[wasm] Fix bounds check of a store instruction after a grow_memory instruction

Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to module builder tests.

BUG=chromium:644670
R=ahaas@chromium.org, titzer@chromium.org

Committed: https://crrev.com/64e43be959630cd0640d9ddb92ffdc9511679410
Cr-Commit-Position: refs/heads/master@{#39840}

[gdeepti, 2016-09-27 04:59:36]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-27 04:59:41]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-27 05:15:24]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-27 05:15:24]

Dry run: Try jobs failed on following builders:
  v8_mac_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng/builds/9682)
  v8_mac_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng_triggered/bui...)

[gdeepti, 2016-09-27 05:28:11]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-27 05:28:14]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[gdeepti, 2016-09-27 05:38:53]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-27 05:39:03]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-27 05:59:33]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-27 05:59:34]

Dry run: Try jobs failed on following builders:
  v8_linux_arm_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_arm_rel_ng/builds/...)
  v8_linux_arm_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_arm_rel_ng_trigger...)

[gdeepti, 2016-09-27 21:58:47]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-27 21:58:56]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-27 22:01:47]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-27 22:01:48]

Dry run: Try jobs failed on following builders:
  v8_mac_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng/builds/9778)

[gdeepti, 2016-09-28 06:03:27]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-28 06:03:35]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-28 06:27:44]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-28 06:27:45]

Dry run: This issue passed the CQ dry run.

[gdeepti, 2016-09-28 06:30:28]

Description was changed from

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org
==========

to

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org
==========

[gdeepti, 2016-09-28 17:53:10]

gdeepti@chromium.org changed reviewers:
+ mtrofin@chromium.org

[gdeepti, 2016-09-28 17:53:10]

Just realized ahaas@ is on vacation, adding mtrofin@.

[titzer, 2016-09-28 18:09:52]

lgtm with comment

https://codereview.chromium.org/2373613004/diff/80001/src/compiler/wasm-compi...
File src/compiler/wasm-compiler.cc (right):

https://codereview.chromium.org/2373613004/diff/80001/src/compiler/wasm-compi...
src/compiler/wasm-compiler.cc:2776: (static_cast<uint64_t>(offset) + memsize) >
size) {
Can you please add a comment here what is going on?

Basically, we have to add two checks in the case where the offset is statically
out of bounds; one check for the offset being in bounds, and the next for the
offset + index being out of bounds.

[gdeepti, 2016-09-28 20:28:14]

The CQ bit was checked by gdeepti@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-28 20:28:19]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[gdeepti, 2016-09-28 20:29:15]

https://codereview.chromium.org/2373613004/diff/80001/src/compiler/wasm-compi...
File src/compiler/wasm-compiler.cc (right):

https://codereview.chromium.org/2373613004/diff/80001/src/compiler/wasm-compi...
src/compiler/wasm-compiler.cc:2776: (static_cast<uint64_t>(offset) + memsize) >
size) {
On 2016/09/28 18:09:51, titzer wrote:
> Can you please add a comment here what is going on?
> 
> Basically, we have to add two checks in the case where the offset is
statically
> out of bounds; one check for the offset being in bounds, and the next for the
> offset + index being out of bounds.

Done.

[commit-bot: I haz the power, 2016-09-28 20:51:38]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-28 20:51:39]

Dry run: This issue passed the CQ dry run.

[gdeepti, 2016-09-28 20:53:03]

The CQ bit was checked by gdeepti@chromium.org

[gdeepti, 2016-09-28 20:53:04]

The patchset sent to the CQ was uploaded after l-g-t-m from titzer@chromium.org
Link to the patchset: https://codereview.chromium.org/2373613004/#ps100001
(title: "Ben's review")

[commit-bot: I haz the power, 2016-09-28 20:53:09]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-28 20:55:46]

Description was changed from

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org
==========

to

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org
==========

[commit-bot: I haz the power, 2016-09-28 20:55:47]

Committed patchset #6 (id:100001)

[commit-bot: I haz the power, 2016-09-28 20:56:19]

Description was changed from

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org
==========

to

==========
Fix bounds check of a store instruction after a grow_memory instruction
 - Store instruction with an offset bigger than GrowMemory offset should handle
out of bounds correctly
 - Refactor to separate runnning from compile so arguments can be passed in to
module builder tests.

BUG=chromium:644670

R=ahaas@chromium.org, titzer@chromium.org

Committed: https://crrev.com/64e43be959630cd0640d9ddb92ffdc9511679410
Cr-Commit-Position: refs/heads/master@{#39840}
==========

[commit-bot: I haz the power, 2016-09-28 20:56:20]

Patchset 6 (id:??) landed as
https://crrev.com/64e43be959630cd0640d9ddb92ffdc9511679410
Cr-Commit-Position: refs/heads/master@{#39840}