MIPS[64]: Reland of `Fix unaligned arguments storage in Wasm-to-interpreter entry`

Reland 84ff6e4c In Wasm-to-interpeter entry creation, arguments for the interpreter are stored in an argument buffer. Depending on the order of the arguments some arguments may be misaligned and this causes crashes on those architectures that do not support unaligned memory access. TEST=mjsunit/wasm/interpreter BUG= Review-Url: https://codereview.chromium.org/2887053003 Cr-Commit-Position: refs/heads/master@{#45703}

MIPS[64]: Reland of `Fix unaligned arguments storage in Wasm-to-interpreter entry`
Reland 84ff6e4c In Wasm-to-interpeter entry creation, arguments for the interpreter are stored in an argument buffer. Depending on the order of the arguments some arguments may be misaligned and this causes crashes on those architectures that do not support unaligned memory access. TEST=mjsunit/wasm/interpreter BUG= Review-Url: https://codereview.chromium.org/2887053003 Cr-Commit-Position: refs/heads/master@{#45703}
656c6d5e · ivica.bogosavljevic · Commit Bot · 65c36c5c · 656c6d5e · 656c6d5e
Commit 656c6d5e authored Jun 05, 2017 by ivica.bogosavljevic Committed by Commit Bot Jun 05, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 19 deletions

wasm-compiler.cc src/compiler/wasm-compiler.cc +31 -18

wasm-compiler.h src/compiler/wasm-compiler.h +1 -1

No files found.
--- a/src/compiler/wasm-compiler.cc
+++ b/src/compiler/wasm-compiler.cc
@@ -2803,10 +2803,11 @@ void WasmGraphBuilder::BuildWasmInterpreterEntry(
      sig->return_count() == 0 ? 0 : 1 << ElementSizeLog2Of(sig->GetReturn(0));

  // Get a stack slot for the arguments.
-  Node* arg_buffer = args_size_bytes == 0 && return_size_bytes == 0
-                         ? jsgraph()->IntPtrConstant(0)
-                         : graph()->NewNode(jsgraph()->machine()->StackSlot(
-                               std::max(args_size_bytes, return_size_bytes)));
+  Node* arg_buffer =
+      args_size_bytes == 0 && return_size_bytes == 0
+          ? jsgraph()->IntPtrConstant(0)
+          : graph()->NewNode(jsgraph()->machine()->StackSlot(
+                std::max(args_size_bytes, return_size_bytes), 8));

  // Now store all our arguments to the buffer.
  int param_index = 0;
@@ -2816,26 +2817,23 @@ void WasmGraphBuilder::BuildWasmInterpreterEntry(
    Node* param = Param(param_index++);
    if (Int64Lowering::IsI64AsTwoParameters(jsgraph()->machine(),
                                            sig->GetParam(i))) {
-      StoreRepresentation store_rep(wasm::kWasmI32,
-                                    WriteBarrierKind::kNoWriteBarrier);
-      *effect_ =
-          graph()->NewNode(jsgraph()->machine()->Store(store_rep), arg_buffer,
-                           Int32Constant(offset + kInt64LowerHalfMemoryOffset),
-                           param, *effect_, *control_);
+      int lower_half_offset = offset + kInt64LowerHalfMemoryOffset;
+      int upper_half_offset = offset + kInt64UpperHalfMemoryOffset;
+
+      *effect_ = graph()->NewNode(
+          GetSafeStoreOperator(lower_half_offset, wasm::kWasmI32), arg_buffer,
+          Int32Constant(lower_half_offset), param, *effect_, *control_);

      param = Param(param_index++);
-      *effect_ =
-          graph()->NewNode(jsgraph()->machine()->Store(store_rep), arg_buffer,
-                           Int32Constant(offset + kInt64UpperHalfMemoryOffset),
-                           param, *effect_, *control_);
+      *effect_ = graph()->NewNode(
+          GetSafeStoreOperator(upper_half_offset, wasm::kWasmI32), arg_buffer,
+          Int32Constant(upper_half_offset), param, *effect_, *control_);
      offset += 8;

    } else {
      MachineRepresentation param_rep = sig->GetParam(i);
-      StoreRepresentation store_rep(param_rep,
-                                    WriteBarrierKind::kNoWriteBarrier);
      *effect_ =
-          graph()->NewNode(jsgraph()->machine()->Store(store_rep), arg_buffer,
+          graph()->NewNode(GetSafeStoreOperator(offset, param_rep), arg_buffer,
                           Int32Constant(offset), param, *effect_, *control_);
      offset += 1 << ElementSizeLog2Of(param_rep);
    }
@@ -3020,6 +3018,18 @@ void WasmGraphBuilder::BoundsCheckMem(MachineType memtype, Node* index,
  TrapIfFalse(wasm::kTrapMemOutOfBounds, cond, position);
 }

+const Operator* WasmGraphBuilder::GetSafeStoreOperator(int offset,
+                                                       wasm::ValueType type) {
+  int alignment = offset % (1 << ElementSizeLog2Of(type));
+  if (alignment == 0 || jsgraph()->machine()->UnalignedStoreSupported(
+                            MachineType::TypeForRepresentation(type), 0)) {
+    StoreRepresentation rep(type, WriteBarrierKind::kNoWriteBarrier);
+    return jsgraph()->machine()->Store(rep);
+  }
+  UnalignedStoreRepresentation rep(type);
+  return jsgraph()->machine()->UnalignedStore(rep);
+}
+
 Node* WasmGraphBuilder::LoadMem(wasm::ValueType type, MachineType memtype,
                                Node* index, uint32_t offset,
                                uint32_t alignment,
@@ -3829,7 +3839,10 @@ Handle<Code> CompileWasmInterpreterEntry(Isolate* isolate, uint32_t func_index,
  Zone zone(isolate->allocator(), ZONE_NAME);
  Graph graph(&zone);
  CommonOperatorBuilder common(&zone);
-  MachineOperatorBuilder machine(&zone);
+  MachineOperatorBuilder machine(
+      &zone, MachineType::PointerRepresentation(),
+      InstructionSelector::SupportedMachineOperatorFlags(),
+      InstructionSelector::AlignmentRequirements());
  JSGraph jsgraph(isolate, &graph, &common, nullptr, nullptr, &machine);

  Node* control = nullptr;

--- a/src/compiler/wasm-compiler.h
+++ b/src/compiler/wasm-compiler.h
@@ -296,7 +296,7 @@ class WasmGraphBuilder {
  Node* MemBuffer(uint32_t offset);
  void BoundsCheckMem(MachineType memtype, Node* index, uint32_t offset,
                      wasm::WasmCodePosition position);
-
+  const Operator* GetSafeStoreOperator(int offset, wasm::ValueType type);
  Node* BuildChangeEndianness(Node* node, MachineType type,
                              wasm::ValueType wasmtype = wasm::kWasmStmt);