From 68a627ea2c6682aadbd7c6e9c6d694eb3eb211a8 Mon Sep 17 00:00:00 2001 From: Wenyong Huang Date: Thu, 2 Nov 2023 20:36:21 +0800 Subject: [PATCH] Fix several AOT compiler issues (#2697) - Fix potential invalid push param phis and add incoming phis to a un-existed basic block - Fix potential invalid shift count int rotl/rotr opcodes - Resize memory_data_size to UINT32_MAX if it is 4G when hw bound check is enabled - Fix negative linear memory offset is used for 64-bit target it is const and larger than INT32_MAX --- core/iwasm/aot/aot_runtime.c | 4 ++++ core/iwasm/compilation/aot_emit_control.c | 16 ++++++++++++++-- core/iwasm/compilation/aot_emit_memory.c | 5 ++++- core/iwasm/compilation/aot_emit_numberic.c | 14 +++++++++++--- core/iwasm/interpreter/wasm_runtime.c | 4 ++++ 5 files changed, 37 insertions(+), 6 deletions(-) diff --git a/core/iwasm/aot/aot_runtime.c b/core/iwasm/aot/aot_runtime.c index 954da415..a65d1f53 100644 --- a/core/iwasm/aot/aot_runtime.c +++ b/core/iwasm/aot/aot_runtime.c @@ -554,8 +554,12 @@ memory_instantiate(AOTModuleInstance *module_inst, AOTModuleInstance *parent, os_munmap(mapped_mem, map_size); return NULL; } + /* Newly allocated pages are filled with zero by the OS, we don't fill it * again here */ + + if (memory_data_size > UINT32_MAX) + memory_data_size = UINT32_MAX; #endif /* end of OS_ENABLE_HW_BOUND_CHECK */ memory_inst->module_type = Wasm_Module_AoT; diff --git a/core/iwasm/compilation/aot_emit_control.c b/core/iwasm/compilation/aot_emit_control.c index 446ca5ea..895bf7e3 100644 --- a/core/iwasm/compilation/aot_emit_control.c +++ b/core/iwasm/compilation/aot_emit_control.c @@ -344,7 +344,9 @@ push_aot_block_to_stack_and_pass_params(AOTCompContext *comp_ctx, for (i = 0; i < block->param_count; i++) { param_index = block->param_count - 1 - i; POP(value, block->param_types[param_index]); - ADD_TO_PARAM_PHIS(block, value, param_index); + if (block->llvm_entry_block) + /* Only add incoming phis if the entry block was created */ + ADD_TO_PARAM_PHIS(block, value, param_index); if (block->label_type == LABEL_TYPE_IF && !block->skip_wasm_code_else) { if (block->llvm_else_block) { @@ -366,7 +368,17 @@ push_aot_block_to_stack_and_pass_params(AOTCompContext *comp_ctx, /* Push param phis to the new block */ for (i = 0; i < block->param_count; i++) { - PUSH(block->param_phis[i], block->param_types[i]); + if (block->llvm_entry_block) + /* Push param phis if the entry basic block was created */ + PUSH(block->param_phis[i], block->param_types[i]); + else { + bh_assert(block->label_type == LABEL_TYPE_IF + && block->llvm_else_block && block->else_param_phis + && !block->skip_wasm_code_else); + /* Push else param phis if we start to translate the + else branch */ + PUSH(block->else_param_phis[i], block->param_types[i]); + } } return true; diff --git a/core/iwasm/compilation/aot_emit_memory.c b/core/iwasm/compilation/aot_emit_memory.c index 7484d4b5..8c35c3fe 100644 --- a/core/iwasm/compilation/aot_emit_memory.c +++ b/core/iwasm/compilation/aot_emit_memory.c @@ -157,7 +157,10 @@ aot_check_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx, if (mem_offset + bytes <= mem_data_size) { /* inside memory space */ - offset1 = I32_CONST((uint32)mem_offset); + if (comp_ctx->pointer_size == sizeof(uint64)) + offset1 = I64_CONST((uint32)mem_offset); + else + offset1 = I32_CONST((uint32)mem_offset); CHECK_LLVM_CONST(offset1); if (!enable_segue) { if (!(maddr = LLVMBuildInBoundsGEP2(comp_ctx->builder, diff --git a/core/iwasm/compilation/aot_emit_numberic.c b/core/iwasm/compilation/aot_emit_numberic.c index 04cfaada..8b6ec02d 100644 --- a/core/iwasm/compilation/aot_emit_numberic.c +++ b/core/iwasm/compilation/aot_emit_numberic.c @@ -777,17 +777,25 @@ compile_int_rot(AOTCompContext *comp_ctx, LLVMValueRef left, LLVMValueRef right, if (IS_CONST_ZERO(right)) return left; - /* Calculate (bits - shif_count) */ + /* Calculate (bits - shift_count) */ LLVM_BUILD_OP(Sub, is_i32 ? I32_32 : I64_64, right, bits_minus_shift_count, "bits_minus_shift_count", NULL); + /* Calculate (bits - shift_count) & mask */ + bits_minus_shift_count = + LLVMBuildAnd(comp_ctx->builder, bits_minus_shift_count, + is_i32 ? I32_31 : I64_63, "bits_minus_shift_count_and"); + if (!bits_minus_shift_count) { + aot_set_last_error("llvm build and failed."); + return NULL; + } if (is_rotl) { - /* left<>(BITS-count) */ + /* (left << count) | (left >> ((BITS - count) & mask)) */ LLVM_BUILD_OP(Shl, left, right, tmp_l, "tmp_l", NULL); LLVM_BUILD_OP(LShr, left, bits_minus_shift_count, tmp_r, "tmp_r", NULL); } else { - /* left>>count | left<<(BITS-count) */ + /* (left >> count) | (left << ((BITS - count) & mask)) */ LLVM_BUILD_OP(LShr, left, right, tmp_l, "tmp_l", NULL); LLVM_BUILD_OP(Shl, left, bits_minus_shift_count, tmp_r, "tmp_r", NULL); } diff --git a/core/iwasm/interpreter/wasm_runtime.c b/core/iwasm/interpreter/wasm_runtime.c index a8700169..6c18d492 100644 --- a/core/iwasm/interpreter/wasm_runtime.c +++ b/core/iwasm/interpreter/wasm_runtime.c @@ -338,8 +338,12 @@ memory_instantiate(WASMModuleInstance *module_inst, WASMModuleInstance *parent, set_error_buf(error_buf, error_buf_size, "mprotect memory failed"); goto fail2; } + /* Newly allocated pages are filled with zero by the OS, we don't fill it * again here */ + + if (memory_data_size > UINT32_MAX) + memory_data_size = UINT32_MAX; #endif /* end of OS_ENABLE_HW_BOUND_CHECK */ memory->module_type = Wasm_Module_Bytecode;