do runtime bounds check when normal check failed

Signed-off-by: wenlingyun1 <wenlingyun1@xiaomi.com>
WenLY1 · Jul 10, 2024 · 80e711b · 80e711b
1 parent 8331426
commit 80e711b
Show file tree

Hide file tree

Showing 2 changed files with 79 additions and 28 deletions.
diff --git a/core/iwasm/aot/aot_runtime.c b/core/iwasm/aot/aot_runtime.c
@@ -3117,13 +3117,7 @@ uint64
 aot_bounds_check(AOTModuleInstance *module_inst, uint64 offset, uint32 bytes)
 #endif
 {
-    WASMMemoryInstance *memory = aot_get_default_memory(module_inst);
-    uint64 linear_memory_size = memory->memory_data_size;
-
-    if (offset + bytes <= linear_memory_size) {
-        return memory->memory_data + offset;
-    }
-    return NULL;
+    return offset;
 }
 
 void *

diff --git a/core/iwasm/compilation/aot_emit_memory.c b/core/iwasm/compilation/aot_emit_memory.c
@@ -138,7 +138,7 @@ aot_check_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
     LLVMValueRef addr, maddr, offset1, cmp1, cmp2, cmp;
     LLVMValueRef mem_base_addr, mem_check_bound;
     LLVMBasicBlockRef block_curr = LLVMGetInsertBlock(comp_ctx->builder);
-    LLVMBasicBlockRef check_succ;
+    LLVMBasicBlockRef check_succ, runtime_bounds_check, merge_block;
     AOTValue *aot_value_top;
     uint32 local_idx_of_aot_value = 0;
     uint64 const_value;
@@ -329,21 +329,83 @@ aot_check_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
         }
 
         /* Add basic blocks */
-        ADD_BASIC_BLOCK(check_succ, "check_succ");
-        LLVMMoveBasicBlockAfter(check_succ, block_curr);
-
-        if (!aot_emit_exception(comp_ctx, func_ctx,
-                                EXCE_OUT_OF_BOUNDS_MEMORY_ACCESS, true, cmp,
-                                check_succ)) {
-            goto fail;
+        if (!comp_ctx->enable_runtime_bound_check) {
+            ADD_BASIC_BLOCK(check_succ, "check_succ");
+            LLVMMoveBasicBlockAfter(check_succ, block_curr);
+            if (!aot_emit_exception(comp_ctx, func_ctx,
+                                    EXCE_OUT_OF_BOUNDS_MEMORY_ACCESS, true, cmp,
+                                    check_succ)) {
+                goto fail;
+            }
+            SET_BUILD_POS(check_succ);
+            if (is_local_of_aot_value) {
+                if (!aot_checked_addr_list_add(func_ctx, local_idx_of_aot_value,
+                                               offset, bytes))
+                    goto fail;
+            }
         }
+        else {
+            LLVMValueRef maddr_ret;
+            if (func_ctx->maddr_ret == NULL) {
+                func_ctx->maddr_ret = LLVMBuildAlloca(
+                    comp_ctx->builder, LLVMPointerType(LLVMInt8Type(), 0),
+                    "maddr_ret");
+            }
+            maddr_ret = func_ctx->maddr_ret;
 
-        SET_BUILD_POS(check_succ);
+            ADD_BASIC_BLOCK(merge_block, "merge_block");
+            ADD_BASIC_BLOCK(runtime_bounds_check, "runtime_bounds_check");
+            ADD_BASIC_BLOCK(check_succ, "check_succ");
+
+            LLVMBuildCondBr(comp_ctx->builder, cmp, runtime_bounds_check,
+                            check_succ);
 
-        if (is_local_of_aot_value) {
-            if (!aot_checked_addr_list_add(func_ctx, local_idx_of_aot_value,
-                                           offset, bytes))
-                goto fail;
+            SET_BUILD_POS(runtime_bounds_check);
+            maddr = aot_call_runtime_bounds_check(comp_ctx, func_ctx, offset1,
+                                                  bytes);
+            LLVMBuildStore(comp_ctx->builder, maddr, maddr_ret);
+            LLVMBuildBr(comp_ctx->builder, merge_block);
+
+            SET_BUILD_POS(check_succ);
+            if (is_local_of_aot_value) {
+                if (!aot_checked_addr_list_add(func_ctx, local_idx_of_aot_value,
+                                               offset, bytes))
+                    goto fail;
+            }
+            if (!enable_segue) {
+                /* maddr = mem_base_addr + offset1 */
+                if (!(maddr = LLVMBuildInBoundsGEP2(comp_ctx->builder,
+                                                    INT8_TYPE, mem_base_addr,
+                                                    &offset1, 1, "maddr"))) {
+                    aot_set_last_error("llvm build add failed.");
+                    goto fail;
+                }
+            }
+            else {
+                LLVMValueRef maddr_base;
+
+                if (!(maddr_base =
+                          LLVMBuildIntToPtr(comp_ctx->builder, addr,
+                                            INT8_PTR_TYPE_GS, "maddr_base"))) {
+                    aot_set_last_error("llvm build int to ptr failed.");
+                    goto fail;
+                }
+                if (!(maddr = LLVMBuildInBoundsGEP2(
+                          comp_ctx->builder, INT8_TYPE, maddr_base,
+                          &offset_const, 1, "maddr"))) {
+                    aot_set_last_error("llvm build inboundgep failed.");
+                    goto fail;
+                }
+            }
+            LLVMBuildStore(comp_ctx->builder, maddr, maddr_ret);
+            LLVMBuildBr(comp_ctx->builder, merge_block);
+
+            SET_BUILD_POS(merge_block);
+            maddr = LLVMBuildLoad2(comp_ctx->builder,
+                                   LLVMPointerType(LLVMInt8Type(), 0),
+                                   maddr_ret, "maddr_final");
+
+            return maddr;
         }
     }
     if (!enable_segue) {
@@ -369,18 +431,13 @@ aot_check_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
             aot_set_last_error("llvm build inboundgep failed.");
             goto fail;
         }
+
+
     }
 
     return maddr;
 fail:
-    if (comp_ctx->enable_bound_check && comp_ctx->enable_runtime_bound_check) {
-        maddr =
-            aot_call_runtime_bounds_check(comp_ctx, func_ctx, offset1, bytes);
-        return maddr;
-    }
-    else {
-        return NULL;
-    }
+    return NULL;
 }
 
 #define BUILD_PTR_CAST(ptr_type)                                           \