From 8d19280a225578d9e831df2bb95a4b6e8c42b8ed Mon Sep 17 00:00:00 2001 From: Chris Fallin Date: Thu, 19 Oct 2023 12:54:44 -0700 Subject: [PATCH] PCC: draw the rest of the owl: fully-working PCC on hello-world Wasm on aarch64 (#7281) * PCC: draw the rest of the owl: fully-working PCC on hello-world Wasm on aarch64 This needed a bit more inference / magic than I was hoping for at first, specifically around constants and adds. Some instructions can now generate facts on their output registers, even if not stated. This breaks away from the "breadcrumbs" idea, but seems to be the most practical solution to a general problem that we have mini-lowering steps in various places without careful preservation of PCC facts. Two particular aspects: - Constants: amodes on aarch64 can decompose into new constant-generation instructions, and we need precise ranges on those to properly check them. To avoid making the ISLE rules nightmarish, it's best to reuse the existing semantics definitions of the Add* ALU insts, and add a few rules for MovK/MovZ/MovN. - Adds: similarly, amodes decompose into de-novo add instructions with no facts. To handle this, there's now a notion of "propagating" facts that cause an instruction with a propagating fact on the input to generate a fact on the output. Together, these heuristics mean that we'll eagerly generate a fact for `mem(mt0, 0, 0) + 8 -> mem(mt0, 8, 8)`, but we won't, for example, generate ranges on every single integer operation. With these changes and a few other misc fixes, this PR can now check a nontrivial "hello world" Wasm on aarch64 down to the machine-code level: ``` $ target/release/wasmtime compile -C enable-pcc=y ../wasm-tests/helloworld-rs.wasm ``` * Review feedback. --- cranelift/codegen/src/egraph.rs | 1 + cranelift/codegen/src/ir/dfg.rs | 24 +- cranelift/codegen/src/ir/pcc.rs | 154 +++++++++--- cranelift/codegen/src/isa/aarch64/lower.rs | 4 +- cranelift/codegen/src/isa/aarch64/pcc.rs | 225 ++++++++++++------ cranelift/codegen/src/machinst/compile.rs | 4 +- cranelift/codegen/src/machinst/lower.rs | 13 +- cranelift/codegen/src/machinst/vcode.rs | 6 + .../filetests/filetests/pcc/fail/opt.clif | 30 --- .../filetests/filetests/pcc/succeed/opt.clif | 39 ++- .../wasm/duplicate-loads-dynamic-memory.wat | 18 +- .../wasm/duplicate-loads-static-memory.wat | 12 +- ...re-access-same-index-different-offsets.wat | 62 ++--- ...re-access-same-index-different-offsets.wat | 58 ++--- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...o_spectre_i32_access_0xffff0000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...no_spectre_i8_access_0xffff0000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...s_spectre_i32_access_0xffff0000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...es_spectre_i8_access_0xffff0000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 12 +- ...o_spectre_i32_access_0xffff0000_offset.wat | 12 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 12 +- ...no_spectre_i8_access_0xffff0000_offset.wat | 12 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...s_spectre_i32_access_0xffff0000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...es_spectre_i8_access_0xffff0000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...o_spectre_i32_access_0xffff0000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...no_spectre_i8_access_0xffff0000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...s_spectre_i32_access_0xffff0000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...es_spectre_i8_access_0xffff0000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 12 +- ...o_spectre_i32_access_0xffff0000_offset.wat | 12 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 12 +- ...no_spectre_i8_access_0xffff0000_offset.wat | 12 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...s_spectre_i32_access_0xffff0000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...es_spectre_i8_access_0xffff0000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 14 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 14 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- ...rd_no_spectre_i32_access_0x1000_offset.wat | 14 +- ...ard_no_spectre_i8_access_0x1000_offset.wat | 14 +- ...d_yes_spectre_i32_access_0x1000_offset.wat | 20 +- ...rd_yes_spectre_i8_access_0x1000_offset.wat | 20 +- .../wasm/src/code_translator/bounds_checks.rs | 61 +++-- 63 files changed, 911 insertions(+), 588 deletions(-) delete mode 100644 cranelift/filetests/filetests/pcc/fail/opt.clif diff --git a/cranelift/codegen/src/egraph.rs b/cranelift/codegen/src/egraph.rs index 001687e65d8e..411300ed4a7b 100644 --- a/cranelift/codegen/src/egraph.rs +++ b/cranelift/codegen/src/egraph.rs @@ -353,6 +353,7 @@ where new_result ); self.value_to_opt_value[result] = new_result; + self.func.dfg.merge_facts(result, new_result); true } // Otherwise, generic side-effecting op -- always keep it, and diff --git a/cranelift/codegen/src/ir/dfg.rs b/cranelift/codegen/src/ir/dfg.rs index 411aa73bd8dc..501a7f0a4ef4 100644 --- a/cranelift/codegen/src/ir/dfg.rs +++ b/cranelift/codegen/src/ir/dfg.rs @@ -959,7 +959,13 @@ impl DataFlowGraph { // Get the controlling type variable. let ctrl_typevar = self.ctrl_typevar(inst); // Create new result values. - self.make_inst_results(new_inst, ctrl_typevar); + let num_results = self.make_inst_results(new_inst, ctrl_typevar); + // Copy over PCC facts, if any. + for i in 0..num_results { + let old_result = self.inst_results(inst)[i]; + let new_result = self.inst_results(new_inst)[i]; + self.facts[new_result] = self.facts[old_result].clone(); + } new_inst } @@ -1301,9 +1307,19 @@ impl DataFlowGraph { (None, Some(b)) => { self.facts[a] = Some(b.clone()); } - _ => { - self.facts[a] = Some(Fact::Conflict); - self.facts[b] = Some(Fact::Conflict); + (Some(a_fact), Some(b_fact)) => { + assert_eq!(self.value_type(a), self.value_type(b)); + let merged = Fact::intersect(a_fact, b_fact); + crate::trace!( + "facts merge on {} and {}: {:?}, {:?} -> {:?}", + a, + b, + a_fact, + b_fact, + merged, + ); + self.facts[a] = Some(merged.clone()); + self.facts[b] = Some(merged); } } } diff --git a/cranelift/codegen/src/ir/pcc.rs b/cranelift/codegen/src/ir/pcc.rs index b2efb1dc84c6..f2506e3ee519 100644 --- a/cranelift/codegen/src/ir/pcc.rs +++ b/cranelift/codegen/src/ir/pcc.rs @@ -82,7 +82,7 @@ use crate::ir; use crate::ir::types::*; use crate::isa::TargetIsa; -use crate::machinst::{BlockIndex, LowerBackend, MachInst, VCode}; +use crate::machinst::{BlockIndex, LowerBackend, VCode}; use crate::trace; use regalloc2::Function as _; use std::fmt; @@ -190,29 +190,43 @@ impl fmt::Display for Fact { } impl Fact { - /// Try to infer a minimal fact for a value of the given IR type. - pub fn infer_from_type(ty: ir::Type) -> Option<&'static Self> { - static FACTS: [Fact; 4] = [ - Fact::Range { - bit_width: 8, - min: 0, - max: u8::MAX as u64, - }, - Fact::Range { - bit_width: 16, - min: 0, - max: u16::MAX as u64, - }, - Fact::Range { - bit_width: 32, + /// Create a range fact that specifies a single known constant value. + pub fn constant(bit_width: u16, value: u64) -> Self { + debug_assert!(value <= max_value_for_width(bit_width)); + // `min` and `max` are inclusive, so this specifies a range of + // exactly one value. + Fact::Range { + bit_width, + min: value, + max: value, + } + } + + /// Create a range fact that specifies the maximum range for a + /// value of the given bit-width. + pub const fn max_range_for_width(bit_width: u16) -> Self { + match bit_width { + bit_width if bit_width < 64 => Fact::Range { + bit_width, min: 0, - max: u32::MAX as u64, + max: (1u64 << bit_width) - 1, }, - Fact::Range { + 64 => Fact::Range { bit_width: 64, min: 0, max: u64::MAX, }, + _ => panic!("bit width too large!"), + } + } + + /// Try to infer a minimal fact for a value of the given IR type. + pub fn infer_from_type(ty: ir::Type) -> Option<&'static Self> { + static FACTS: [Fact; 4] = [ + Fact::max_range_for_width(8), + Fact::max_range_for_width(16), + Fact::max_range_for_width(32), + Fact::max_range_for_width(64), ]; match ty { I8 => Some(&FACTS[0]), @@ -222,6 +236,80 @@ impl Fact { _ => None, } } + + /// Does this fact "propagate" automatically, i.e., cause + /// instructions that process it to infer their own output facts? + /// Not all facts propagate automatically; otherwise, verification + /// would be much slower. + pub fn propagates(&self) -> bool { + match self { + Fact::Mem { .. } => true, + _ => false, + } + } + + /// Is this a constant value of the given bitwidth? Return it as a + /// `Some(value)` if so. + pub fn as_const(&self, bits: u16) -> Option { + match self { + Fact::Range { + bit_width, + min, + max, + } if *bit_width == bits && min == max => Some(*min), + _ => None, + } + } + + /// Merge two facts. We take the *intersection*: that is, we know + /// both facts to be true, so we can intersect ranges. (This + /// differs from the usual static analysis approach, where we are + /// merging multiple possibilities into a generalized / widened + /// fact. We want to narrow here.) + pub fn intersect(a: &Fact, b: &Fact) -> Fact { + match (a, b) { + ( + Fact::Range { + bit_width: bw_lhs, + min: min_lhs, + max: max_lhs, + }, + Fact::Range { + bit_width: bw_rhs, + min: min_rhs, + max: max_rhs, + }, + ) if bw_lhs == bw_rhs && max_lhs >= min_rhs && max_rhs >= min_lhs => Fact::Range { + bit_width: *bw_lhs, + min: std::cmp::max(*min_lhs, *min_rhs), + max: std::cmp::min(*max_lhs, *max_rhs), + }, + + ( + Fact::Mem { + ty: ty_lhs, + min_offset: min_offset_lhs, + max_offset: max_offset_lhs, + }, + Fact::Mem { + ty: ty_rhs, + min_offset: min_offset_rhs, + max_offset: max_offset_rhs, + }, + ) if ty_lhs == ty_rhs + && max_offset_lhs >= min_offset_rhs + && max_offset_rhs >= min_offset_lhs => + { + Fact::Mem { + ty: *ty_lhs, + min_offset: std::cmp::max(*min_offset_lhs, *min_offset_rhs), + max_offset: std::cmp::min(*max_offset_lhs, *max_offset_rhs), + } + } + + _ => Fact::Conflict, + } + } } macro_rules! ensure { @@ -283,6 +371,23 @@ impl<'a> FactContext<'a> { bw_lhs == bw_rhs && max_lhs <= max_rhs && min_lhs >= min_rhs } + ( + Fact::Mem { + ty: ty_lhs, + min_offset: min_offset_lhs, + max_offset: max_offset_lhs, + }, + Fact::Mem { + ty: ty_rhs, + min_offset: min_offset_rhs, + max_offset: max_offset_rhs, + }, + ) => { + ty_lhs == ty_rhs + && max_offset_lhs <= max_offset_rhs + && min_offset_lhs >= min_offset_rhs + } + _ => false, } } @@ -497,6 +602,7 @@ impl<'a> FactContext<'a> { /// that this address accesses, if known, or `None` if the range /// doesn't constrain the access to exactly one location. fn check_address(&self, fact: &Fact, size: u32) -> PccResult> { + trace!("check_address: fact {:?} size {}", fact, size); match fact { Fact::Mem { ty, @@ -592,7 +698,7 @@ fn max_value_for_width(bits: u16) -> u64 { /// VCode. pub fn check_vcode_facts( f: &ir::Function, - vcode: &VCode, + vcode: &mut VCode, backend: &B, ) -> PccResult<()> { let ctx = FactContext::new(f, backend.triple().pointer_width().unwrap().bits().into()); @@ -602,14 +708,8 @@ pub fn check_vcode_facts( for block in 0..vcode.num_blocks() { let block = BlockIndex::new(block); for inst in vcode.block_insns(block).iter() { - if vcode.inst_defines_facts(inst) || vcode[inst].is_mem_access() { - // This instruction defines a register with a new fact, or - // has some side-effect we want to be careful to - // verify. We'll call into the backend to validate this - // fact with respect to the instruction and the input - // facts. - backend.check_fact(&ctx, vcode, &vcode[inst])?; - } + // Check any output facts on this inst. + backend.check_fact(&ctx, vcode, inst)?; // If this is a branch, check that all block arguments subsume // the assumed facts on the blockparams of successors. diff --git a/cranelift/codegen/src/isa/aarch64/lower.rs b/cranelift/codegen/src/isa/aarch64/lower.rs index 9a85e8fa1ac4..de428e0c4f3f 100644 --- a/cranelift/codegen/src/isa/aarch64/lower.rs +++ b/cranelift/codegen/src/isa/aarch64/lower.rs @@ -134,8 +134,8 @@ impl LowerBackend for AArch64Backend { fn check_fact( &self, ctx: &FactContext<'_>, - vcode: &VCode, - inst: &Self::MInst, + vcode: &mut VCode, + inst: InsnIndex, ) -> PccResult<()> { pcc::check(ctx, vcode, inst) } diff --git a/cranelift/codegen/src/isa/aarch64/pcc.rs b/cranelift/codegen/src/isa/aarch64/pcc.rs index 5c43ae0539e4..e1bb383829c1 100644 --- a/cranelift/codegen/src/isa/aarch64/pcc.rs +++ b/cranelift/codegen/src/isa/aarch64/pcc.rs @@ -5,11 +5,11 @@ use crate::ir::types::*; use crate::ir::MemFlags; use crate::ir::Type; use crate::isa::aarch64::inst::args::{PairAMode, ShiftOp}; -use crate::isa::aarch64::inst::ALUOp; use crate::isa::aarch64::inst::Inst; +use crate::isa::aarch64::inst::{ALUOp, MoveWideOp}; use crate::isa::aarch64::inst::{AMode, ExtendOp}; use crate::machinst::Reg; -use crate::machinst::VCode; +use crate::machinst::{InsnIndex, VCode}; use crate::trace; fn get_fact_or_default(vcode: &VCode, reg: Reg) -> PccResult<&Fact> { @@ -59,74 +59,137 @@ fn extend_fact(ctx: &FactContext, value: &Fact, mode: ExtendOp) -> Option } } -fn check_output PccResult>( +fn check_output) -> PccResult>( ctx: &FactContext, - vcode: &VCode, + vcode: &mut VCode, out: Reg, + ins: &[Reg], f: F, ) -> PccResult<()> { if let Some(fact) = vcode.vreg_fact(out.into()) { - let result = f()?; + let result = f(vcode)?; + check_subsumes(ctx, &result, fact) + } else if ins.iter().any(|r| { + vcode + .vreg_fact(r.into()) + .map(|fact| fact.propagates()) + .unwrap_or(false) + }) { + if let Ok(fact) = f(vcode) { + trace!("setting vreg {:?} to {:?}", out, fact); + vcode.set_vreg_fact(out.into(), fact); + } + Ok(()) + } else { + Ok(()) + } +} + +fn check_unop PccResult>( + ctx: &FactContext, + vcode: &mut VCode, + out: Reg, + ra: Reg, + f: F, +) -> PccResult<()> { + check_output(ctx, vcode, out, &[ra], |vcode| { + let ra = get_fact_or_default(vcode, ra)?; + f(ra) + }) +} + +fn check_binop PccResult>( + ctx: &FactContext, + vcode: &mut VCode, + out: Reg, + ra: Reg, + rb: Reg, + f: F, +) -> PccResult<()> { + check_output(ctx, vcode, out, &[ra, rb], |vcode| { + let ra = get_fact_or_default(vcode, ra)?; + let rb = get_fact_or_default(vcode, rb)?; + f(ra, rb) + }) +} + +fn check_constant( + ctx: &FactContext, + vcode: &mut VCode, + out: Reg, + bit_width: u16, + value: u64, +) -> PccResult<()> { + let result = Fact::constant(bit_width, value); + if let Some(fact) = vcode.vreg_fact(out.into()) { check_subsumes(ctx, &result, fact) } else { + trace!("setting vreg {:?} to {:?}", out, result); + vcode.set_vreg_fact(out.into(), result); Ok(()) } } -pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccResult<()> { - trace!("Checking facts on inst: {:?}", inst); +pub(crate) fn check( + ctx: &FactContext, + vcode: &mut VCode, + inst_idx: InsnIndex, +) -> PccResult<()> { + trace!("Checking facts on inst: {:?}", vcode[inst_idx]); - match inst { + match vcode[inst_idx] { Inst::Args { .. } => { // Defs on the args have "axiomatic facts": we trust the // ABI code to pass through the values unharmed, so the // facts given to us in the CLIF should still be true. Ok(()) } - Inst::ULoad8 { rd, mem, flags } | Inst::SLoad8 { rd, mem, flags } => { - check_load(&ctx, Some(rd.to_reg()), *flags, mem, vcode, I8) + Inst::ULoad8 { rd, ref mem, flags } | Inst::SLoad8 { rd, ref mem, flags } => { + check_load(&ctx, Some(rd.to_reg()), flags, mem, vcode, I8) } - Inst::ULoad16 { rd, mem, flags } | Inst::SLoad16 { rd, mem, flags } => { - check_load(&ctx, Some(rd.to_reg()), *flags, mem, vcode, I16) + Inst::ULoad16 { rd, ref mem, flags } | Inst::SLoad16 { rd, ref mem, flags } => { + check_load(&ctx, Some(rd.to_reg()), flags, mem, vcode, I16) } - Inst::ULoad32 { rd, mem, flags } | Inst::SLoad32 { rd, mem, flags } => { - check_load(&ctx, Some(rd.to_reg()), *flags, mem, vcode, I32) + Inst::ULoad32 { rd, ref mem, flags } | Inst::SLoad32 { rd, ref mem, flags } => { + check_load(&ctx, Some(rd.to_reg()), flags, mem, vcode, I32) } - Inst::ULoad64 { rd, mem, flags } => { - check_load(&ctx, Some(rd.to_reg()), *flags, mem, vcode, I64) + Inst::ULoad64 { rd, ref mem, flags } => { + check_load(&ctx, Some(rd.to_reg()), flags, mem, vcode, I64) } - Inst::FpuLoad32 { mem, flags, .. } => check_load(&ctx, None, *flags, mem, vcode, F32), - Inst::FpuLoad64 { mem, flags, .. } => check_load(&ctx, None, *flags, mem, vcode, F64), - Inst::FpuLoad128 { mem, flags, .. } => check_load(&ctx, None, *flags, mem, vcode, I8X16), - Inst::LoadP64 { mem, flags, .. } => check_load_pair(&ctx, *flags, mem, vcode, 16), - Inst::FpuLoadP64 { mem, flags, .. } => check_load_pair(&ctx, *flags, mem, vcode, 16), - Inst::FpuLoadP128 { mem, flags, .. } => check_load_pair(&ctx, *flags, mem, vcode, 32), + Inst::FpuLoad32 { ref mem, flags, .. } => check_load(&ctx, None, flags, mem, vcode, F32), + Inst::FpuLoad64 { ref mem, flags, .. } => check_load(&ctx, None, flags, mem, vcode, F64), + Inst::FpuLoad128 { ref mem, flags, .. } => check_load(&ctx, None, flags, mem, vcode, I8X16), + Inst::LoadP64 { ref mem, flags, .. } => check_load_pair(&ctx, flags, mem, vcode, 16), + Inst::FpuLoadP64 { ref mem, flags, .. } => check_load_pair(&ctx, flags, mem, vcode, 16), + Inst::FpuLoadP128 { ref mem, flags, .. } => check_load_pair(&ctx, flags, mem, vcode, 32), Inst::VecLoadReplicate { rn, flags, size, .. - } => check_load_addr(&ctx, *flags, *rn, vcode, size.lane_size().ty()), + } => check_load_addr(&ctx, flags, rn, vcode, size.lane_size().ty()), Inst::LoadAcquire { access_ty, rn, flags, .. - } => check_load_addr(&ctx, *flags, *rn, vcode, *access_ty), - - Inst::Store8 { rd, mem, flags } => check_store(&ctx, Some(*rd), *flags, mem, vcode, I8), - Inst::Store16 { rd, mem, flags } => check_store(&ctx, Some(*rd), *flags, mem, vcode, I16), - Inst::Store32 { rd, mem, flags } => check_store(&ctx, Some(*rd), *flags, mem, vcode, I32), - Inst::Store64 { rd, mem, flags } => check_store(&ctx, Some(*rd), *flags, mem, vcode, I64), - Inst::FpuStore32 { mem, flags, .. } => check_store(&ctx, None, *flags, mem, vcode, F32), - Inst::FpuStore64 { mem, flags, .. } => check_store(&ctx, None, *flags, mem, vcode, F64), - Inst::FpuStore128 { mem, flags, .. } => check_store(&ctx, None, *flags, mem, vcode, I8X16), - Inst::StoreP64 { mem, flags, .. } => check_store_pair(&ctx, *flags, mem, vcode, 16), - Inst::FpuStoreP64 { mem, flags, .. } => check_store_pair(&ctx, *flags, mem, vcode, 16), - Inst::FpuStoreP128 { mem, flags, .. } => check_store_pair(&ctx, *flags, mem, vcode, 32), + } => check_load_addr(&ctx, flags, rn, vcode, access_ty), + + Inst::Store8 { rd, ref mem, flags } => check_store(&ctx, Some(rd), flags, mem, vcode, I8), + Inst::Store16 { rd, ref mem, flags } => check_store(&ctx, Some(rd), flags, mem, vcode, I16), + Inst::Store32 { rd, ref mem, flags } => check_store(&ctx, Some(rd), flags, mem, vcode, I32), + Inst::Store64 { rd, ref mem, flags } => check_store(&ctx, Some(rd), flags, mem, vcode, I64), + Inst::FpuStore32 { ref mem, flags, .. } => check_store(&ctx, None, flags, mem, vcode, F32), + Inst::FpuStore64 { ref mem, flags, .. } => check_store(&ctx, None, flags, mem, vcode, F64), + Inst::FpuStore128 { ref mem, flags, .. } => { + check_store(&ctx, None, flags, mem, vcode, I8X16) + } + Inst::StoreP64 { ref mem, flags, .. } => check_store_pair(&ctx, flags, mem, vcode, 16), + Inst::FpuStoreP64 { ref mem, flags, .. } => check_store_pair(&ctx, flags, mem, vcode, 16), + Inst::FpuStoreP128 { ref mem, flags, .. } => check_store_pair(&ctx, flags, mem, vcode, 32), Inst::StoreRelease { access_ty, rn, flags, .. - } => check_store_addr(&ctx, *flags, *rn, vcode, *access_ty), + } => check_store_addr(&ctx, flags, rn, vcode, access_ty), Inst::AluRRR { alu_op: ALUOp::Add, @@ -134,9 +197,7 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR rd, rn, rm, - } => check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - let rm = get_fact_or_default(vcode, *rm)?; + } => check_binop(&ctx, vcode, rd.to_reg(), rn, rm, |rn, rm| { fail_if_missing(ctx.add(rn, rm, size.bits().into())) }), Inst::AluRRImm12 { @@ -145,13 +206,8 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR rd, rn, imm12, - } => check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - let imm_fact = Fact::Range { - bit_width: size.bits().into(), - min: imm12.value(), - max: imm12.value(), - }; + } => check_unop(&ctx, vcode, rd.to_reg(), rn, |rn| { + let imm_fact = Fact::constant(size.bits().into(), imm12.value()); fail_if_missing(ctx.add(&rn, &imm_fact, size.bits().into())) }), Inst::AluRRRShift { @@ -161,10 +217,8 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR rn, rm, shiftop, - } if shiftop.op() == ShiftOp::LSL && has_fact(vcode, *rn) && has_fact(vcode, *rm) => { - check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - let rm = get_fact_or_default(vcode, *rm)?; + } if shiftop.op() == ShiftOp::LSL && has_fact(vcode, rn) && has_fact(vcode, rm) => { + check_binop(&ctx, vcode, rd.to_reg(), rn, rm, |rn, rm| { let rm_shifted = fail_if_missing(ctx.shl( &rm, size.bits().into(), @@ -180,11 +234,9 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR rn, rm, extendop, - } if has_fact(vcode, *rn) && has_fact(vcode, *rm) => { - check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - let rm = get_fact_or_default(vcode, *rm)?; - let rm_extended = fail_if_missing(extend_fact(&ctx, rm, *extendop))?; + } if has_fact(vcode, rn) && has_fact(vcode, rm) => { + check_binop(&ctx, vcode, rd.to_reg(), rn, rm, |rn, rm| { + let rm_extended = fail_if_missing(extend_fact(&ctx, rm, extendop))?; fail_if_missing(ctx.add(&rn, &rm_extended, size.bits().into())) }) } @@ -194,21 +246,17 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR rd, rn, immshift, - } if has_fact(vcode, *rn) && has_fact(vcode, *rn) => { - check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - fail_if_missing(ctx.shl(&rn, size.bits().into(), immshift.value().into())) - }) - } + } if has_fact(vcode, rn) => check_unop(&ctx, vcode, rd.to_reg(), rn, |rn| { + fail_if_missing(ctx.shl(&rn, size.bits().into(), immshift.value().into())) + }), Inst::Extend { rd, rn, signed: false, from_bits, to_bits, - } if has_fact(vcode, *rn) => check_output(&ctx, vcode, rd.to_reg(), || { - let rn = get_fact_or_default(vcode, *rn)?; - fail_if_missing(ctx.uextend(&rn, (*from_bits).into(), (*to_bits).into())) + } if has_fact(vcode, rn) => check_unop(&ctx, vcode, rd.to_reg(), rn, |rn| { + fail_if_missing(ctx.uextend(&rn, from_bits.into(), to_bits.into())) }), Inst::AluRRR { size, rd, .. } | Inst::AluRRImm12 { rd, size, .. } @@ -218,18 +266,50 @@ pub(crate) fn check(ctx: &FactContext, vcode: &VCode, inst: &Inst) -> PccR | Inst::AluRRImmShift { rd, size, .. } => { // Any ALU op can validate a max-value fact where the // value is the maximum for its bit-width. - check_output(&ctx, vcode, rd.to_reg(), || { - Ok(Fact::Range { - bit_width: size.bits().into(), - min: 0, - max: size.max_value(), - }) + check_output(&ctx, vcode, rd.to_reg(), &[], |_vcode| { + Ok(Fact::max_range_for_width(size.bits().into())) }) } - i => { - panic!("Fact on unknown inst: {:?}", i); + Inst::MovWide { + op: MoveWideOp::MovZ, + imm, + size: _, + rd, + } => { + let constant = u64::from(imm.bits) << (imm.shift * 16); + check_constant(&ctx, vcode, rd.to_reg(), 64, constant) } + + Inst::MovWide { + op: MoveWideOp::MovN, + imm, + size, + rd, + } => { + let constant = !(u64::from(imm.bits) << (imm.shift * 16)) & size.max_value(); + check_constant(&ctx, vcode, rd.to_reg(), 64, constant) + } + + Inst::MovK { rd, rn, imm, .. } => { + let input = get_fact_or_default(vcode, rn)?; + trace!("MovK: input = {:?}", input); + if let Some(input_constant) = input.as_const(64) { + trace!(" -> input_constant: {}", input_constant); + let constant = u64::from(imm.bits) << (imm.shift * 16); + let constant = input_constant | constant; + trace!(" -> merged constant: {}", constant); + check_constant(&ctx, vcode, rd.to_reg(), 64, constant) + } else { + check_output(ctx, vcode, rd.to_reg(), &[], |_vcode| { + Ok(Fact::max_range_for_width(64)) + }) + } + } + + _ if vcode.inst_defines_facts(inst_idx) => Err(PccError::UnsupportedFact), + + _ => Ok(()), } } @@ -319,6 +399,7 @@ fn check_addr<'a>( let rn = get_fact_or_default(vcode, rn)?; let rm = get_fact_or_default(vcode, rm)?; let sum = fail_if_missing(ctx.add(&rn, &rm, 64))?; + trace!("rn = {rn:?} rm = {rm:?} sum = {sum:?}"); check(&sum, ty) } &AMode::RegScaled { rn, rm, ty } => { diff --git a/cranelift/codegen/src/machinst/compile.rs b/cranelift/codegen/src/machinst/compile.rs index 757c36a3fdcb..00b37821df8a 100644 --- a/cranelift/codegen/src/machinst/compile.rs +++ b/cranelift/codegen/src/machinst/compile.rs @@ -29,7 +29,7 @@ pub fn compile( let lower = crate::machinst::Lower::new(f, abi, emit_info, block_order, sigs)?; // Lower the IR. - let vcode = { + let mut vcode = { log::debug!( "Number of CLIF instructions to lower: {}", f.dfg.num_insts() @@ -49,7 +49,7 @@ pub fn compile( // Perform validation of proof-carrying-code facts, if requested. if b.flags().enable_pcc() { - pcc::check_vcode_facts(f, &vcode, b).map_err(CodegenError::Pcc)?; + pcc::check_vcode_facts(f, &mut vcode, b).map_err(CodegenError::Pcc)?; } // Perform register allocation. diff --git a/cranelift/codegen/src/machinst/lower.rs b/cranelift/codegen/src/machinst/lower.rs index 9268a5c5ad88..e3f591787ee3 100644 --- a/cranelift/codegen/src/machinst/lower.rs +++ b/cranelift/codegen/src/machinst/lower.rs @@ -15,9 +15,9 @@ use crate::ir::{ Value, ValueDef, ValueLabelAssignments, ValueLabelStart, }; use crate::machinst::{ - writable_value_regs, BlockIndex, BlockLoweringOrder, Callee, LoweredBlock, MachLabel, Reg, - SigSet, VCode, VCodeBuilder, VCodeConstant, VCodeConstantData, VCodeConstants, VCodeInst, - ValueRegs, Writable, + writable_value_regs, BlockIndex, BlockLoweringOrder, Callee, InsnIndex, LoweredBlock, + MachLabel, Reg, SigSet, VCode, VCodeBuilder, VCodeConstant, VCodeConstantData, VCodeConstants, + VCodeInst, ValueRegs, Writable, }; use crate::{trace, CodegenResult}; use alloc::vec::Vec; @@ -148,12 +148,13 @@ pub trait LowerBackend { } /// Check any facts about an instruction, given VCode with facts - /// on VRegs. + /// on VRegs. Takes mutable `VCode` so that it can propagate some + /// kinds of facts automatically. fn check_fact( &self, _ctx: &FactContext<'_>, - _vcode: &VCode, - _inst: &Self::MInst, + _vcode: &mut VCode, + _inst: InsnIndex, ) -> PccResult<()> { Err(PccError::UnimplementedBackend) } diff --git a/cranelift/codegen/src/machinst/vcode.rs b/cranelift/codegen/src/machinst/vcode.rs index cfb466d912be..3e76f394f116 100644 --- a/cranelift/codegen/src/machinst/vcode.rs +++ b/cranelift/codegen/src/machinst/vcode.rs @@ -1298,6 +1298,12 @@ impl VCode { self.facts[vreg.vreg()].as_ref() } + /// Set the fact for a given VReg. + pub fn set_vreg_fact(&mut self, vreg: VReg, fact: Fact) { + let vreg = self.resolve_vreg_alias(vreg); + self.facts[vreg.vreg()] = Some(fact); + } + /// Does a given instruction define any facts? pub fn inst_defines_facts(&self, inst: InsnIndex) -> bool { self.inst_operands(inst) diff --git a/cranelift/filetests/filetests/pcc/fail/opt.clif b/cranelift/filetests/filetests/pcc/fail/opt.clif deleted file mode 100644 index fa628583a34f..000000000000 --- a/cranelift/filetests/filetests/pcc/fail/opt.clif +++ /dev/null @@ -1,30 +0,0 @@ -test compile expect-fail -set enable_pcc=true -set opt_level=speed -target aarch64 - -;; Failed merge of two facts. -function %f0(i64, i32) { - mt0 = struct 4 { 0: i32 ! range(32, 1, 3) } - -block0(v0 ! mem(mt0, 0, 0): i64, v1 ! range(32, 0, 1): i32): - v2 ! range(32, 1, 1) = iconst.i32 1 - v3 ! range(32, 1, 2) = iadd.i32 v1, v2 - - v4 ! range(32, 1, 1) = iconst.i32 1 - v5 ! range(32, 1, 3) = iadd.i32 v1, v4 ;; should GVN onto v3. - - ;; v3/v5's facts should merge to `conflict`. Even though we *could* - ;; take the union of possible ranges, we don't; so even though the - ;; stored range *would* subsume the field's fact if we could - ;; compute it more precisely, here we should expect a failure. We - ;; can revisit this if we decide to admit lattice-meet merging - ;; later. - ;; - ;; (Note that we have to use both v3 and v5 here so one doesn't - ;; get DCE'd away before opt merges them.) - store.i32 checked v3, v0 - store.i32 checked v5, v0 - - return -} diff --git a/cranelift/filetests/filetests/pcc/succeed/opt.clif b/cranelift/filetests/filetests/pcc/succeed/opt.clif index cd1abebd950d..5e996aed2d04 100644 --- a/cranelift/filetests/filetests/pcc/succeed/opt.clif +++ b/cranelift/filetests/filetests/pcc/succeed/opt.clif @@ -22,7 +22,7 @@ block0(v0 ! mem(mt0, 0, 0): i64, v1: i32): } ;; GVN opportunity. -function %f0(i64, i32) -> i64 { +function %f1(i64, i32) -> i64 { ;; mock vmctx struct: mt0 = struct 8 { 0: i64 readonly ! mem(mt1, 0, 0) } ;; mock static memory: 4GiB range, plus 2GiB guard @@ -45,3 +45,40 @@ block0(v0 ! mem(mt0, 0, 0): i64, v1: i32): return v12 } + +;; RLE opportunity. +function %f2(i64, i32) -> i64 { + ;; mock vmctx struct: + mt0 = struct 8 { 0: i64 readonly ! mem(mt1, 0, 0) } + ;; mock static memory: 4GiB range, plus 2GiB guard + mt1 = memory 0x1_8000_0000 + +block0(v0 ! mem(mt0, 0, 0): i64, v1: i32): + v2 ! mem(mt1, 0, 0) = load.i64 checked notrap readonly aligned v0+0 + brif v1, block1, block2 + +block1: + v3 ! mem(mt1, 0, 0) = load.i64 checked notrap readonly aligned v0+0 + return v3 + +block2: + v4 ! mem(mt1, 0, 0) = load.i64 checked notrap readonly aligned v0+0 + return v4 +} + +function %f3(i64, i32) { + mt0 = struct 4 { 0: i32 ! range(32, 1, 3) } + +block0(v0 ! mem(mt0, 0, 0): i64, v1 ! range(32, 0, 1): i32): + v2 ! range(32, 1, 1) = iconst.i32 1 + v3 ! range(32, 1, 2) = iadd.i32 v1, v2 + + v4 ! range(32, 1, 1) = iconst.i32 1 + v5 ! range(32, 1, 3) = iadd.i32 v1, v4 ;; should GVN onto v3. + + ;; v3/v5's facts should merge to the narrower range. + store.i32 checked v3, v0 + store.i32 checked v5, v0 + + return +} diff --git a/cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory.wat b/cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory.wat index 915a8187a473..524f7eb83657 100644 --- a/cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory.wat +++ b/cranelift/filetests/filetests/wasm/duplicate-loads-dynamic-memory.wat @@ -73,23 +73,23 @@ ;; gv2 = load.i64 notrap aligned gv0 ;; ;; block0(v0: i32, v1: i64): -;; v22 -> v1 -;; v23 -> v1 +;; v24 -> v1 ;; v25 -> v1 ;; v26 -> v1 +;; v27 -> v1 ;; @0064 v5 = load.i64 notrap aligned v1+8 ;; @0064 v7 = load.i64 notrap aligned v1 ;; @0064 v4 = uextend.i64 v0 ;; @0064 v6 = icmp ugt v4, v5 -;; @0064 v10 = iconst.i64 0 +;; @0064 v11 = iconst.i64 0 ;; @0064 v8 = iadd v7, v4 -;; v24 = iconst.i64 1234 -;; @0064 v9 = iadd v8, v24 ; v24 = 1234 -;; @0064 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0064 v12 = load.i32 little heap v11 -;; v2 -> v12 +;; @0064 v9 = iconst.i64 1234 +;; @0064 v10 = iadd v8, v9 ; v9 = 1234 +;; @0064 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0064 v13 = load.i32 little heap v12 +;; v2 -> v13 ;; @006e jump block1 ;; ;; block1: -;; @006e return v12, v12 +;; @006e return v13, v13 ;; } diff --git a/cranelift/filetests/filetests/wasm/duplicate-loads-static-memory.wat b/cranelift/filetests/filetests/wasm/duplicate-loads-static-memory.wat index ec8b71033e89..c63173922333 100644 --- a/cranelift/filetests/filetests/wasm/duplicate-loads-static-memory.wat +++ b/cranelift/filetests/filetests/wasm/duplicate-loads-static-memory.wat @@ -61,17 +61,17 @@ ;; gv1 = load.i64 notrap aligned readonly gv0 ;; ;; block0(v0: i32, v1: i64): -;; v14 -> v1 ;; v16 -> v1 +;; v17 -> v1 ;; @0064 v5 = load.i64 notrap aligned readonly v1 ;; @0064 v4 = uextend.i64 v0 ;; @0064 v6 = iadd v5, v4 -;; v15 = iconst.i64 1234 -;; @0064 v7 = iadd v6, v15 ; v15 = 1234 -;; @0064 v8 = load.i32 little heap v7 -;; v2 -> v8 +;; @0064 v7 = iconst.i64 1234 +;; @0064 v8 = iadd v6, v7 ; v7 = 1234 +;; @0064 v9 = load.i32 little heap v8 +;; v2 -> v9 ;; @006e jump block1 ;; ;; block1: -;; @006e return v8, v8 +;; @006e return v9, v9 ;; } diff --git a/cranelift/filetests/filetests/wasm/dynamic-memory-no-spectre-access-same-index-different-offsets.wat b/cranelift/filetests/filetests/wasm/dynamic-memory-no-spectre-access-same-index-different-offsets.wat index 3d47fe4ddb29..f7f5f72bce6a 100644 --- a/cranelift/filetests/filetests/wasm/dynamic-memory-no-spectre-access-same-index-different-offsets.wat +++ b/cranelift/filetests/filetests/wasm/dynamic-memory-no-spectre-access-same-index-different-offsets.wat @@ -61,12 +61,12 @@ ;; gv2 = load.i64 notrap aligned gv0 ;; ;; block0(v0: i32, v1: i64): -;; v27 -> v1 -;; v28 -> v1 ;; v29 -> v1 ;; v30 -> v1 +;; v31 -> v1 ;; v32 -> v1 ;; v33 -> v1 +;; v34 -> v1 ;; @0047 v6 = load.i64 notrap aligned v1+8 ;; @0047 v5 = uextend.i64 v0 ;; @0047 v7 = icmp ugt v5, v6 @@ -86,29 +86,29 @@ ;; @004c trap heap_oob ;; ;; block5: -;; v31 = iconst.i64 4 -;; @004c v16 = iadd.i64 v9, v31 ; v31 = 4 -;; @004c v17 = load.i32 little heap v16 -;; v3 -> v17 -;; @0051 v19 = iconst.i64 0x0010_0003 -;; @0051 v20 = uadd_overflow_trap.i64 v5, v19, heap_oob ; v19 = 0x0010_0003 -;; @0051 v22 = icmp ugt v20, v6 -;; @0051 brif v22, block6, block7 +;; @004c v16 = iconst.i64 4 +;; @004c v17 = iadd.i64 v9, v16 ; v16 = 4 +;; @004c v18 = load.i32 little heap v17 +;; v3 -> v18 +;; @0051 v20 = iconst.i64 0x0010_0003 +;; @0051 v21 = uadd_overflow_trap.i64 v5, v20, heap_oob ; v20 = 0x0010_0003 +;; @0051 v23 = icmp ugt v21, v6 +;; @0051 brif v23, block6, block7 ;; ;; block6 cold: ;; @0051 trap heap_oob ;; ;; block7: -;; @0051 v23 = load.i64 notrap aligned v1 -;; @0051 v24 = iadd v23, v5 -;; v34 = iconst.i64 0x000f_ffff -;; @0051 v25 = iadd v24, v34 ; v34 = 0x000f_ffff -;; @0051 v26 = load.i32 little heap v25 -;; v4 -> v26 +;; @0051 v24 = load.i64 notrap aligned v1 +;; @0051 v25 = iadd v24, v5 +;; @0051 v26 = iconst.i64 0x000f_ffff +;; @0051 v27 = iadd v25, v26 ; v26 = 0x000f_ffff +;; @0051 v28 = load.i32 little heap v27 +;; v4 -> v28 ;; @0056 jump block1 ;; ;; block1: -;; @0056 return v10, v17, v26 +;; @0056 return v10, v18, v28 ;; } ;; ;; function u0:1(i32, i32, i32, i32, i64 vmctx) fast { @@ -117,12 +117,12 @@ ;; gv2 = load.i64 notrap aligned gv0 ;; ;; block0(v0: i32, v1: i32, v2: i32, v3: i32, v4: i64): -;; v24 -> v4 -;; v25 -> v4 ;; v26 -> v4 ;; v27 -> v4 +;; v28 -> v4 ;; v29 -> v4 ;; v30 -> v4 +;; v31 -> v4 ;; @005d v6 = load.i64 notrap aligned v4+8 ;; @005d v5 = uextend.i64 v0 ;; @005d v7 = icmp ugt v5, v6 @@ -141,23 +141,23 @@ ;; @0064 trap heap_oob ;; ;; block5: -;; v28 = iconst.i64 4 -;; @0064 v15 = iadd.i64 v9, v28 ; v28 = 4 -;; @0064 store.i32 little heap v2, v15 -;; @006b v17 = iconst.i64 0x0010_0003 -;; @006b v18 = uadd_overflow_trap.i64 v5, v17, heap_oob ; v17 = 0x0010_0003 -;; @006b v20 = icmp ugt v18, v6 -;; @006b brif v20, block6, block7 +;; @0064 v15 = iconst.i64 4 +;; @0064 v16 = iadd.i64 v9, v15 ; v15 = 4 +;; @0064 store.i32 little heap v2, v16 +;; @006b v18 = iconst.i64 0x0010_0003 +;; @006b v19 = uadd_overflow_trap.i64 v5, v18, heap_oob ; v18 = 0x0010_0003 +;; @006b v21 = icmp ugt v19, v6 +;; @006b brif v21, block6, block7 ;; ;; block6 cold: ;; @006b trap heap_oob ;; ;; block7: -;; @006b v21 = load.i64 notrap aligned v4 -;; @006b v22 = iadd v21, v5 -;; v31 = iconst.i64 0x000f_ffff -;; @006b v23 = iadd v22, v31 ; v31 = 0x000f_ffff -;; @006b store.i32 little heap v3, v23 +;; @006b v22 = load.i64 notrap aligned v4 +;; @006b v23 = iadd v22, v5 +;; @006b v24 = iconst.i64 0x000f_ffff +;; @006b v25 = iadd v23, v24 ; v24 = 0x000f_ffff +;; @006b store.i32 little heap v3, v25 ;; @0070 jump block1 ;; ;; block1: diff --git a/cranelift/filetests/filetests/wasm/dynamic-memory-yes-spectre-access-same-index-different-offsets.wat b/cranelift/filetests/filetests/wasm/dynamic-memory-yes-spectre-access-same-index-different-offsets.wat index a509d268fffc..55e4b6b67f7f 100644 --- a/cranelift/filetests/filetests/wasm/dynamic-memory-yes-spectre-access-same-index-different-offsets.wat +++ b/cranelift/filetests/filetests/wasm/dynamic-memory-yes-spectre-access-same-index-different-offsets.wat @@ -61,12 +61,12 @@ ;; gv2 = load.i64 notrap aligned gv0 ;; ;; block0(v0: i32, v1: i64): -;; v33 -> v1 -;; v34 -> v1 ;; v35 -> v1 ;; v36 -> v1 +;; v37 -> v1 ;; v38 -> v1 ;; v39 -> v1 +;; v40 -> v1 ;; @0047 v6 = load.i64 notrap aligned v1+8 ;; @0047 v8 = load.i64 notrap aligned v1 ;; @0047 v5 = uextend.i64 v0 @@ -76,23 +76,23 @@ ;; @0047 v11 = select_spectre_guard v7, v10, v9 ; v10 = 0 ;; @0047 v12 = load.i32 little heap v11 ;; v2 -> v12 -;; v37 = iconst.i64 4 -;; @004c v18 = iadd v9, v37 ; v37 = 4 -;; @004c v20 = select_spectre_guard v7, v10, v18 ; v10 = 0 -;; @004c v21 = load.i32 little heap v20 -;; v3 -> v21 -;; @0051 v23 = iconst.i64 0x0010_0003 -;; @0051 v24 = uadd_overflow_trap v5, v23, heap_oob ; v23 = 0x0010_0003 -;; @0051 v26 = icmp ugt v24, v6 -;; v40 = iconst.i64 0x000f_ffff -;; @0051 v29 = iadd v9, v40 ; v40 = 0x000f_ffff -;; @0051 v31 = select_spectre_guard v26, v10, v29 ; v10 = 0 -;; @0051 v32 = load.i32 little heap v31 -;; v4 -> v32 +;; @004c v18 = iconst.i64 4 +;; @004c v19 = iadd v9, v18 ; v18 = 4 +;; @004c v21 = select_spectre_guard v7, v10, v19 ; v10 = 0 +;; @004c v22 = load.i32 little heap v21 +;; v3 -> v22 +;; @0051 v24 = iconst.i64 0x0010_0003 +;; @0051 v25 = uadd_overflow_trap v5, v24, heap_oob ; v24 = 0x0010_0003 +;; @0051 v27 = icmp ugt v25, v6 +;; @0051 v30 = iconst.i64 0x000f_ffff +;; @0051 v31 = iadd v9, v30 ; v30 = 0x000f_ffff +;; @0051 v33 = select_spectre_guard v27, v10, v31 ; v10 = 0 +;; @0051 v34 = load.i32 little heap v33 +;; v4 -> v34 ;; @0056 jump block1 ;; ;; block1: -;; @0056 return v12, v21, v32 +;; @0056 return v12, v22, v34 ;; } ;; ;; function u0:1(i32, i32, i32, i32, i64 vmctx) fast { @@ -101,12 +101,12 @@ ;; gv2 = load.i64 notrap aligned gv0 ;; ;; block0(v0: i32, v1: i32, v2: i32, v3: i32, v4: i64): -;; v30 -> v4 -;; v31 -> v4 ;; v32 -> v4 ;; v33 -> v4 +;; v34 -> v4 ;; v35 -> v4 ;; v36 -> v4 +;; v37 -> v4 ;; @005d v6 = load.i64 notrap aligned v4+8 ;; @005d v8 = load.i64 notrap aligned v4 ;; @005d v5 = uextend.i64 v0 @@ -115,17 +115,17 @@ ;; @005d v9 = iadd v8, v5 ;; @005d v11 = select_spectre_guard v7, v10, v9 ; v10 = 0 ;; @005d store little heap v1, v11 -;; v34 = iconst.i64 4 -;; @0064 v17 = iadd v9, v34 ; v34 = 4 -;; @0064 v19 = select_spectre_guard v7, v10, v17 ; v10 = 0 -;; @0064 store little heap v2, v19 -;; @006b v21 = iconst.i64 0x0010_0003 -;; @006b v22 = uadd_overflow_trap v5, v21, heap_oob ; v21 = 0x0010_0003 -;; @006b v24 = icmp ugt v22, v6 -;; v37 = iconst.i64 0x000f_ffff -;; @006b v27 = iadd v9, v37 ; v37 = 0x000f_ffff -;; @006b v29 = select_spectre_guard v24, v10, v27 ; v10 = 0 -;; @006b store little heap v3, v29 +;; @0064 v17 = iconst.i64 4 +;; @0064 v18 = iadd v9, v17 ; v17 = 4 +;; @0064 v20 = select_spectre_guard v7, v10, v18 ; v10 = 0 +;; @0064 store little heap v2, v20 +;; @006b v22 = iconst.i64 0x0010_0003 +;; @006b v23 = uadd_overflow_trap v5, v22, heap_oob ; v22 = 0x0010_0003 +;; @006b v25 = icmp ugt v23, v6 +;; @006b v28 = iconst.i64 0x000f_ffff +;; @006b v29 = iadd v9, v28 ; v28 = 0x000f_ffff +;; @006b v31 = select_spectre_guard v25, v10, v29 ; v10 = 0 +;; @006b store little heap v3, v31 ;; @0070 jump block1 ;; ;; block1: diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat index 6311eff510f4..ba6614b910e1 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat @@ -52,8 +52,9 @@ ;; @0040 trapnz v6, heap_oob ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v3 -;; @0040 v9 = iadd_imm v8, 4096 -;; @0040 store little heap v1, v9 +;; @0040 v9 = iconst.i64 4096 +;; @0040 v10 = iadd v8, v9 ; v9 = 4096 +;; @0040 store little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -73,10 +74,11 @@ ;; @0049 trapnz v6, heap_oob ;; @0049 v7 = global_value.i64 gv2 ;; @0049 v8 = iadd v7, v3 -;; @0049 v9 = iadd_imm v8, 4096 -;; @0049 v10 = load.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v9 = iconst.i64 4096 +;; @0049 v10 = iadd v8, v9 ; v9 = 4096 +;; @0049 v11 = load.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat index 0e5e00017750..04da18209042 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat @@ -53,8 +53,9 @@ ;; @0040 trapnz v7, heap_oob ;; @0040 v8 = global_value.i64 gv2 ;; @0040 v9 = iadd v8, v3 -;; @0040 v10 = iadd_imm v9, 0xffff_0000 -;; @0040 store little heap v1, v10 +;; @0040 v10 = iconst.i64 0xffff_0000 +;; @0040 v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @0040 store little heap v1, v11 ;; @0047 jump block1 ;; ;; block1: @@ -75,10 +76,11 @@ ;; @004c trapnz v7, heap_oob ;; @004c v8 = global_value.i64 gv2 ;; @004c v9 = iadd v8, v3 -;; @004c v10 = iadd_imm v9, 0xffff_0000 -;; @004c v11 = load.i32 little heap v10 -;; @0053 jump block1(v11) +;; @004c v10 = iconst.i64 0xffff_0000 +;; @004c v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @004c v12 = load.i32 little heap v11 +;; @0053 jump block1(v12) ;; ;; block1(v2: i32): ;; @0053 return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat index 7868f17e506d..de4cac40c0a1 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat @@ -52,8 +52,9 @@ ;; @0040 trapnz v6, heap_oob ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v3 -;; @0040 v9 = iadd_imm v8, 4096 -;; @0040 istore8 little heap v1, v9 +;; @0040 v9 = iconst.i64 4096 +;; @0040 v10 = iadd v8, v9 ; v9 = 4096 +;; @0040 istore8 little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -73,10 +74,11 @@ ;; @0049 trapnz v6, heap_oob ;; @0049 v7 = global_value.i64 gv2 ;; @0049 v8 = iadd v7, v3 -;; @0049 v9 = iadd_imm v8, 4096 -;; @0049 v10 = uload8.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v9 = iconst.i64 4096 +;; @0049 v10 = iadd v8, v9 ; v9 = 4096 +;; @0049 v11 = uload8.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat index d678f9f53be9..b44a5c824111 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat @@ -53,8 +53,9 @@ ;; @0040 trapnz v7, heap_oob ;; @0040 v8 = global_value.i64 gv2 ;; @0040 v9 = iadd v8, v3 -;; @0040 v10 = iadd_imm v9, 0xffff_0000 -;; @0040 istore8 little heap v1, v10 +;; @0040 v10 = iconst.i64 0xffff_0000 +;; @0040 v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @0040 istore8 little heap v1, v11 ;; @0047 jump block1 ;; ;; block1: @@ -75,10 +76,11 @@ ;; @004c trapnz v7, heap_oob ;; @004c v8 = global_value.i64 gv2 ;; @004c v9 = iadd v8, v3 -;; @004c v10 = iadd_imm v9, 0xffff_0000 -;; @004c v11 = uload8.i32 little heap v10 -;; @0053 jump block1(v11) +;; @004c v10 = iconst.i64 0xffff_0000 +;; @004c v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @004c v12 = uload8.i32 little heap v11 +;; @0053 jump block1(v12) ;; ;; block1(v2: i32): ;; @0053 return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat index d87ec248c314..c5388cfa1092 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -51,10 +51,11 @@ ;; @0040 v6 = icmp ugt v3, v5 ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v3 -;; @0040 v9 = iadd_imm v8, 4096 -;; @0040 v10 = iconst.i64 0 -;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0040 store little heap v1, v11 +;; @0040 v9 = iconst.i64 4096 +;; @0040 v10 = iadd v8, v9 ; v9 = 4096 +;; @0040 v11 = iconst.i64 0 +;; @0040 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0040 store little heap v1, v12 ;; @0044 jump block1 ;; ;; block1: @@ -73,11 +74,12 @@ ;; @0049 v6 = icmp ugt v3, v5 ;; @0049 v7 = global_value.i64 gv2 ;; @0049 v8 = iadd v7, v3 -;; @0049 v9 = iadd_imm v8, 4096 -;; @0049 v10 = iconst.i64 0 -;; @0049 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0049 v12 = load.i32 little heap v11 -;; @004d jump block1(v12) +;; @0049 v9 = iconst.i64 4096 +;; @0049 v10 = iadd v8, v9 ; v9 = 4096 +;; @0049 v11 = iconst.i64 0 +;; @0049 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0049 v13 = load.i32 little heap v12 +;; @004d jump block1(v13) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat index 3f41ddeb92fe..3721500f77e0 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat @@ -52,10 +52,11 @@ ;; @0040 v7 = icmp ugt v5, v6 ;; @0040 v8 = global_value.i64 gv2 ;; @0040 v9 = iadd v8, v3 -;; @0040 v10 = iadd_imm v9, 0xffff_0000 -;; @0040 v11 = iconst.i64 0 -;; @0040 v12 = select_spectre_guard v7, v11, v10 ; v11 = 0 -;; @0040 store little heap v1, v12 +;; @0040 v10 = iconst.i64 0xffff_0000 +;; @0040 v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @0040 v12 = iconst.i64 0 +;; @0040 v13 = select_spectre_guard v7, v12, v11 ; v12 = 0 +;; @0040 store little heap v1, v13 ;; @0047 jump block1 ;; ;; block1: @@ -75,11 +76,12 @@ ;; @004c v7 = icmp ugt v5, v6 ;; @004c v8 = global_value.i64 gv2 ;; @004c v9 = iadd v8, v3 -;; @004c v10 = iadd_imm v9, 0xffff_0000 -;; @004c v11 = iconst.i64 0 -;; @004c v12 = select_spectre_guard v7, v11, v10 ; v11 = 0 -;; @004c v13 = load.i32 little heap v12 -;; @0053 jump block1(v13) +;; @004c v10 = iconst.i64 0xffff_0000 +;; @004c v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @004c v12 = iconst.i64 0 +;; @004c v13 = select_spectre_guard v7, v12, v11 ; v12 = 0 +;; @004c v14 = load.i32 little heap v13 +;; @0053 jump block1(v14) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat index 05f55e95069b..5cc8031797ba 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -51,10 +51,11 @@ ;; @0040 v6 = icmp ugt v3, v5 ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v3 -;; @0040 v9 = iadd_imm v8, 4096 -;; @0040 v10 = iconst.i64 0 -;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0040 istore8 little heap v1, v11 +;; @0040 v9 = iconst.i64 4096 +;; @0040 v10 = iadd v8, v9 ; v9 = 4096 +;; @0040 v11 = iconst.i64 0 +;; @0040 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0040 istore8 little heap v1, v12 ;; @0044 jump block1 ;; ;; block1: @@ -73,11 +74,12 @@ ;; @0049 v6 = icmp ugt v3, v5 ;; @0049 v7 = global_value.i64 gv2 ;; @0049 v8 = iadd v7, v3 -;; @0049 v9 = iadd_imm v8, 4096 -;; @0049 v10 = iconst.i64 0 -;; @0049 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0049 v12 = uload8.i32 little heap v11 -;; @004d jump block1(v12) +;; @0049 v9 = iconst.i64 4096 +;; @0049 v10 = iadd v8, v9 ; v9 = 4096 +;; @0049 v11 = iconst.i64 0 +;; @0049 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0049 v13 = uload8.i32 little heap v12 +;; @004d jump block1(v13) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat index 5da9f16544d3..0853765ff767 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat @@ -52,10 +52,11 @@ ;; @0040 v7 = icmp ugt v5, v6 ;; @0040 v8 = global_value.i64 gv2 ;; @0040 v9 = iadd v8, v3 -;; @0040 v10 = iadd_imm v9, 0xffff_0000 -;; @0040 v11 = iconst.i64 0 -;; @0040 v12 = select_spectre_guard v7, v11, v10 ; v11 = 0 -;; @0040 istore8 little heap v1, v12 +;; @0040 v10 = iconst.i64 0xffff_0000 +;; @0040 v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @0040 v12 = iconst.i64 0 +;; @0040 v13 = select_spectre_guard v7, v12, v11 ; v12 = 0 +;; @0040 istore8 little heap v1, v13 ;; @0047 jump block1 ;; ;; block1: @@ -75,11 +76,12 @@ ;; @004c v7 = icmp ugt v5, v6 ;; @004c v8 = global_value.i64 gv2 ;; @004c v9 = iadd v8, v3 -;; @004c v10 = iadd_imm v9, 0xffff_0000 -;; @004c v11 = iconst.i64 0 -;; @004c v12 = select_spectre_guard v7, v11, v10 ; v11 = 0 -;; @004c v13 = uload8.i32 little heap v12 -;; @0053 jump block1(v13) +;; @004c v10 = iconst.i64 0xffff_0000 +;; @004c v11 = iadd v9, v10 ; v10 = 0xffff_0000 +;; @004c v12 = iconst.i64 0 +;; @004c v13 = select_spectre_guard v7, v12, v11 ; v12 = 0 +;; @004c v14 = uload8.i32 little heap v13 +;; @0053 jump block1(v14) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat index 830fcdb0e5d0..7d4d75a61e55 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 store little heap v1, v8 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 store little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -71,9 +72,10 @@ ;; @0049 trapnz v5, heap_oob ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v3 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = load.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = load.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat index 56f3565d164f..1d9c4bd0629c 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 0xffff_0000 -;; @0040 store little heap v1, v8 +;; @0040 v8 = iconst.i64 0xffff_0000 +;; @0040 v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @0040 store little heap v1, v9 ;; @0047 jump block1 ;; ;; block1: @@ -71,9 +72,10 @@ ;; @004c trapnz v5, heap_oob ;; @004c v6 = global_value.i64 gv2 ;; @004c v7 = iadd v6, v3 -;; @004c v8 = iadd_imm v7, 0xffff_0000 -;; @004c v9 = load.i32 little heap v8 -;; @0053 jump block1(v9) +;; @004c v8 = iconst.i64 0xffff_0000 +;; @004c v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @004c v10 = load.i32 little heap v9 +;; @0053 jump block1(v10) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat index 72a89f431d4c..c9f0c46a6e0e 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 istore8 little heap v1, v8 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 istore8 little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -71,9 +72,10 @@ ;; @0049 trapnz v5, heap_oob ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v3 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = uload8.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = uload8.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat index ea033f97e078..ada084d03a55 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 0xffff_0000 -;; @0040 istore8 little heap v1, v8 +;; @0040 v8 = iconst.i64 0xffff_0000 +;; @0040 v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @0040 istore8 little heap v1, v9 ;; @0047 jump block1 ;; ;; block1: @@ -71,9 +72,10 @@ ;; @004c trapnz v5, heap_oob ;; @004c v6 = global_value.i64 gv2 ;; @004c v7 = iadd v6, v3 -;; @004c v8 = iadd_imm v7, 0xffff_0000 -;; @004c v9 = uload8.i32 little heap v8 -;; @0053 jump block1(v9) +;; @004c v8 = iconst.i64 0xffff_0000 +;; @004c v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @004c v10 = uload8.i32 little heap v9 +;; @0053 jump block1(v10) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat index 7735b88823b4..84ca6ae1f2b7 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v3, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 store little heap v1, v10 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 store little heap v1, v11 ;; @0044 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @0049 v5 = icmp ugt v3, v4 ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v3 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = iconst.i64 0 -;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0049 v11 = load.i32 little heap v10 -;; @004d jump block1(v11) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = iconst.i64 0 +;; @0049 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0049 v12 = load.i32 little heap v11 +;; @004d jump block1(v12) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat index 0f6b07a13d8d..6921e49b2dae 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v3, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 0xffff_0000 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 store little heap v1, v10 +;; @0040 v8 = iconst.i64 0xffff_0000 +;; @0040 v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 store little heap v1, v11 ;; @0047 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @004c v5 = icmp ugt v3, v4 ;; @004c v6 = global_value.i64 gv2 ;; @004c v7 = iadd v6, v3 -;; @004c v8 = iadd_imm v7, 0xffff_0000 -;; @004c v9 = iconst.i64 0 -;; @004c v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @004c v11 = load.i32 little heap v10 -;; @0053 jump block1(v11) +;; @004c v8 = iconst.i64 0xffff_0000 +;; @004c v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @004c v10 = iconst.i64 0 +;; @004c v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @004c v12 = load.i32 little heap v11 +;; @0053 jump block1(v12) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat index 4c00fe0b8181..26324e58fcfa 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v3, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 istore8 little heap v1, v10 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 istore8 little heap v1, v11 ;; @0044 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @0049 v5 = icmp ugt v3, v4 ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v3 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = iconst.i64 0 -;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0049 v11 = uload8.i32 little heap v10 -;; @004d jump block1(v11) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = iconst.i64 0 +;; @0049 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0049 v12 = uload8.i32 little heap v11 +;; @004d jump block1(v12) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat index 8f44855404ab..9078e96e10f3 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v3, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v3 -;; @0040 v8 = iadd_imm v7, 0xffff_0000 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 istore8 little heap v1, v10 +;; @0040 v8 = iconst.i64 0xffff_0000 +;; @0040 v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 istore8 little heap v1, v11 ;; @0047 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @004c v5 = icmp ugt v3, v4 ;; @004c v6 = global_value.i64 gv2 ;; @004c v7 = iadd v6, v3 -;; @004c v8 = iadd_imm v7, 0xffff_0000 -;; @004c v9 = iconst.i64 0 -;; @004c v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @004c v11 = uload8.i32 little heap v10 -;; @0053 jump block1(v11) +;; @004c v8 = iconst.i64 0xffff_0000 +;; @004c v9 = iadd v7, v8 ; v8 = 0xffff_0000 +;; @004c v10 = iconst.i64 0 +;; @004c v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @004c v12 = uload8.i32 little heap v11 +;; @0053 jump block1(v12) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat index 48d3c4cdb9b4..9bc1d64eb434 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v0 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 store little heap v1, v8 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 store little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -71,10 +72,11 @@ ;; @0049 trapnz v5, heap_oob ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v0 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = load.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = load.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat index 2818830f2e5e..ac003b4f3caa 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i32_access_0xffff0000_offset.wat @@ -52,8 +52,9 @@ ;; @0040 trapnz v6, heap_oob ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v0 -;; @0040 v9 = iadd_imm v8, 0xffff_0000 -;; @0040 store little heap v1, v9 +;; @0040 v9 = iconst.i64 0xffff_0000 +;; @0040 v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @0040 store little heap v1, v10 ;; @0047 jump block1 ;; ;; block1: @@ -73,10 +74,11 @@ ;; @004c trapnz v6, heap_oob ;; @004c v7 = global_value.i64 gv2 ;; @004c v8 = iadd v7, v0 -;; @004c v9 = iadd_imm v8, 0xffff_0000 -;; @004c v10 = load.i32 little heap v9 -;; @0053 jump block1(v10) +;; @004c v9 = iconst.i64 0xffff_0000 +;; @004c v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @004c v11 = load.i32 little heap v10 +;; @0053 jump block1(v11) ;; ;; block1(v2: i32): ;; @0053 return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat index fe99a3a69a27..f520713d21dc 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat @@ -51,8 +51,9 @@ ;; @0040 trapnz v5, heap_oob ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v0 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 istore8 little heap v1, v8 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 istore8 little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -71,10 +72,11 @@ ;; @0049 trapnz v5, heap_oob ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v0 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = uload8.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = uload8.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat index dfffbffa10a9..cbcebcb4e22d 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_no_spectre_i8_access_0xffff0000_offset.wat @@ -52,8 +52,9 @@ ;; @0040 trapnz v6, heap_oob ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v0 -;; @0040 v9 = iadd_imm v8, 0xffff_0000 -;; @0040 istore8 little heap v1, v9 +;; @0040 v9 = iconst.i64 0xffff_0000 +;; @0040 v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @0040 istore8 little heap v1, v10 ;; @0047 jump block1 ;; ;; block1: @@ -73,10 +74,11 @@ ;; @004c trapnz v6, heap_oob ;; @004c v7 = global_value.i64 gv2 ;; @004c v8 = iadd v7, v0 -;; @004c v9 = iadd_imm v8, 0xffff_0000 -;; @004c v10 = uload8.i32 little heap v9 -;; @0053 jump block1(v10) +;; @004c v9 = iconst.i64 0xffff_0000 +;; @004c v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @004c v11 = uload8.i32 little heap v10 +;; @0053 jump block1(v11) ;; ;; block1(v2: i32): ;; @0053 return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat index 4c7f300166e6..4b9aa76fa29b 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v0, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v0 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 store little heap v1, v10 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 store little heap v1, v11 ;; @0044 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @0049 v5 = icmp ugt v0, v4 ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v0 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = iconst.i64 0 -;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0049 v11 = load.i32 little heap v10 -;; @004d jump block1(v11) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = iconst.i64 0 +;; @0049 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0049 v12 = load.i32 little heap v11 +;; @004d jump block1(v12) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat index fc82ac16b563..57a261728359 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i32_access_0xffff0000_offset.wat @@ -51,10 +51,11 @@ ;; @0040 v6 = icmp ugt v4, v5 ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v0 -;; @0040 v9 = iadd_imm v8, 0xffff_0000 -;; @0040 v10 = iconst.i64 0 -;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0040 store little heap v1, v11 +;; @0040 v9 = iconst.i64 0xffff_0000 +;; @0040 v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @0040 v11 = iconst.i64 0 +;; @0040 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0040 store little heap v1, v12 ;; @0047 jump block1 ;; ;; block1: @@ -73,11 +74,12 @@ ;; @004c v6 = icmp ugt v4, v5 ;; @004c v7 = global_value.i64 gv2 ;; @004c v8 = iadd v7, v0 -;; @004c v9 = iadd_imm v8, 0xffff_0000 -;; @004c v10 = iconst.i64 0 -;; @004c v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @004c v12 = load.i32 little heap v11 -;; @0053 jump block1(v12) +;; @004c v9 = iconst.i64 0xffff_0000 +;; @004c v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @004c v11 = iconst.i64 0 +;; @004c v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @004c v13 = load.i32 little heap v12 +;; @0053 jump block1(v13) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat index c68c778f8789..277bcdc2e02c 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -50,10 +50,11 @@ ;; @0040 v5 = icmp ugt v0, v4 ;; @0040 v6 = global_value.i64 gv2 ;; @0040 v7 = iadd v6, v0 -;; @0040 v8 = iadd_imm v7, 4096 -;; @0040 v9 = iconst.i64 0 -;; @0040 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0040 istore8 little heap v1, v10 +;; @0040 v8 = iconst.i64 4096 +;; @0040 v9 = iadd v7, v8 ; v8 = 4096 +;; @0040 v10 = iconst.i64 0 +;; @0040 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0040 istore8 little heap v1, v11 ;; @0044 jump block1 ;; ;; block1: @@ -71,11 +72,12 @@ ;; @0049 v5 = icmp ugt v0, v4 ;; @0049 v6 = global_value.i64 gv2 ;; @0049 v7 = iadd v6, v0 -;; @0049 v8 = iadd_imm v7, 4096 -;; @0049 v9 = iconst.i64 0 -;; @0049 v10 = select_spectre_guard v5, v9, v8 ; v9 = 0 -;; @0049 v11 = uload8.i32 little heap v10 -;; @004d jump block1(v11) +;; @0049 v8 = iconst.i64 4096 +;; @0049 v9 = iadd v7, v8 ; v8 = 4096 +;; @0049 v10 = iconst.i64 0 +;; @0049 v11 = select_spectre_guard v5, v10, v9 ; v10 = 0 +;; @0049 v12 = uload8.i32 little heap v11 +;; @004d jump block1(v12) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat index 694152664d8b..78b07266e53f 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0_guard_yes_spectre_i8_access_0xffff0000_offset.wat @@ -51,10 +51,11 @@ ;; @0040 v6 = icmp ugt v4, v5 ;; @0040 v7 = global_value.i64 gv2 ;; @0040 v8 = iadd v7, v0 -;; @0040 v9 = iadd_imm v8, 0xffff_0000 -;; @0040 v10 = iconst.i64 0 -;; @0040 v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @0040 istore8 little heap v1, v11 +;; @0040 v9 = iconst.i64 0xffff_0000 +;; @0040 v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @0040 v11 = iconst.i64 0 +;; @0040 v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @0040 istore8 little heap v1, v12 ;; @0047 jump block1 ;; ;; block1: @@ -73,11 +74,12 @@ ;; @004c v6 = icmp ugt v4, v5 ;; @004c v7 = global_value.i64 gv2 ;; @004c v8 = iadd v7, v0 -;; @004c v9 = iadd_imm v8, 0xffff_0000 -;; @004c v10 = iconst.i64 0 -;; @004c v11 = select_spectre_guard v6, v10, v9 ; v10 = 0 -;; @004c v12 = uload8.i32 little heap v11 -;; @0053 jump block1(v12) +;; @004c v9 = iconst.i64 0xffff_0000 +;; @004c v10 = iadd v8, v9 ; v9 = 0xffff_0000 +;; @004c v11 = iconst.i64 0 +;; @004c v12 = select_spectre_guard v6, v11, v10 ; v11 = 0 +;; @004c v13 = uload8.i32 little heap v12 +;; @0053 jump block1(v13) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat index c8f3414adea3..a24f1ccd2390 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat @@ -50,8 +50,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 store little heap v1, v7 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 store little heap v1, v8 ;; @0044 jump block1 ;; ;; block1: @@ -69,9 +70,10 @@ ;; @0049 trapnz v4, heap_oob ;; @0049 v5 = global_value.i64 gv2 ;; @0049 v6 = iadd v5, v0 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = load.i32 little heap v7 -;; @004d jump block1(v8) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = load.i32 little heap v8 +;; @004d jump block1(v9) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat index 4f1f011e6fab..fa4c682724bf 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0xffff0000_offset.wat @@ -50,8 +50,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 0xffff_0000 -;; @0040 store little heap v1, v7 +;; @0040 v7 = iconst.i64 0xffff_0000 +;; @0040 v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @0040 store little heap v1, v8 ;; @0047 jump block1 ;; ;; block1: @@ -69,9 +70,10 @@ ;; @004c trapnz v4, heap_oob ;; @004c v5 = global_value.i64 gv2 ;; @004c v6 = iadd v5, v0 -;; @004c v7 = iadd_imm v6, 0xffff_0000 -;; @004c v8 = load.i32 little heap v7 -;; @0053 jump block1(v8) +;; @004c v7 = iconst.i64 0xffff_0000 +;; @004c v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @004c v9 = load.i32 little heap v8 +;; @0053 jump block1(v9) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat index d25588855566..cab36e4e5e15 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat @@ -50,8 +50,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 istore8 little heap v1, v7 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 istore8 little heap v1, v8 ;; @0044 jump block1 ;; ;; block1: @@ -69,9 +70,10 @@ ;; @0049 trapnz v4, heap_oob ;; @0049 v5 = global_value.i64 gv2 ;; @0049 v6 = iadd v5, v0 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = uload8.i32 little heap v7 -;; @004d jump block1(v8) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = uload8.i32 little heap v8 +;; @004d jump block1(v9) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat index eadb8b32c184..7e729f740991 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0xffff0000_offset.wat @@ -50,8 +50,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 0xffff_0000 -;; @0040 istore8 little heap v1, v7 +;; @0040 v7 = iconst.i64 0xffff_0000 +;; @0040 v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @0040 istore8 little heap v1, v8 ;; @0047 jump block1 ;; ;; block1: @@ -69,9 +70,10 @@ ;; @004c trapnz v4, heap_oob ;; @004c v5 = global_value.i64 gv2 ;; @004c v6 = iadd v5, v0 -;; @004c v7 = iadd_imm v6, 0xffff_0000 -;; @004c v8 = uload8.i32 little heap v7 -;; @0053 jump block1(v8) +;; @004c v7 = iconst.i64 0xffff_0000 +;; @004c v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @004c v9 = uload8.i32 little heap v8 +;; @0053 jump block1(v9) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat index bc6c14897347..8d2cbfe3a70e 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -49,10 +49,11 @@ ;; @0040 v4 = icmp ugt v0, v3 ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 store little heap v1, v9 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 store little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -69,11 +70,12 @@ ;; @0049 v4 = icmp ugt v0, v3 ;; @0049 v5 = global_value.i64 gv2 ;; @0049 v6 = iadd v5, v0 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = iconst.i64 0 -;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0049 v10 = load.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = iconst.i64 0 +;; @0049 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0049 v11 = load.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat index 501d164e2b49..73f14c458b34 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0xffff0000_offset.wat @@ -49,10 +49,11 @@ ;; @0040 v4 = icmp ugt v0, v3 ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 0xffff_0000 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 store little heap v1, v9 +;; @0040 v7 = iconst.i64 0xffff_0000 +;; @0040 v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 store little heap v1, v10 ;; @0047 jump block1 ;; ;; block1: @@ -69,11 +70,12 @@ ;; @004c v4 = icmp ugt v0, v3 ;; @004c v5 = global_value.i64 gv2 ;; @004c v6 = iadd v5, v0 -;; @004c v7 = iadd_imm v6, 0xffff_0000 -;; @004c v8 = iconst.i64 0 -;; @004c v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @004c v10 = load.i32 little heap v9 -;; @0053 jump block1(v10) +;; @004c v7 = iconst.i64 0xffff_0000 +;; @004c v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @004c v9 = iconst.i64 0 +;; @004c v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @004c v11 = load.i32 little heap v10 +;; @0053 jump block1(v11) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat index f4f55950bcdb..c4fa39c9f350 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -49,10 +49,11 @@ ;; @0040 v4 = icmp ugt v0, v3 ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 istore8 little heap v1, v9 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 istore8 little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -69,11 +70,12 @@ ;; @0049 v4 = icmp ugt v0, v3 ;; @0049 v5 = global_value.i64 gv2 ;; @0049 v6 = iadd v5, v0 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = iconst.i64 0 -;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0049 v10 = uload8.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = iconst.i64 0 +;; @0049 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0049 v11 = uload8.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat index aad253adbfb8..1f543bd61fc4 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_dynamic_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0xffff0000_offset.wat @@ -49,10 +49,11 @@ ;; @0040 v4 = icmp ugt v0, v3 ;; @0040 v5 = global_value.i64 gv2 ;; @0040 v6 = iadd v5, v0 -;; @0040 v7 = iadd_imm v6, 0xffff_0000 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 istore8 little heap v1, v9 +;; @0040 v7 = iconst.i64 0xffff_0000 +;; @0040 v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 istore8 little heap v1, v10 ;; @0047 jump block1 ;; ;; block1: @@ -69,11 +70,12 @@ ;; @004c v4 = icmp ugt v0, v3 ;; @004c v5 = global_value.i64 gv2 ;; @004c v6 = iadd v5, v0 -;; @004c v7 = iadd_imm v6, 0xffff_0000 -;; @004c v8 = iconst.i64 0 -;; @004c v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @004c v10 = uload8.i32 little heap v9 -;; @0053 jump block1(v10) +;; @004c v7 = iconst.i64 0xffff_0000 +;; @004c v8 = iadd v6, v7 ; v7 = 0xffff_0000 +;; @004c v9 = iconst.i64 0 +;; @004c v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @004c v11 = uload8.i32 little heap v10 +;; @0053 jump block1(v11) ;; ;; block1(v2: i32): ;; @0053 return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat index 44734b44a023..a154f8468c10 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i32_access_0x1000_offset.wat @@ -47,8 +47,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv1 ;; @0040 v6 = iadd v5, v3 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 store little heap v1, v7 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 store little heap v1, v8 ;; @0044 jump block1 ;; ;; block1: @@ -65,10 +66,11 @@ ;; @0049 trapnz v4, heap_oob ;; @0049 v5 = global_value.i64 gv1 ;; @0049 v6 = iadd v5, v3 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = load.i32 little heap v7 -;; @004d jump block1(v8) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = load.i32 little heap v8 +;; @004d jump block1(v9) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat index 29d67fe8a912..1b76510f3b2b 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_no_spectre_i8_access_0x1000_offset.wat @@ -47,8 +47,9 @@ ;; @0040 trapnz v4, heap_oob ;; @0040 v5 = global_value.i64 gv1 ;; @0040 v6 = iadd v5, v3 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 istore8 little heap v1, v7 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 istore8 little heap v1, v8 ;; @0044 jump block1 ;; ;; block1: @@ -65,10 +66,11 @@ ;; @0049 trapnz v4, heap_oob ;; @0049 v5 = global_value.i64 gv1 ;; @0049 v6 = iadd v5, v3 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = uload8.i32 little heap v7 -;; @004d jump block1(v8) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = uload8.i32 little heap v8 +;; @004d jump block1(v9) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat index 902597df6514..a54456f06c3f 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -46,10 +46,11 @@ ;; @0040 v4 = icmp_imm ugt v3, 0x0fff_effc ;; @0040 v5 = global_value.i64 gv1 ;; @0040 v6 = iadd v5, v3 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 store little heap v1, v9 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 store little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -65,11 +66,12 @@ ;; @0049 v4 = icmp_imm ugt v3, 0x0fff_effc ;; @0049 v5 = global_value.i64 gv1 ;; @0049 v6 = iadd v5, v3 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = iconst.i64 0 -;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0049 v10 = load.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = iconst.i64 0 +;; @0049 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0049 v11 = load.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat index a5043ee3fbbe..fae04d6f7a3c 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -46,10 +46,11 @@ ;; @0040 v4 = icmp_imm ugt v3, 0x0fff_efff ;; @0040 v5 = global_value.i64 gv1 ;; @0040 v6 = iadd v5, v3 -;; @0040 v7 = iadd_imm v6, 4096 -;; @0040 v8 = iconst.i64 0 -;; @0040 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0040 istore8 little heap v1, v9 +;; @0040 v7 = iconst.i64 4096 +;; @0040 v8 = iadd v6, v7 ; v7 = 4096 +;; @0040 v9 = iconst.i64 0 +;; @0040 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0040 istore8 little heap v1, v10 ;; @0044 jump block1 ;; ;; block1: @@ -65,11 +66,12 @@ ;; @0049 v4 = icmp_imm ugt v3, 0x0fff_efff ;; @0049 v5 = global_value.i64 gv1 ;; @0049 v6 = iadd v5, v3 -;; @0049 v7 = iadd_imm v6, 4096 -;; @0049 v8 = iconst.i64 0 -;; @0049 v9 = select_spectre_guard v4, v8, v7 ; v8 = 0 -;; @0049 v10 = uload8.i32 little heap v9 -;; @004d jump block1(v10) +;; @0049 v7 = iconst.i64 4096 +;; @0049 v8 = iadd v6, v7 ; v7 = 4096 +;; @0049 v9 = iconst.i64 0 +;; @0049 v10 = select_spectre_guard v4, v9, v8 ; v9 = 0 +;; @0049 v11 = uload8.i32 little heap v10 +;; @004d jump block1(v11) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat index a7b43d2075fb..6136eebd17d0 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat @@ -45,8 +45,9 @@ ;; @0040 v3 = uextend.i64 v0 ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v3 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 store little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 store little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -61,10 +62,11 @@ ;; @0049 v3 = uextend.i64 v0 ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v3 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = load.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = load.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat index 2764a8734e04..fae8d044e36c 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat @@ -45,8 +45,9 @@ ;; @0040 v3 = uextend.i64 v0 ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v3 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 istore8 little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 istore8 little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -61,10 +62,11 @@ ;; @0049 v3 = uextend.i64 v0 ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v3 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = uload8.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = uload8.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat index ff6527a8b67c..22be30b0149b 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -45,8 +45,9 @@ ;; @0040 v3 = uextend.i64 v0 ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v3 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 store little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 store little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -61,10 +62,11 @@ ;; @0049 v3 = uextend.i64 v0 ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v3 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = load.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = load.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat index 25153188f6bd..d6ba202d4a18 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i32_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -45,8 +45,9 @@ ;; @0040 v3 = uextend.i64 v0 ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v3 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 istore8 little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 istore8 little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -61,10 +62,11 @@ ;; @0049 v3 = uextend.i64 v0 ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v3 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = uload8.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = uload8.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat index bff5b7a49b84..6ab0bb9b649f 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i32_access_0x1000_offset.wat @@ -46,8 +46,9 @@ ;; @0040 trapnz v3, heap_oob ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 store little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 store little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -63,10 +64,11 @@ ;; @0049 trapnz v3, heap_oob ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = load.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = load.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat index 6218cb0e8806..08cc7a23d9ea 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_no_spectre_i8_access_0x1000_offset.wat @@ -46,8 +46,9 @@ ;; @0040 trapnz v3, heap_oob ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 istore8 little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 istore8 little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -63,10 +64,11 @@ ;; @0049 trapnz v3, heap_oob ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = uload8.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = uload8.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat index 44bffc8e0cf6..5260a4549966 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -45,10 +45,11 @@ ;; @0040 v3 = icmp_imm ugt v0, 0x0fff_effc ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 v7 = iconst.i64 0 -;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0040 store little heap v1, v8 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 v8 = iconst.i64 0 +;; @0040 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0040 store little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -63,11 +64,12 @@ ;; @0049 v3 = icmp_imm ugt v0, 0x0fff_effc ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = iconst.i64 0 -;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0049 v9 = load.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = iconst.i64 0 +;; @0049 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0049 v10 = load.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat index e6597d66d1e3..e3d9749514e2 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -45,10 +45,11 @@ ;; @0040 v3 = icmp_imm ugt v0, 0x0fff_efff ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 v7 = iconst.i64 0 -;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0040 istore8 little heap v1, v8 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 v8 = iconst.i64 0 +;; @0040 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0040 istore8 little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -63,11 +64,12 @@ ;; @0049 v3 = icmp_imm ugt v0, 0x0fff_efff ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = iconst.i64 0 -;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0049 v9 = uload8.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = iconst.i64 0 +;; @0049 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0049 v10 = uload8.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat index 0527549ce39e..3839e19c12ee 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i32_access_0x1000_offset.wat @@ -46,8 +46,9 @@ ;; @0040 trapnz v3, heap_oob ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 store little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 store little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -63,10 +64,11 @@ ;; @0049 trapnz v3, heap_oob ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = load.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = load.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat index cb8badc5518e..0132e0dba179 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_no_spectre_i8_access_0x1000_offset.wat @@ -46,8 +46,9 @@ ;; @0040 trapnz v3, heap_oob ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 istore8 little heap v1, v6 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 istore8 little heap v1, v7 ;; @0044 jump block1 ;; ;; block1: @@ -63,10 +64,11 @@ ;; @0049 trapnz v3, heap_oob ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = uload8.i32 little heap v6 -;; @004d jump block1(v7) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = uload8.i32 little heap v7 +;; @004d jump block1(v8) ;; ;; block1(v2: i32): ;; @004d return v2 -;; } \ No newline at end of file +;; } diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat index db80822e8fb0..8f6750ad3d10 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i32_access_0x1000_offset.wat @@ -45,10 +45,11 @@ ;; @0040 v3 = icmp_imm ugt v0, 0x0fff_effc ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 v7 = iconst.i64 0 -;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0040 store little heap v1, v8 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 v8 = iconst.i64 0 +;; @0040 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0040 store little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -63,11 +64,12 @@ ;; @0049 v3 = icmp_imm ugt v0, 0x0fff_effc ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = iconst.i64 0 -;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0049 v9 = load.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = iconst.i64 0 +;; @0049 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0049 v10 = load.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat index 98344abf7a8d..892429c3cff9 100644 --- a/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat +++ b/cranelift/filetests/filetests/wasm/load-store/load_store_static_kind_i64_index_0xffffffff_guard_yes_spectre_i8_access_0x1000_offset.wat @@ -45,10 +45,11 @@ ;; @0040 v3 = icmp_imm ugt v0, 0x0fff_efff ;; @0040 v4 = global_value.i64 gv1 ;; @0040 v5 = iadd v4, v0 -;; @0040 v6 = iadd_imm v5, 4096 -;; @0040 v7 = iconst.i64 0 -;; @0040 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0040 istore8 little heap v1, v8 +;; @0040 v6 = iconst.i64 4096 +;; @0040 v7 = iadd v5, v6 ; v6 = 4096 +;; @0040 v8 = iconst.i64 0 +;; @0040 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0040 istore8 little heap v1, v9 ;; @0044 jump block1 ;; ;; block1: @@ -63,11 +64,12 @@ ;; @0049 v3 = icmp_imm ugt v0, 0x0fff_efff ;; @0049 v4 = global_value.i64 gv1 ;; @0049 v5 = iadd v4, v0 -;; @0049 v6 = iadd_imm v5, 4096 -;; @0049 v7 = iconst.i64 0 -;; @0049 v8 = select_spectre_guard v3, v7, v6 ; v7 = 0 -;; @0049 v9 = uload8.i32 little heap v8 -;; @004d jump block1(v9) +;; @0049 v6 = iconst.i64 4096 +;; @0049 v7 = iadd v5, v6 ; v6 = 4096 +;; @0049 v8 = iconst.i64 0 +;; @0049 v9 = select_spectre_guard v3, v8, v7 ; v8 = 0 +;; @0049 v10 = uload8.i32 little heap v9 +;; @004d jump block1(v10) ;; ;; block1(v2: i32): ;; @004d return v2 diff --git a/cranelift/wasm/src/code_translator/bounds_checks.rs b/cranelift/wasm/src/code_translator/bounds_checks.rs index 531a1bcd7595..6e236165b031 100644 --- a/cranelift/wasm/src/code_translator/bounds_checks.rs +++ b/cranelift/wasm/src/code_translator/bounds_checks.rs @@ -362,6 +362,21 @@ fn explicit_check_oob_condition_and_compute_addr( addr } +fn add_fact Fact>( + pos: &mut FuncCursor, + pcc_memtype: Option, + value: ir::Value, + make_fact: F, +) { + if let Some(ty) = pcc_memtype { + assert!( + pos.func.dfg.facts[value].is_none(), + "Overwriting a fact is invalid" + ); + pos.func.dfg.facts[value] = Some(make_fact(ty)); + } +} + /// Emit code for the native address computation of a Wasm address, /// without any bounds checks or overflow checks. /// @@ -389,26 +404,24 @@ fn compute_addr( None }; - if let Some(ty) = pcc_memtype { - pos.func.dfg.facts[heap_base] = Some(Fact::Mem { - ty, - min_offset: 0, - max_offset: 0, - }); - } + add_fact(pos, pcc_memtype, heap_base, |ty| Fact::Mem { + ty, + min_offset: 0, + max_offset: 0, + }); let base_and_index = pos.ins().iadd(heap_base, index); - if let Some(ty) = pcc_memtype { + add_fact(pos, pcc_memtype, base_and_index, |ty| { // TODO: handle memory64 as well. For now we assert that we // have a 32-bit `heap.index_type`. assert_eq!(heap.index_type, ir::types::I32); - pos.func.dfg.facts[base_and_index] = Some(Fact::Mem { + Fact::Mem { ty, min_offset: 0, max_offset: u64::from(u32::MAX), - }); - } + } + }); if offset == 0 { base_and_index @@ -417,18 +430,20 @@ fn compute_addr( // `select_spectre_guard`, if any. If it happens after, then we // potentially are letting speculative execution read the whole first // 4GiB of memory. - let result = pos.ins().iadd_imm(base_and_index, offset as i64); - if let Some(ty) = pcc_memtype { - pos.func.dfg.facts[result] = Some(Fact::Mem { - ty, - min_offset: u64::from(offset), - // Safety: can't overflow -- two u32s summed in a - // 64-bit add. TODO: when memory64 is supported here, - // `u32::MAX` is no longer true, and we'll need to - // handle overflow here. - max_offset: u64::from(u32::MAX) + u64::from(offset), - }); - } + let offset_val = pos.ins().iconst(addr_ty, i64::from(offset)); + add_fact(pos, pcc_memtype, offset_val, |_| { + Fact::constant(u16::try_from(addr_ty.bits()).unwrap(), u64::from(offset)) + }); + let result = pos.ins().iadd(base_and_index, offset_val); + add_fact(pos, pcc_memtype, result, |ty| Fact::Mem { + ty, + min_offset: u64::from(offset), + // Safety: can't overflow -- two u32s summed in a + // 64-bit add. TODO: when memory64 is supported here, + // `u32::MAX` is no longer true, and we'll need to + // handle overflow here. + max_offset: u64::from(u32::MAX) + u64::from(offset), + }); result } }