cranelift: Correctly calculate heap addresses in interpreter (#5155)

We were accidentally including the size as part of the offset when computing heap addresses.
2022-10-31 22:07:14 +00:00
parent 6d289723bd
commit faeeed4fb9
2 changed files with 27 additions and 3 deletions
--- a/cranelift/interpreter/src/step.rs
+++ b/cranelift/interpreter/src/step.rs
@@ -498,10 +498,17 @@ where
        Opcode::TlsValue => unimplemented!("TlsValue"),
        Opcode::HeapAddr => {
            if let InstructionData::HeapAddr { heap, .. } = inst {
-                let load_ty = inst_context.controlling_type().unwrap();
-                let offset = calculate_addr(ctrl_ty, imm(), args()?)? as u64;
+                let addr_ty = inst_context.controlling_type().unwrap();
+                let offset = arg(0)?.into_int()? as u64;
+                let load_size = imm().into_int()? as u64;
                assign_or_memtrap({
-                    AddressSize::try_from(load_ty).and_then(|addr_size| {
+                    AddressSize::try_from(addr_ty).and_then(|addr_size| {
+                        // Attempt to build an address at the maximum possible offset
+                        // for this load. If address generation fails we know it's out of bounds.
+                        let bound_offset = (offset + load_size).saturating_sub(1);
+                        state.heap_address(addr_size, heap, bound_offset)?;
+
+                        // Build the actual address
                        let addr = state.heap_address(addr_size, heap, offset)?;
                        let dv = DataValue::try_from(addr)?;
                        Ok(dv.into())