[wasm] Validate the alignment of load and store instructions.

src/wasm/wasm-interpreter.cc

 // Copyright 2016 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/wasm/wasm-interpreter.h"
 
 #include "src/utils.h"
 #include "src/wasm/ast-decoder.h"
 #include "src/wasm/decoder.h"
 #include "src/wasm/wasm-external-refs.h"
@@ skipping 1424 matching lines @@
           } else if (type == kAstF64) {
             *reinterpret_cast<double*>(ptr) = val.to<double>();
           } else {
             UNREACHABLE();
           }
           Push(pc, val);
           len = 1 + operand.length;
           break;
         }
 
-#define LOAD_CASE(name, ctype, mtype)                                       \
+#define LOAD_CASE(name, ctype, mtype, machine_type)                         \
   case kExpr##name: {                                                       \
-    MemoryAccessOperand operand(&decoder, code->at(pc));                    \
+    MemoryAccessOperand operand(&decoder, code->at(pc), machine_type);      \
     uint32_t index = Pop().to<uint32_t>();                                  \
     size_t effective_mem_size = instance()->mem_size - sizeof(mtype);       \
     if (operand.offset > effective_mem_size ||                              \
         index > (effective_mem_size - operand.offset)) {                    \
       return DoTrap(kTrapMemOutOfBounds, pc);                               \
     }                                                                       \
     byte* addr = instance()->mem_start + operand.offset + index;            \
     WasmVal result(static_cast<ctype>(ReadLittleEndianValue<mtype>(addr))); \
     Push(pc, result);                                                       \
     len = 1 + operand.length;                                               \
     break;                                                                  \
   }
 
-          LOAD_CASE(I32LoadMem8S, int32_t, int8_t);
-          LOAD_CASE(I32LoadMem8U, int32_t, uint8_t);
-          LOAD_CASE(I32LoadMem16S, int32_t, int16_t);
-          LOAD_CASE(I32LoadMem16U, int32_t, uint16_t);
-          LOAD_CASE(I64LoadMem8S, int64_t, int8_t);
-          LOAD_CASE(I64LoadMem8U, int64_t, uint8_t);
-          LOAD_CASE(I64LoadMem16S, int64_t, int16_t);
-          LOAD_CASE(I64LoadMem16U, int64_t, uint16_t);
-          LOAD_CASE(I64LoadMem32S, int64_t, int32_t);
-          LOAD_CASE(I64LoadMem32U, int64_t, uint32_t);
-          LOAD_CASE(I32LoadMem, int32_t, int32_t);
-          LOAD_CASE(I64LoadMem, int64_t, int64_t);
-          LOAD_CASE(F32LoadMem, float, float);
-          LOAD_CASE(F64LoadMem, double, double);
+          LOAD_CASE(I32LoadMem8S, int32_t, int8_t, MachineType::Int8());
+          LOAD_CASE(I32LoadMem8U, int32_t, uint8_t, MachineType::Uint8());
+          LOAD_CASE(I32LoadMem16S, int32_t, int16_t, MachineType::Int16());
+          LOAD_CASE(I32LoadMem16U, int32_t, uint16_t, MachineType::Uint16());
+          LOAD_CASE(I64LoadMem8S, int64_t, int8_t, MachineType::Int8());
+          LOAD_CASE(I64LoadMem8U, int64_t, uint8_t, MachineType::Uint8());
+          LOAD_CASE(I64LoadMem16S, int64_t, int16_t, MachineType::Int16());
+          LOAD_CASE(I64LoadMem16U, int64_t, uint16_t, MachineType::Uint16());
+          LOAD_CASE(I64LoadMem32S, int64_t, int32_t, MachineType::Int32());
+          LOAD_CASE(I64LoadMem32U, int64_t, uint32_t, MachineType::Uint32());
+          LOAD_CASE(I32LoadMem, int32_t, int32_t, MachineType::Int32());
+          LOAD_CASE(I64LoadMem, int64_t, int64_t, MachineType::Int64());
+          LOAD_CASE(F32LoadMem, float, float, MachineType::Float32());
+          LOAD_CASE(F64LoadMem, double, double, MachineType::Float64());
 #undef LOAD_CASE
 
-#define STORE_CASE(name, ctype, mtype)                                        \
+#define STORE_CASE(name, ctype, mtype, machine_type)                          \
   case kExpr##name: {                                                         \
-    MemoryAccessOperand operand(&decoder, code->at(pc));                      \
+    MemoryAccessOperand operand(&decoder, code->at(pc), machine_type);        \
     WasmVal val = Pop();                                                      \
     uint32_t index = Pop().to<uint32_t>();                                    \
     size_t effective_mem_size = instance()->mem_size - sizeof(mtype);         \
     if (operand.offset > effective_mem_size ||                                \
         index > (effective_mem_size - operand.offset)) {                      \
       return DoTrap(kTrapMemOutOfBounds, pc);                                 \
     }                                                                         \
     byte* addr = instance()->mem_start + operand.offset + index;              \
     WriteLittleEndianValue<mtype>(addr, static_cast<mtype>(val.to<ctype>())); \
     Push(pc, val);                                                            \
     len = 1 + operand.length;                                                 \
     break;                                                                    \
   }
 
-          STORE_CASE(I32StoreMem8, int32_t, int8_t);
-          STORE_CASE(I32StoreMem16, int32_t, int16_t);
-          STORE_CASE(I64StoreMem8, int64_t, int8_t);
-          STORE_CASE(I64StoreMem16, int64_t, int16_t);
-          STORE_CASE(I64StoreMem32, int64_t, int32_t);
-          STORE_CASE(I32StoreMem, int32_t, int32_t);
-          STORE_CASE(I64StoreMem, int64_t, int64_t);
-          STORE_CASE(F32StoreMem, float, float);
-          STORE_CASE(F64StoreMem, double, double);
+          STORE_CASE(I32StoreMem8, int32_t, int8_t, MachineType::Int8());
+          STORE_CASE(I32StoreMem16, int32_t, int16_t, MachineType::Int16());
+          STORE_CASE(I64StoreMem8, int64_t, int8_t, MachineType::Int8());
+          STORE_CASE(I64StoreMem16, int64_t, int16_t, MachineType::Int16());
+          STORE_CASE(I64StoreMem32, int64_t, int32_t, MachineType::Int32());
+          STORE_CASE(I32StoreMem, int32_t, int32_t, MachineType::Int32());
+          STORE_CASE(I64StoreMem, int64_t, int64_t, MachineType::Int64());
+          STORE_CASE(F32StoreMem, float, float, MachineType::Float32());
+          STORE_CASE(F64StoreMem, double, double, MachineType::Float64());
 #undef STORE_CASE
 
 #define ASMJS_LOAD_CASE(name, ctype, mtype, defval)                 \
   case kExpr##name: {                                               \
     uint32_t index = Pop().to<uint32_t>();                          \
     ctype result;                                                   \
     if (index >= (instance()->mem_size - sizeof(mtype))) {          \
       result = defval;                                              \
     } else {                                                        \
       byte* addr = instance()->mem_start + index;                   \
@@ skipping 291 matching lines @@
 
 ControlTransferMap WasmInterpreter::ComputeControlTransfersForTesting(
     Zone* zone, const byte* start, const byte* end) {
   ControlTransfers targets(zone, 0, start, end);
   return targets.map_;
 }
 
 }  // namespace wasm
 }  // namespace internal
 }  // namespace v8