Fix several AOT compiler issues (#2697)

- Fix potential invalid push param phis and add incoming phis to a un-existed basic block - Fix potential invalid shift count int rotl/rotr opcodes - Resize memory_data_size to UINT32_MAX if it is 4G when hw bound check is enabled - Fix negative linear memory offset is used for 64-bit target it is const and larger than INT32_MAX
2024-10-16 04:52:02 +00:00 · 2023-11-02 20:36:21 +08:00 · 2023-11-02 20:36:21 +08:00 · 68a627ea2c
commit 68a627ea2c
parent 0b2313f6f8
5 changed files with 37 additions and 6 deletions
--- a/core/iwasm/aot/aot_runtime.c
+++ b/core/iwasm/aot/aot_runtime.c
@ -554,8 +554,12 @@ memory_instantiate(AOTModuleInstance *module_inst, AOTModuleInstance *parent,
        os_munmap(mapped_mem, map_size);
        return NULL;
    }
+
    /* Newly allocated pages are filled with zero by the OS, we don't fill it
     * again here */
+
+    if (memory_data_size > UINT32_MAX)
+        memory_data_size = UINT32_MAX;
 #endif /* end of OS_ENABLE_HW_BOUND_CHECK */

    memory_inst->module_type = Wasm_Module_AoT;
--- a/core/iwasm/compilation/aot_emit_control.c
+++ b/core/iwasm/compilation/aot_emit_control.c
@ -344,7 +344,9 @@ push_aot_block_to_stack_and_pass_params(AOTCompContext *comp_ctx,
        for (i = 0; i < block->param_count; i++) {
            param_index = block->param_count - 1 - i;
            POP(value, block->param_types[param_index]);
-            ADD_TO_PARAM_PHIS(block, value, param_index);
+            if (block->llvm_entry_block)
+                /* Only add incoming phis if the entry block was created */
+                ADD_TO_PARAM_PHIS(block, value, param_index);
            if (block->label_type == LABEL_TYPE_IF
                && !block->skip_wasm_code_else) {
                if (block->llvm_else_block) {
@ -366,7 +368,17 @@ push_aot_block_to_stack_and_pass_params(AOTCompContext *comp_ctx,

    /* Push param phis to the new block */
    for (i = 0; i < block->param_count; i++) {
-        PUSH(block->param_phis[i], block->param_types[i]);
+        if (block->llvm_entry_block)
+            /* Push param phis if the entry basic block was created */
+            PUSH(block->param_phis[i], block->param_types[i]);
+        else {
+            bh_assert(block->label_type == LABEL_TYPE_IF
+                      && block->llvm_else_block && block->else_param_phis
+                      && !block->skip_wasm_code_else);
+            /* Push else param phis if we start to translate the
+               else branch */
+            PUSH(block->else_param_phis[i], block->param_types[i]);
+        }
    }

    return true;
--- a/core/iwasm/compilation/aot_emit_memory.c
+++ b/core/iwasm/compilation/aot_emit_memory.c
@ -157,7 +157,10 @@ aot_check_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,

        if (mem_offset + bytes <= mem_data_size) {
            /* inside memory space */
-            offset1 = I32_CONST((uint32)mem_offset);
+            if (comp_ctx->pointer_size == sizeof(uint64))
+                offset1 = I64_CONST((uint32)mem_offset);
+            else
+                offset1 = I32_CONST((uint32)mem_offset);
            CHECK_LLVM_CONST(offset1);
            if (!enable_segue) {
                if (!(maddr = LLVMBuildInBoundsGEP2(comp_ctx->builder,
--- a/core/iwasm/compilation/aot_emit_numberic.c
+++ b/core/iwasm/compilation/aot_emit_numberic.c
@ -777,17 +777,25 @@ compile_int_rot(AOTCompContext *comp_ctx, LLVMValueRef left, LLVMValueRef right,
    if (IS_CONST_ZERO(right))
        return left;

-    /* Calculate (bits - shif_count) */
+    /* Calculate (bits - shift_count) */
    LLVM_BUILD_OP(Sub, is_i32 ? I32_32 : I64_64, right, bits_minus_shift_count,
                  "bits_minus_shift_count", NULL);
+    /* Calculate (bits - shift_count) & mask */
+    bits_minus_shift_count =
+        LLVMBuildAnd(comp_ctx->builder, bits_minus_shift_count,
+                     is_i32 ? I32_31 : I64_63, "bits_minus_shift_count_and");
+    if (!bits_minus_shift_count) {
+        aot_set_last_error("llvm build and failed.");
+        return NULL;
+    }

    if (is_rotl) {
-        /* left<<count | left>>(BITS-count) */
+        /* (left << count) | (left >> ((BITS - count) & mask)) */
        LLVM_BUILD_OP(Shl, left, right, tmp_l, "tmp_l", NULL);
        LLVM_BUILD_OP(LShr, left, bits_minus_shift_count, tmp_r, "tmp_r", NULL);
    }
    else {
-        /* left>>count | left<<(BITS-count) */
+        /* (left >> count) | (left << ((BITS - count) & mask)) */
        LLVM_BUILD_OP(LShr, left, right, tmp_l, "tmp_l", NULL);
        LLVM_BUILD_OP(Shl, left, bits_minus_shift_count, tmp_r, "tmp_r", NULL);
    }
--- a/core/iwasm/interpreter/wasm_runtime.c
+++ b/core/iwasm/interpreter/wasm_runtime.c
@ -338,8 +338,12 @@ memory_instantiate(WASMModuleInstance *module_inst, WASMModuleInstance *parent,
        set_error_buf(error_buf, error_buf_size, "mprotect memory failed");
        goto fail2;
    }
+
    /* Newly allocated pages are filled with zero by the OS, we don't fill it
     * again here */
+
+    if (memory_data_size > UINT32_MAX)
+        memory_data_size = UINT32_MAX;
 #endif /* end of OS_ENABLE_HW_BOUND_CHECK */

    memory->module_type = Wasm_Module_Bytecode;