T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cranelift: consider heap's guard pages when legalizing heap_addr (#5335)

Browse Source 
* Cranelift: consider heap's guard pages when legalizing `heap_addr`

Fixes #5328

* Update comment to align more directly with implementation

* Add legalization tests for `heap_addr` and offset guard pages
This commit is contained in:
Nick Fitzgerald
2022-11-29 11:54:25 -08:00
committed by GitHub
parent f138fc0ed3
commit 913a2ec8c8
3 changed files with 96 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
cranelift/filetests/filetests/legalizer/static-heap-with-guard-pages.clif Normal file
View File

@@ -0,0 +1,21 @@
test legalizer
set enable_heap_access_spectre_mitigation=true
target x86_64
;; The offset guard is large enough that we don't need explicit bounds checks.
function %test(i64 vmctx, i32) -> i64 {
gv0 = vmctx
gv1 = load.i64 notrap aligned gv0+0
heap0 = static gv1, min 0x1000, bound 0x1000, offset_guard 0xffff_ffff, index_type i32
block0(v0: i64, v1: i32):
v2 = heap_addr.i64 heap0, v1, 0, 4
return v2
}
; check: block0(v0: i64, v1: i32):
; nextln: v3 = uextend.i64 v1
; nextln: v4 = load.i64 notrap aligned v0
; nextln: v2 = iadd v4, v3
; nextln: return v2

34
cranelift/filetests/filetests/legalizer/static-heap-without-guard-pages.clif Normal file
View File

@@ -0,0 +1,34 @@
test legalizer
set enable_heap_access_spectre_mitigation=true
target x86_64
;; The offset guard is not large enough to avoid explicit bounds checks.
function %test(i64 vmctx, i32) -> i64 {
gv0 = vmctx
gv1 = load.i64 notrap aligned gv0+0
heap0 = static gv1, min 0x1000, bound 0x1000, offset_guard 0xffff_0000, index_type i32
block0(v0: i64, v1: i32):
v2 = heap_addr.i64 heap0, v1, 0, 4
return v2
}
; check: block0(v0: i64, v1: i32):
; nextln: v3 = uextend.i64 v1
; nextln: v10 = iconst.i64 4092
; nextln: v4 = icmp ugt v3, v10 ; v10 = 4092
; nextln: brz v4, block2
; nextln: jump block1
; nextln:
; nextln: block1:
; nextln: trap heap_oob
; nextln:
; nextln: block2:
; nextln: v5 = iconst.i64 4092
; nextln: v6 = load.i64 notrap aligned v0
; nextln: v7 = iadd v6, v3
; nextln: v8 = iconst.i64 0
; nextln: v9 = icmp.i64 ugt v3, v5 ; v5 = 4092
; nextln: v2 = select_spectre_guard v9, v8, v7 ; v8 = 0
; nextln: return v2