Wasmtime GitHub notifications bot (Apr 14 2020 at 09:57): Wasmtime GitHub notifications bot (Apr 14 2020 at 09:57):pventuzelo opened Issue #1506:
Description
I found a bug during fuzzing wasmtime with cranelift backend and almost all features enabled in the config (specifically
config.debug_info(true)). The bug seems to be related to generation of DWARF debugging.Maybe related to https://github.com/bytecodealliance/wasmtime/issues/1489
@yurydelendikCrash
./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm Start debugging of wasmtime_all_cranelift file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.What are the steps to reproduce the issue?
Download the crashing file:
assert_wasmtime_debug_simulated_dwarf.zipTesting piece of code:
use wasmtime::{Config, Engine, Module, Store, Strategy}; // read data from provided file let data = read_contents_from_path(&args[1]).expect("cannot read file content"); let mut config = Config::new(); match config.strategy(Strategy::Cranelift) { Ok(o) => o, _ => return, }; config .debug_info(true) .wasm_threads(true) .wasm_reference_types(true) .wasm_simd(true) .wasm_bulk_memory(true) .wasm_multi_value(true); let store = Store::new(&Engine::new(&config)); let _module = Module::from_binary(&store, &data); }Which Wasmtime version / commit hash / branch are you using?
crates version:
wasmtime = "0.15"BACKTRACE
RUST_BACKTRACE=1 ./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 stack backtrace: 0: backtrace::backtrace::libunwind::trace at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88 [...] 11: std::panicking::begin_panic at /rustc/85976442558bf2d09cec3aa49c9c9ba86fb15c1f/src/libstd/panicking.rs:390 12: gimli::write::str::StringTable::add at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/<::std::macros::panic macros>:2 ==> 13: wasmtime_debug::transform::simulate::generate_simulated_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/simulate.rs:293 ==> 14: wasmtime_debug::transform::transform_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/mod.rs:107 ==> 15: wasmtime_debug::emit_debugsections_image ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/lib.rs:82 16: wasmtime_jit::compiler::Compiler::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/compiler.rs:215 17: wasmtime_jit::instantiate::RawCompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:83 18: wasmtime_jit::instantiate::CompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:154 19: wasmtime::module::Module::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:366 20: wasmtime::module::Module::from_binary_unchecked at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:335 21: wasmtime::module::Module::from_binary at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:304 [...] 32: main 33: __libc_start_main 34: _start note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
Wasmtime GitHub notifications bot (Apr 14 2020 at 09:57):pventuzelo labeled Issue #1506:
Description
I found a bug during fuzzing wasmtime with cranelift backend and almost all features enabled in the config (specifically
config.debug_info(true)). The bug seems to be related to generation of DWARF debugging.Maybe related to https://github.com/bytecodealliance/wasmtime/issues/1489
@yurydelendikCrash
./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm Start debugging of wasmtime_all_cranelift file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.What are the steps to reproduce the issue?
Download the crashing file:
assert_wasmtime_debug_simulated_dwarf.zipTesting piece of code:
use wasmtime::{Config, Engine, Module, Store, Strategy}; // read data from provided file let data = read_contents_from_path(&args[1]).expect("cannot read file content"); let mut config = Config::new(); match config.strategy(Strategy::Cranelift) { Ok(o) => o, _ => return, }; config .debug_info(true) .wasm_threads(true) .wasm_reference_types(true) .wasm_simd(true) .wasm_bulk_memory(true) .wasm_multi_value(true); let store = Store::new(&Engine::new(&config)); let _module = Module::from_binary(&store, &data); }Which Wasmtime version / commit hash / branch are you using?
crates version:
wasmtime = "0.15"BACKTRACE
RUST_BACKTRACE=1 ./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 stack backtrace: 0: backtrace::backtrace::libunwind::trace at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88 [...] 11: std::panicking::begin_panic at /rustc/85976442558bf2d09cec3aa49c9c9ba86fb15c1f/src/libstd/panicking.rs:390 12: gimli::write::str::StringTable::add at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/<::std::macros::panic macros>:2 ==> 13: wasmtime_debug::transform::simulate::generate_simulated_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/simulate.rs:293 ==> 14: wasmtime_debug::transform::transform_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/mod.rs:107 ==> 15: wasmtime_debug::emit_debugsections_image ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/lib.rs:82 16: wasmtime_jit::compiler::Compiler::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/compiler.rs:215 17: wasmtime_jit::instantiate::RawCompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:83 18: wasmtime_jit::instantiate::CompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:154 19: wasmtime::module::Module::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:366 20: wasmtime::module::Module::from_binary_unchecked at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:335 21: wasmtime::module::Module::from_binary at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:304 [...] 32: main 33: __libc_start_main 34: _start note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
Wasmtime GitHub notifications bot (Apr 14 2020 at 10:02):pventuzelo edited Issue #1506:
Description
I found a reachable assertion (CWE-617) during fuzzing wasmtime with cranelift backend and almost all features enabled in the config (specifically
config.debug_info(true)). The bug seems to be related to generation of DWARF debugging.Maybe related to https://github.com/bytecodealliance/wasmtime/issues/1489
@yurydelendikCrash
./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm Start debugging of wasmtime_all_cranelift file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.What are the steps to reproduce the issue?
Download the crashing file:
assert_wasmtime_debug_simulated_dwarf.zipTesting piece of code:
use wasmtime::{Config, Engine, Module, Store, Strategy}; // read data from provided file let data = read_contents_from_path(&args[1]).expect("cannot read file content"); let mut config = Config::new(); match config.strategy(Strategy::Cranelift) { Ok(o) => o, _ => return, }; config .debug_info(true) .wasm_threads(true) .wasm_reference_types(true) .wasm_simd(true) .wasm_bulk_memory(true) .wasm_multi_value(true); let store = Store::new(&Engine::new(&config)); let _module = Module::from_binary(&store, &data); }Which Wasmtime version / commit hash / branch are you using?
crates version:
wasmtime = "0.15"BACKTRACE
RUST_BACKTRACE=1 ./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 stack backtrace: 0: backtrace::backtrace::libunwind::trace at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88 [...] 11: std::panicking::begin_panic at /rustc/85976442558bf2d09cec3aa49c9c9ba86fb15c1f/src/libstd/panicking.rs:390 12: gimli::write::str::StringTable::add at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/<::std::macros::panic macros>:2 ==> 13: wasmtime_debug::transform::simulate::generate_simulated_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/simulate.rs:293 ==> 14: wasmtime_debug::transform::transform_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/mod.rs:107 ==> 15: wasmtime_debug::emit_debugsections_image ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/lib.rs:82 16: wasmtime_jit::compiler::Compiler::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/compiler.rs:215 17: wasmtime_jit::instantiate::RawCompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:83 18: wasmtime_jit::instantiate::CompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:154 19: wasmtime::module::Module::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:366 20: wasmtime::module::Module::from_binary_unchecked at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:335 21: wasmtime::module::Module::from_binary at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:304 [...] 32: main 33: __libc_start_main 34: _start note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
Wasmtime GitHub notifications bot (Apr 14 2020 at 20:21):yurydelendik closed Issue #1506:
Description
I found a reachable assertion (CWE-617) during fuzzing wasmtime with cranelift backend and almost all features enabled in the config (specifically
config.debug_info(true)). The bug seems to be related to generation of DWARF debugging.Maybe related to https://github.com/bytecodealliance/wasmtime/issues/1489
@yurydelendikCrash
./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm Start debugging of wasmtime_all_cranelift file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.What are the steps to reproduce the issue?
Download the crashing file:
assert_wasmtime_debug_simulated_dwarf.zipTesting piece of code:
use wasmtime::{Config, Engine, Module, Store, Strategy}; // read data from provided file let data = read_contents_from_path(&args[1]).expect("cannot read file content"); let mut config = Config::new(); match config.strategy(Strategy::Cranelift) { Ok(o) => o, _ => return, }; config .debug_info(true) .wasm_threads(true) .wasm_reference_types(true) .wasm_simd(true) .wasm_bulk_memory(true) .wasm_multi_value(true); let store = Store::new(&Engine::new(&config)); let _module = Module::from_binary(&store, &data); }Which Wasmtime version / commit hash / branch are you using?
crates version:
wasmtime = "0.15"BACKTRACE
RUST_BACKTRACE=1 ./target/debug/debug_wasmtime_all_cranelift assert_wasmtime_debug_simulated_dwarf.wasm file_to_process: "assert_wasmtime_debug_simulated_dwarf.wasm" thread 'main' panicked at 'assertion failed: !bytes.contains(&0)', <::std::macros::panic macros>:2:4 stack backtrace: 0: backtrace::backtrace::libunwind::trace at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88 [...] 11: std::panicking::begin_panic at /rustc/85976442558bf2d09cec3aa49c9c9ba86fb15c1f/src/libstd/panicking.rs:390 12: gimli::write::str::StringTable::add at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/<::std::macros::panic macros>:2 ==> 13: wasmtime_debug::transform::simulate::generate_simulated_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/simulate.rs:293 ==> 14: wasmtime_debug::transform::transform_dwarf ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/transform/mod.rs:107 ==> 15: wasmtime_debug::emit_debugsections_image ==> at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-debug-0.15.0/src/lib.rs:82 16: wasmtime_jit::compiler::Compiler::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/compiler.rs:215 17: wasmtime_jit::instantiate::RawCompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:83 18: wasmtime_jit::instantiate::CompiledModule::new at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-jit-0.15.0/src/instantiate.rs:154 19: wasmtime::module::Module::compile at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:366 20: wasmtime::module::Module::from_binary_unchecked at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:335 21: wasmtime::module::Module::from_binary at /home/scop/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmtime-0.15.0/src/module.rs:304 [...] 32: main 33: __libc_start_main 34: _start note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
Wasmtime GitHub notifications bot (Apr 14 2020 at 20:24):yurydelendik commented on Issue #1506:
Thank you for the report!
Last updated: Nov 22 2024 at 17:03 UTC