 jump block1
;;
;; block1:
@@ -62,15 +61,14 @@
;;
;; block0(v0: i32, v1: i64):
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = iconst.i64 0x0fff_fffc
;; @0048 v4 = icmp_imm ugt v3, 0x0fff_fffc
;; @0048 v5 = global_value.i64 gv1
;; @0048 v6 = iadd v5, v3
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp ugt v3, v4 ; v4 = 0x0fff_fffc
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v10 = load.i32 little heap v9
;; @004b jump block1(v10)
;; @0048 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0048 v9 = load.i32 little heap v8
;; @004b jump block1(v9)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -43,14 +43,13 @@
;;
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = iconst.i64 0x0fff_effc
;; @0040 v4 = icmp_imm ugt v3, 0x0fff_effc
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4 ; v4 = 0x0fff_effc
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v10
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 store little heap v1, v9
;; @0044 jump block1
;;
;; block1:
@@ -63,16 +62,15 @@
;;
;; block0(v0: i32, v1: i64):
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = iconst.i64 0x0fff_effc
;; @0049 v4 = icmp_imm ugt v3, 0x0fff_effc
;; @0049 v5 = global_value.i64 gv1
;; @0049 v6 = iadd v5, v3
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v3, v4 ; v4 = 0x0fff_effc
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v11 = load.i32 little heap v10
;; @004d jump block1(v11)
;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0049 v10 = load.i32 little heap v9
;; @004d jump block1(v10)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -43,13 +43,12 @@
;;
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = iconst.i64 0x0fff_ffff
;; @0040 v4 = icmp_imm ugt v3, 0x0fff_ffff
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v3, v4 ; v4 = 0x0fff_ffff
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v9
;; @0040 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v8
;; @0043 jump block1
;;
;; block1:
@@ -62,15 +61,14 @@
;;
;; block0(v0: i32, v1: i64):
;; @0048 v3 = uextend.i64 v0
;; @0048 v4 = iconst.i64 0x0fff_ffff
;; @0048 v4 = icmp_imm ugt v3, 0x0fff_ffff
;; @0048 v5 = global_value.i64 gv1
;; @0048 v6 = iadd v5, v3
;; @0048 v7 = iconst.i64 0
;; @0048 v8 = icmp ugt v3, v4 ; v4 = 0x0fff_ffff
;; @0048 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0048 v10 = uload8.i32 little heap v9
;; @004b jump block1(v10)
;; @0048 v8 = select_spectre_guard v4, v7, v6 ; v7 = 0
;; @0048 v9 = uload8.i32 little heap v8
;; @004b jump block1(v9)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -43,14 +43,13 @@
;;
;; block0(v0: i32, v1: i32, v2: i64):
;; @0040 v3 = uextend.i64 v0
;; @0040 v4 = iconst.i64 0x0fff_efff
;; @0040 v4 = icmp_imm ugt v3, 0x0fff_efff
;; @0040 v5 = global_value.i64 gv1
;; @0040 v6 = iadd v5, v3
;; @0040 v7 = iadd_imm v6, 4096
;; @0040 v8 = iconst.i64 0
;; @0040 v9 = icmp ugt v3, v4 ; v4 = 0x0fff_efff
;; @0040 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v10
;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0040 istore8 little heap v1, v9
;; @0044 jump block1
;;
;; block1:
@@ -63,16 +62,15 @@
;;
;; block0(v0: i32, v1: i64):
;; @0049 v3 = uextend.i64 v0
;; @0049 v4 = iconst.i64 0x0fff_efff
;; @0049 v4 = icmp_imm ugt v3, 0x0fff_efff
;; @0049 v5 = global_value.i64 gv1
;; @0049 v6 = iadd v5, v3
;; @0049 v7 = iadd_imm v6, 4096
;; @0049 v8 = iconst.i64 0
;; @0049 v9 = icmp ugt v3, v4 ; v4 = 0x0fff_efff
;; @0049 v10 = select_spectre_guard v9, v8, v7 ; v8 = 0
;; @0049 v11 = uload8.i32 little heap v10
;; @004d jump block1(v11)
;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0
;; @0049 v10 = uload8.i32 little heap v9
;; @004d jump block1(v10)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -42,13 +42,12 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_fffc
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_fffc
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_fffc
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 store little heap v1, v8
;; @0040 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0040 store little heap v1, v7
;; @0043 jump block1
;;
;; block1:
@@ -60,15 +59,14 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = iconst.i64 0x0fff_fffc
;; @0048 v3 = icmp_imm ugt v0, 0x0fff_fffc
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_fffc
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v9 = load.i32 little heap v8
;; @004b jump block1(v9)
;; @0048 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0048 v8 = load.i32 little heap v7
;; @004b jump block1(v8)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -42,14 +42,13 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_effc
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_effc
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_effc
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v9
;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v8
;; @0044 jump block1
;;
;; block1:
@@ -61,16 +60,15 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = iconst.i64 0x0fff_effc
;; @0049 v3 = icmp_imm ugt v0, 0x0fff_effc
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_effc
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v10 = load.i32 little heap v9
;; @004d jump block1(v10)
;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0049 v9 = load.i32 little heap v8
;; @004d jump block1(v9)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -42,13 +42,12 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_ffff
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_ffff
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_ffff
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 istore8 little heap v1, v8
;; @0040 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0040 istore8 little heap v1, v7
;; @0043 jump block1
;;
;; block1:
@@ -60,15 +59,14 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = iconst.i64 0x0fff_ffff
;; @0048 v3 = icmp_imm ugt v0, 0x0fff_ffff
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_ffff
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v9 = uload8.i32 little heap v8
;; @004b jump block1(v9)
;; @0048 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0048 v8 = uload8.i32 little heap v7
;; @004b jump block1(v8)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -42,14 +42,13 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_efff
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_efff
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_efff
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v9
;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v8
;; @0044 jump block1
;;
;; block1:
@@ -61,16 +60,15 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = iconst.i64 0x0fff_efff
;; @0049 v3 = icmp_imm ugt v0, 0x0fff_efff
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_efff
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v10 = uload8.i32 little heap v9
;; @004d jump block1(v10)
;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0049 v9 = uload8.i32 little heap v8
;; @004d jump block1(v9)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0_offset.wat
View File

@@ -42,13 +42,12 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_fffc
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_fffc
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_fffc
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 store little heap v1, v8
;; @0040 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0040 store little heap v1, v7
;; @0043 jump block1
;;
;; block1:
@@ -60,15 +59,14 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = iconst.i64 0x0fff_fffc
;; @0048 v3 = icmp_imm ugt v0, 0x0fff_fffc
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_fffc
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v9 = load.i32 little heap v8
;; @004b jump block1(v9)
;; @0048 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0048 v8 = load.i32 little heap v7
;; @004b jump block1(v8)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat
View File

@@ -42,14 +42,13 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_effc
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_effc
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_effc
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v9
;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0040 store little heap v1, v8
;; @0044 jump block1
;;
;; block1:
@@ -61,16 +60,15 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = iconst.i64 0x0fff_effc
;; @0049 v3 = icmp_imm ugt v0, 0x0fff_effc
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_effc
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v10 = load.i32 little heap v9
;; @004d jump block1(v10)
;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0049 v9 = load.i32 little heap v8
;; @004d jump block1(v9)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0_offset.wat
View File

@@ -42,13 +42,12 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_ffff
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_ffff
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iconst.i64 0
;; @0040 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_ffff
;; @0040 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0040 istore8 little heap v1, v8
;; @0040 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0040 istore8 little heap v1, v7
;; @0043 jump block1
;;
;; block1:
@@ -60,15 +59,14 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0048 v3 = iconst.i64 0x0fff_ffff
;; @0048 v3 = icmp_imm ugt v0, 0x0fff_ffff
;; @0048 v4 = global_value.i64 gv1
;; @0048 v5 = iadd v4, v0
;; @0048 v6 = iconst.i64 0
;; @0048 v7 = icmp ugt v0, v3 ; v3 = 0x0fff_ffff
;; @0048 v8 = select_spectre_guard v7, v6, v5 ; v6 = 0
;; @0048 v9 = uload8.i32 little heap v8
;; @004b jump block1(v9)
;; @0048 v7 = select_spectre_guard v3, v6, v5 ; v6 = 0
;; @0048 v8 = uload8.i32 little heap v7
;; @004b jump block1(v8)
;;
;; block1(v2: i32):
;; @004b return v2
;; }
;; }

18
cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat
View File

@@ -42,14 +42,13 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i32, v2: i64):
;; @0040 v3 = iconst.i64 0x0fff_efff
;; @0040 v3 = icmp_imm ugt v0, 0x0fff_efff
;; @0040 v4 = global_value.i64 gv1
;; @0040 v5 = iadd v4, v0
;; @0040 v6 = iadd_imm v5, 4096
;; @0040 v7 = iconst.i64 0
;; @0040 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_efff
;; @0040 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v9
;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0040 istore8 little heap v1, v8
;; @0044 jump block1
;;
;; block1:
@@ -61,16 +60,15 @@
;; gv1 = load.i64 notrap aligned readonly gv0
;;
;; block0(v0: i64, v1: i64):
;; @0049 v3 = iconst.i64 0x0fff_efff
;; @0049 v3 = icmp_imm ugt v0, 0x0fff_efff
;; @0049 v4 = global_value.i64 gv1
;; @0049 v5 = iadd v4, v0
;; @0049 v6 = iadd_imm v5, 4096
;; @0049 v7 = iconst.i64 0
;; @0049 v8 = icmp ugt v0, v3 ; v3 = 0x0fff_efff
;; @0049 v9 = select_spectre_guard v8, v7, v6 ; v7 = 0
;; @0049 v10 = uload8.i32 little heap v9
;; @004d jump block1(v10)
;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0
;; @0049 v9 = uload8.i32 little heap v8
;; @004d jump block1(v9)
;;
;; block1(v2: i32):
;; @004d return v2
;; }
;; }

238
cranelift/wasm/src/code_translator/bounds_checks.rs
View File

@@ -83,39 +83,19 @@ where
//
// index + 1 > bound
// ==> index >= bound
//
// 1.a. When Spectre mitigations are enabled, avoid duplicating
// bounds checks between the mitigations and the regular bounds
// checks.
HeapStyle::Dynamic { bound_gv } if offset_and_size == 1 && spectre_mitigations_enabled => {
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
Reachable(compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
Some(SpectreOobComparison {
cc: IntCC::UnsignedGreaterThanOrEqual,
lhs: index,
rhs: bound,
}),
))
}
// 1.b. Emit explicit `index >= bound` bounds checks.
HeapStyle::Dynamic { bound_gv } if offset_and_size == 1 => {
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
let oob = builder
.ins()
.icmp(IntCC::UnsignedGreaterThanOrEqual, index, bound);
builder.ins().trapnz(oob, ir::TrapCode::HeapOutOfBounds);
Reachable(compute_addr(
Reachable(explicit_check_oob_condition_and_compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
None,
spectre_mitigations_enabled,
oob,
))
}
@@ -144,84 +124,41 @@ where
// offset immediates -- which is a common code pattern when accessing
// multiple fields in the same struct that is in linear memory --
// will all emit the same `index > bound` check, which we can GVN.
//
// 2.a Dedupe bounds checks with Spectre mitigations.
HeapStyle::Dynamic { bound_gv }
if offset_and_size <= heap.offset_guard_size && spectre_mitigations_enabled =>
{
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
Reachable(compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
Some(SpectreOobComparison {
cc: IntCC::UnsignedGreaterThan,
lhs: index,
rhs: bound,
}),
))
}
// 2.b. Emit explicit `index > bound` check.
HeapStyle::Dynamic { bound_gv } if offset_and_size <= heap.offset_guard_size => {
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
let oob = builder.ins().icmp(IntCC::UnsignedGreaterThan, index, bound);
builder.ins().trapnz(oob, ir::TrapCode::HeapOutOfBounds);
Reachable(compute_addr(
Reachable(explicit_check_oob_condition_and_compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
None,
spectre_mitigations_enabled,
oob,
))
}
// 3. Second special case for when `offset + access_size <= min_size`.
// 3. Third special case for when `offset + access_size <= min_size`.
//
// We know that `bound >= min_size`, so we can do the following
// comparison, without fear of the right-hand side wrapping around:
//
// index + offset + access_size > bound
// ==> index > bound - (offset + access_size)
//
// 3.a. Dedupe bounds checks with Spectre mitigations.
HeapStyle::Dynamic { bound_gv }
if offset_and_size <= heap.min_size.into() && spectre_mitigations_enabled =>
{
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
let adjusted_bound = builder.ins().iadd_imm(bound, -(offset_and_size as i64));
Reachable(compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
Some(SpectreOobComparison {
cc: IntCC::UnsignedGreaterThan,
lhs: index,
rhs: adjusted_bound,
}),
))
}
// 3.b. Emit explicit `index > bound - (offset + access_size)` bounds
// checks.
HeapStyle::Dynamic { bound_gv } if offset_and_size <= heap.min_size.into() => {
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
let adjusted_bound = builder.ins().iadd_imm(bound, -(offset_and_size as i64));
let oob = builder
.ins()
.icmp(IntCC::UnsignedGreaterThan, index, adjusted_bound);
builder.ins().trapnz(oob, ir::TrapCode::HeapOutOfBounds);
Reachable(compute_addr(
Reachable(explicit_check_oob_condition_and_compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
None,
spectre_mitigations_enabled,
oob,
))
}
@@ -230,33 +167,6 @@ where
// index + offset + access_size > bound
//
// And we have to handle the overflow case in the left-hand side.
//
// 4.a. Dedupe bounds checks with Spectre mitigations.
HeapStyle::Dynamic { bound_gv } if spectre_mitigations_enabled => {
let access_size_val = builder
.ins()
.iconst(env.pointer_type(), offset_and_size as i64);
let adjusted_index = builder.ins().uadd_overflow_trap(
index,
access_size_val,
ir::TrapCode::HeapOutOfBounds,
);
let bound = builder.ins().global_value(env.pointer_type(), bound_gv);
Reachable(compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
Some(SpectreOobComparison {
cc: IntCC::UnsignedGreaterThan,
lhs: adjusted_index,
rhs: bound,
}),
))
}
// 4.b. Emit an explicit `index + offset + access_size > bound`
// check.
HeapStyle::Dynamic { bound_gv } => {
let access_size_val = builder
.ins()
@@ -270,14 +180,14 @@ where
let oob = builder
.ins()
.icmp(IntCC::UnsignedGreaterThan, adjusted_index, bound);
builder.ins().trapnz(oob, ir::TrapCode::HeapOutOfBounds);
Reachable(compute_addr(
Reachable(explicit_check_oob_condition_and_compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
None,
spectre_mitigations_enabled,
oob,
))
}
@@ -344,7 +254,6 @@ where
env.pointer_type(),
index,
offset,
None,
))
}
@@ -359,45 +268,22 @@ where
// Since we have to emit explicit bounds checks, we might as well be
// precise, not rely on the virtual memory subsystem at all, and not
// factor in the guard pages here.
//
// 3.a. Dedupe the Spectre mitigation and the explicit bounds check.
HeapStyle::Static { bound } if spectre_mitigations_enabled => {
HeapStyle::Static { bound } => {
// NB: this subtraction cannot wrap because we didn't hit the first
// special case.
let adjusted_bound = u64::from(bound) - offset_and_size;
let adjusted_bound = builder
.ins()
.iconst(env.pointer_type(), adjusted_bound as i64);
Reachable(compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
Some(SpectreOobComparison {
cc: IntCC::UnsignedGreaterThan,
lhs: index,
rhs: adjusted_bound,
}),
))
}
// 3.b. Emit the explicit `index > bound - (offset + access_size)`
// check.
HeapStyle::Static { bound } => {
// See comment in 3.a. above.
let adjusted_bound = u64::from(bound) - offset_and_size;
let oob =
builder
.ins()
.icmp_imm(IntCC::UnsignedGreaterThan, index, adjusted_bound as i64);
builder.ins().trapnz(oob, ir::TrapCode::HeapOutOfBounds);
Reachable(compute_addr(
Reachable(explicit_check_oob_condition_and_compute_addr(
&mut builder.cursor(),
heap,
env.pointer_type(),
index,
offset,
None,
spectre_mitigations_enabled,
oob,
))
}
})
@@ -433,64 +319,64 @@ fn cast_index_to_pointer_ty(
extended_index
}
struct SpectreOobComparison {
cc: IntCC,
lhs: ir::Value,
rhs: ir::Value,
/// Emit explicit checks on the given out-of-bounds condition for the Wasm
/// address and return the native address.
///
/// This function deduplicates explicit bounds checks and Spectre mitigations
/// that inherently also implement bounds checking.
fn explicit_check_oob_condition_and_compute_addr(
pos: &mut FuncCursor,
heap: &HeapData,
addr_ty: ir::Type,
index: ir::Value,
offset: u32,
// Whether Spectre mitigations are enabled for heap accesses.
spectre_mitigations_enabled: bool,
// The `i8` boolean value that is non-zero when the heap access is out of
// bounds (and therefore we should trap) and is zero when the heap access is
// in bounds (and therefore we can proceed).
oob_condition: ir::Value,
) -> ir::Value {
if !spectre_mitigations_enabled {
pos.ins()
.trapnz(oob_condition, ir::TrapCode::HeapOutOfBounds);
}
let mut addr = compute_addr(pos, heap, addr_ty, index, offset);
if spectre_mitigations_enabled {
let null = pos.ins().iconst(addr_ty, 0);
addr = pos.ins().select_spectre_guard(oob_condition, null, addr);
}
addr
}
/// Emit code for the base address computation of a `heap_addr` instruction,
/// without any bounds checks (other than optional Spectre mitigations).
/// Emit code for the native address computation of a Wasm address,
/// without any bounds checks or overflow checks.
///
/// It is the caller's responsibility to ensure that any necessary bounds and
/// overflow checks are emitted, and that the resulting address is never used
/// unless they succeed.
fn compute_addr(
pos: &mut FuncCursor,
heap: &HeapData,
addr_ty: ir::Type,
index: ir::Value,
offset: u32,
// If we are performing Spectre mitigation with conditional selects, the
// values to compare and the condition code that indicates an out-of-bounds
// condition; on this condition, the conditional move will choose a
// speculatively safe address (a zero / null pointer) instead.
spectre_oob_comparison: Option<SpectreOobComparison>,
) -> ir::Value {
debug_assert_eq!(pos.func.dfg.value_type(index), addr_ty);
// Add the heap base address base
let base = pos.ins().global_value(addr_ty, heap.base);
// NB: We don't need to worry about overflow here when computing `base +
// index + offset` because the callee handled this concern for us and
// either:
//
// * We already did an explicit bounds check and know that `index + offset`
// is within the heap's bounds, and therefore `base + index + offset` will
// not overflow.
//
// * Or we will do that bounds check in the `select_spectre_guard` below,
// and won't use the resulting value until after that bounds check
// succeeds (and therefore we know that `index + offset` is within the
// heap's bouns and `base + index + offset` didn't overflow). In this
// scenario, if the addition did overflow, it doesn't matter since we will
// just trap and won't use the result.
//
// * Or we statically know that it can never overflow due to the given heap
// configuration (e.g. 32-bit static memories on a 64-bit host).
let final_base = pos.ins().iadd(base, index);
let final_addr = if offset == 0 {
final_base
let heap_base = pos.ins().global_value(addr_ty, heap.base);
let base_and_index = pos.ins().iadd(heap_base, index);
if offset == 0 {
base_and_index
} else {
// NB: The addition of the offset immediate must happen *before* the
// `select_spectre_guard`. If it happens after, then we potentially are
// letting speculative execution read the whole first 4GiB of memory.
pos.ins().iadd_imm(final_base, offset as i64)
};
if let Some(SpectreOobComparison { cc, lhs, rhs }) = spectre_oob_comparison {
let null = pos.ins().iconst(addr_ty, 0);
let cmp = pos.ins().icmp(cc, lhs, rhs);
pos.ins().select_spectre_guard(cmp, null, final_addr)
} else {
final_addr
// `select_spectre_guard`, if any. If it happens after, then we
// potentially are letting speculative execution read the whole first
// 4GiB of memory.
pos.ins().iadd_imm(base_and_index, offset as i64)
}
}