Cranelift: Add heap_load and heap_store instructions (#5300)

* Cranelift: Define `heap_load` and `heap_store` instructions

* Cranelift: Implement interpreter support for `heap_load` and `heap_store`

* Cranelift: Add a suite runtests for `heap_{load,store}`

There are so many knobs we can twist for heaps and I wanted to exhaustively test
all of them, so I wrote a script to generate the tests. I've checked in the
script in case we want to make any changes in the future, but I don't think it
is worth adding this to CI to check that scripts are up to date or anything like
that.

* Review feedback

Author: fitzgen

cranelift/codegen/meta/src/shared/formats.rs

@@ -16,6 +16,8 @@ pub(crate) struct Formats {
     pub(crate) float_compare: Rc<InstructionFormat>,
     pub(crate) func_addr: Rc<InstructionFormat>,
     pub(crate) heap_addr: Rc<InstructionFormat>,
+    pub(crate) heap_load: Rc<InstructionFormat>,
+    pub(crate) heap_store: Rc<InstructionFormat>,
     pub(crate) int_compare: Rc<InstructionFormat>,
     pub(crate) int_compare_imm: Rc<InstructionFormat>,
     pub(crate) int_add_trap: Rc<InstructionFormat>,
@@ -206,6 +208,17 @@ impl Formats {
                 .imm_with_name("size", &imm.uimm8)
                 .build(),
 
+            heap_load: Builder::new("HeapLoad").imm(&imm.heap_imm).value().build(),
+
+            heap_store: Builder::new("HeapStore")
+                // We have more fields for this instruction than
+                // `InstructionData` can hold without growing in size, so we
+                // push the immediates out into a side table.
+                .imm(&imm.heap_imm)
+                .value()
+                .value()
+                .build(),
+
             // Accessing a WebAssembly table.
             table_addr: Builder::new("TableAddr")
                 .imm(&entities.table)

cranelift/codegen/meta/src/shared/immediates.rs

@@ -59,6 +59,9 @@ pub(crate) struct Immediates {
     /// Flags for memory operations like `load` and `store`.
     pub memflags: OperandKind,
 
+    /// A reference to out-of-line immediates for heap accesses.
+    pub heap_imm: OperandKind,
+
     /// A trap code indicating the reason for trapping.
     ///
     /// The Rust enum type also has a `User(u16)` variant for user-provided trap codes.
@@ -182,6 +185,13 @@ impl Immediates {
             },
 
             memflags: new_imm("flags", "ir::MemFlags", "Memory operation flags"),
+
+            heap_imm: new_imm(
+                "heap_imm",
+                "ir::HeapImm",
+                "Reference to out-of-line heap access immediates",
+            ),
+
             trapcode: {
                 let mut trapcode_values = HashMap::new();
                 trapcode_values.insert("stk_ovf", "StackOverflow");

cranelift/codegen/meta/src/shared/instructions.rs

@@ -1155,6 +1155,55 @@ pub(crate) fn define(
         .operands_out(vec![addr]),
     );
 
+    let heap_imm = &Operand::new("heap_imm", &imm.heap_imm);
+    let index =
+        &Operand::new("index", HeapOffset).with_doc("Dynamic index (in bytes) into the heap");
+    let a = &Operand::new("a", Mem).with_doc("The value loaded from the heap");
+
+    ig.push(
+        Inst::new(
+            "heap_load",
+            r#"
+            Load a value from the given heap at address ``index + offset``,
+            trapping on out-of-bounds accesses.
+
+            Checks that ``index + offset .. index + offset + sizeof(a)`` is
+            within the heap's bounds, trapping if it is not. Otherwise, when
+            that range is in bounds, loads the value from the heap.
+
+            Traps on ``index + offset + sizeof(a)`` overflow.
+            "#,
+            &formats.heap_load,
+        )
+        .operands_in(vec![heap_imm, index])
+        .operands_out(vec![a])
+        .can_load(true)
+        .can_trap(true),
+    );
+
+    let a = &Operand::new("a", Mem).with_doc("The value stored into the heap");
+
+    ig.push(
+        Inst::new(
+            "heap_store",
+            r#"
+            Store ``a`` into the given heap at address ``index + offset``,
+            trapping on out-of-bounds accesses.
+
+            Checks that ``index + offset .. index + offset + sizeof(a)`` is
+            within the heap's bounds, trapping if it is not. Otherwise, when
+            that range is in bounds, stores the value into the heap.
+
+            Traps on ``index + offset + sizeof(a)`` overflow.
+            "#,
+            &formats.heap_store,
+        )
+        .operands_in(vec![heap_imm, index, a])
+        .operands_out(vec![])
+        .can_store(true)
+        .can_trap(true),
+    );
+
     // Note this instruction is marked as having other side-effects, so GVN won't try to hoist it,
     // which would result in it being subject to spilling. While not hoisting would generally hurt
     // performance, since a computed value used many times may need to be regenerated before each

cranelift/codegen/src/ir/dfg.rs

@@ -4,11 +4,12 @@ use crate::entity::{self, PrimaryMap, SecondaryMap};
 use crate::ir;
 use crate::ir::builder::ReplaceBuilder;
 use crate::ir::dynamic_type::{DynamicTypeData, DynamicTypes};
+use crate::ir::immediates::HeapImmData;
 use crate::ir::instructions::{BranchInfo, CallInfo, InstructionData};
 use crate::ir::{types, ConstantData, ConstantPool, Immediate};
 use crate::ir::{
-    Block, DynamicType, FuncRef, Inst, SigRef, Signature, Type, Value, ValueLabelAssignments,
-    ValueList, ValueListPool,
+    Block, DynamicType, FuncRef, HeapImm, Inst, SigRef, Signature, Type, Value,
+    ValueLabelAssignments, ValueList, ValueListPool,
 };
 use crate::ir::{ExtFuncData, RelSourceLoc};
 use crate::packed_option::ReservedValue;
@@ -83,6 +84,9 @@ pub struct DataFlowGraph {
 
     /// Stores large immediates that otherwise will not fit on InstructionData
     pub immediates: PrimaryMap<Immediate, ConstantData>,
+
+    /// Out-of-line heap access immediates that don't fit in `InstructionData`.
+    pub heap_imms: PrimaryMap<HeapImm, HeapImmData>,
 }
 
 impl DataFlowGraph {
@@ -101,6 +105,7 @@ impl DataFlowGraph {
             values_labels: None,
             constants: ConstantPool::new(),
             immediates: PrimaryMap::new(),
+            heap_imms: PrimaryMap::new(),
         }
     }
 

cranelift/codegen/src/ir/entities.rs

@@ -394,6 +394,34 @@ impl Heap {
     }
 }
 
+/// An opaque reference to some out-of-line immediates for `heap_{load,store}`
+/// instructions.
+///
+/// These immediates are too large to store in
+/// [`InstructionData`](super::instructions::InstructionData) and therefore must
+/// be tracked separately in
+/// [`DataFlowGraph::heap_imms`](super::dfg::DataFlowGraph). `HeapImm` provides
+/// a way to reference values stored there.
+///
+/// While the order is stable, it is arbitrary.
+#[derive(Copy, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
+#[cfg_attr(feature = "enable-serde", derive(Serialize, Deserialize))]
+pub struct HeapImm(u32);
+entity_impl!(HeapImm, "heap_imm");
+
+impl HeapImm {
+    /// Create a new `HeapImm` reference from its number.
+    ///
+    /// This method is for use by the parser.
+    pub fn with_number(n: u32) -> Option<Self> {
+        if n < u32::MAX {
+            Some(Self(n))
+        } else {
+            None
+        }
+    }
+}
+
 /// An opaque reference to a [WebAssembly
 /// table](https://developer.mozilla.org/en-US/docs/WebAssembly/Understanding_the_text_format#WebAssembly_tables).
 ///

cranelift/codegen/src/ir/immediates.rs

@@ -4,6 +4,7 @@
 //! Each type here should have a corresponding definition in the
 //! `cranelift-codegen/meta/src/shared/immediates` crate in the meta language.
 
+use crate::ir;
 use alloc::vec::Vec;
 use core::cmp::Ordering;
 use core::convert::TryFrom;
@@ -1177,6 +1178,18 @@ impl Not for Ieee64 {
     }
 }
 
+/// Out-of-line heap access immediates.
+#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash)]
+#[cfg_attr(feature = "enable-serde", derive(Serialize, Deserialize))]
+pub struct HeapImmData {
+    /// The memory flags for the heap access.
+    pub flags: ir::MemFlags,
+    /// The heap being accessed.
+    pub heap: ir::Heap,
+    /// The static offset added to the heap access's index.
+    pub offset: Uimm32,
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;

cranelift/codegen/src/ir/mod.rs

@@ -37,8 +37,8 @@ pub use crate::ir::constant::{ConstantData, ConstantPool};
 pub use crate::ir::dfg::{DataFlowGraph, ValueDef};
 pub use crate::ir::dynamic_type::{dynamic_to_fixed, DynamicTypeData, DynamicTypes};
 pub use crate::ir::entities::{
-    Block, Constant, DynamicStackSlot, DynamicType, FuncRef, GlobalValue, Heap, Immediate, Inst,
-    JumpTable, SigRef, StackSlot, Table, UserExternalNameRef, Value,
+    Block, Constant, DynamicStackSlot, DynamicType, FuncRef, GlobalValue, Heap, HeapImm, Immediate,
+    Inst, JumpTable, SigRef, StackSlot, Table, UserExternalNameRef, Value,
 };
 pub use crate::ir::extfunc::{
     AbiParam, ArgumentExtension, ArgumentPurpose, ExtFuncData, Signature,

cranelift/codegen/src/isa/aarch64/lower_inst.rs

@@ -139,8 +139,8 @@ pub(crate) fn lower_insn_to_regs(
             panic!("Direct stack memory access not supported; should not be used by Wasm");
         }
 
-        Opcode::HeapAddr => {
-            panic!("heap_addr should have been removed by legalization!");
+        Opcode::HeapLoad | Opcode::HeapStore | Opcode::HeapAddr => {
+            panic!("heap access instructions should have been removed by legalization!");
         }
 
         Opcode::TableAddr => {

cranelift/codegen/src/isa/s390x/lower.rs

@@ -212,8 +212,8 @@ impl LowerBackend for S390xBackend {
             Opcode::StackLoad | Opcode::StackStore => {
                 panic!("Direct stack memory access not supported; should not be used by Wasm");
             }
-            Opcode::HeapAddr => {
-                panic!("heap_addr should have been removed by legalization!");
+            Opcode::HeapLoad | Opcode::HeapStore | Opcode::HeapAddr => {
+                panic!("heap access instructions should have been removed by legalization!");
             }
             Opcode::TableAddr => {
                 panic!("table_addr should have been removed by legalization!");

cranelift/codegen/src/isa/x64/lower.rs

@@ -549,8 +549,8 @@ fn lower_insn_to_regs(
             panic!("global_value should have been removed by legalization!");
         }
 
-        Opcode::HeapAddr => {
-            panic!("heap_addr should have been removed by legalization!");
+        Opcode::HeapLoad | Opcode::HeapStore | Opcode::HeapAddr => {
+            panic!("heap access instructions should have been removed by legalization!");
         }
 
         Opcode::TableAddr => {