[ubsan] Use proper AssemblerOptions for Wasm Stubs

Pipeline::GenerateCodeForWasmNativeStub() currently does not pass
an Isolate to the PipelineData it creates, to ensure that compiled
code does not accidentally depend on a given Isolate. However, this
prevents the assembler from converting ExternalReference accesses to
RootArray offsets. This patch sets the corresponding AssemblerOption.

Bug: v8:3770
Change-Id: Ia4d5269e2e884a0af8abc6d122734f47db045ac0
Reviewed-on: https://chromium-review.googlesource.com/c/1404447Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58700}

src/compiler/wasm-compiler.cc

@@ -5545,7 +5545,7 @@ wasm::WasmCode* CompileWasmMathIntrinsic(Isolate* isolate,
 
   wasm::WasmCode* wasm_code = Pipeline::GenerateCodeForWasmNativeStub(
       isolate->wasm_engine(), call_descriptor, mcgraph, Code::WASM_FUNCTION,
-      wasm::WasmCode::kFunction, debug_name, AssemblerOptions::Default(isolate),
+      wasm::WasmCode::kFunction, debug_name, WasmStubAssemblerOptions(isolate),
       native_module, source_positions);
   CHECK_NOT_NULL(wasm_code);
   // TODO(titzer): add counters for math intrinsic code size / allocation
@@ -5606,7 +5606,7 @@ wasm::WasmCode* CompileWasmImportCallWrapper(Isolate* isolate,
   wasm::WasmCode* wasm_code = Pipeline::GenerateCodeForWasmNativeStub(
       isolate->wasm_engine(), incoming, &jsgraph, Code::WASM_TO_JS_FUNCTION,
       wasm::WasmCode::kWasmToJsWrapper, func_name,
-      AssemblerOptions::Default(isolate), native_module, source_position_table);
+      WasmStubAssemblerOptions(isolate), native_module, source_position_table);
   CHECK_NOT_NULL(wasm_code);
 
   return wasm_code;
@@ -5650,7 +5650,7 @@ wasm::WasmCode* CompileWasmInterpreterEntry(Isolate* isolate,
   wasm::WasmCode* wasm_code = Pipeline::GenerateCodeForWasmNativeStub(
       isolate->wasm_engine(), incoming, &jsgraph, Code::WASM_INTERPRETER_ENTRY,
       wasm::WasmCode::kInterpreterEntry, func_name.start(),
-      AssemblerOptions::Default(isolate), native_module);
+      WasmStubAssemblerOptions(isolate), native_module);
   CHECK_NOT_NULL(wasm_code);
 
   return wasm_code;
@@ -6057,6 +6057,15 @@ AssemblerOptions WasmAssemblerOptions() {
   return options;
 }
 
+AssemblerOptions WasmStubAssemblerOptions(Isolate* isolate) {
+  // TODO(mstarzinger): Figure out if this can be consolidated (either
+  // with Default(), or with WasmAssemblerOptions() above).
+  AssemblerOptions options = AssemblerOptions::Default(isolate);
+  options.enable_root_array_delta_access = false;
+  options.code_range_start = 0;
+  return options;
+}
+
 #undef WASM_64
 #undef FATAL_UNSUPPORTED_OPCODE
 #undef WASM_INSTANCE_OBJECT_SIZE

src/compiler/wasm-compiler.h

@@ -558,6 +558,7 @@ V8_EXPORT_PRIVATE CallDescriptor* GetI32WasmCallDescriptorForSimd(
     Zone* zone, CallDescriptor* call_descriptor);
 
 AssemblerOptions WasmAssemblerOptions();
+AssemblerOptions WasmStubAssemblerOptions(Isolate* isolate);
 
 }  // namespace compiler
 }  // namespace internal