Robbepop opened PR #7791 from Robbepop:rf-update-wasmi-fuzzer
to bytecodealliance:main
:
Currently Wasmtime uses the 2 years old Wasmi version
0.20.0
.Since then Wasmi has improved substantially and added support for new Wasm proposals such as
bulk-memory
,reference-types
andtail-calls
which we can now enable.Besides that the most notable change are performance improvements which should make fuzzing with Wasmi a tiny bit faster.
Robbepop requested alexcrichton for a review on PR #7791.
Robbepop requested wasmtime-core-reviewers for a review on PR #7791.
Robbepop requested wasmtime-default-reviewers for a review on PR #7791.
Robbepop edited PR #7791:
Currently Wasmtime uses the 2 years old Wasmi version
0.20.0
.Since then Wasmi has improved substantially and added support for new Wasm proposals such as
bulk-memory
,reference-types
andtail-calls
which we can now enable.
Wasmiv0.31.0
has recently been audited and is used by some large projects, thus is a lot more battle tested than the previousv0.20.0
.Besides that the most notable change are performance improvements which should make fuzzing with Wasmi a tiny bit faster.
Robbepop edited PR #7791:
Currently Wasmtime uses the 2 years old Wasmi version
0.20.0
.Since then Wasmi has improved substantially and added support for new Wasm proposals such as
bulk-memory
,reference-types
andtail-calls
which we can now enable.
Wasmiv0.31.0
has recently been audited and is used by some large projects, thus is a lot more battle tested than the previousv0.20.0
.Besides that the most notable change are performance improvements which should make fuzzing with Wasmi a tiny bit faster.
Look into the future: Since roughly half a year I am working on the next major Wasmi version
v0.32.0
which is a complete rewrite of the Wasmi executor featuring a much more powerful register-machine execution model. I hope that it becomes stable enough for use soon to provide it as fuzzing oracle to Wasmtime. Due to the changes we refer to the new Wasmi version as Wasmi (register) and the old Wasmi as Wasmi (stack). It might even make sense to have both versions as oracles at the same time because they have very different strengths.
Robbepop edited PR #7791:
Currently Wasmtime uses the 2 years old Wasmi version
0.20.0
.Since then Wasmi has improved substantially and added support for new Wasm proposals such as
bulk-memory
,reference-types
andtail-calls
which we can now enable.
Wasmiv0.31.0
has recently been audited and is used by some large projects, thus is a lot more battle tested than the previousv0.20.0
.Besides that the most notable change are performance improvements which should make fuzzing with Wasmi a tiny bit faster.
Look into the future: Since roughly half a year I am working on the next major Wasmi version
v0.32.0
which is a complete rewrite of the Wasmi executor featuring a much more powerful register-machine execution model and optional lazy compilation & validation. I hope that it becomes stable enough for use soon to provide it as fuzzing oracle to Wasmtime. Due to the changes we refer to the new Wasmi version as Wasmi (register) and the old Wasmi as Wasmi (stack). It might even make sense to have both versions as oracles at the same time because they have very different strengths.
Robbepop commented on PR #7791:
With respect to
cargo vet
:wasmi:0.31.1 missing ["safe-to-run"] wasmi_arena:0.4.0 missing ["safe-to-run"] wasmi_core:0.13.0 missing ["safe-to-run"] wasmparser-nostd:0.100.1 missing ["safe-to-run"]
All those crates are maintained by Wasmi maintainers (me).
github-actions[bot] commented on PR #7791:
Subscribe to Label Action
cc @fitzgen
<details>
This issue or pull request has been labeled: "fuzzing"Thus the following users have been cc'd because of the following labels:
- fitzgen: fuzzing
To subscribe or unsubscribe from this label, edit the <code>.github/subscribe-to-label.json</code> configuration file.
Learn more.
</details>
Robbepop updated PR #7791.
Robbepop updated PR #7791.
Robbepop commented on PR #7791:
I am a bit unsure about the new
wasmi::Config
handling indiff_wasmi.rs
with the mutableConfig
parameter inWasmiEngine::new
.
Robbepop edited a comment on PR #7791:
I am a bit unsure about the new
wasmi::Config
handling indiff_wasmi.rs
with the mutableConfig
parameter inWasmiEngine::new
. Review & feedback required.
Robbepop edited a comment on PR #7791:
I am a bit unsure about the new
wasmi::Config
handling indiff_wasmi.rs
with the mutableConfig
parameter inWasmiEngine::new
. Review & feedback required.
In the changes I made Wasmi now better respects the inputconfig
and adjusts itswasmi::Config
to it as much as possible and sets the otherconfig
flags tofalse
in case Wasmi does not support that feature, yet.
alexcrichton submitted PR review:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.
alexcrichton submitted PR review:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.
alexcrichton created PR review comment:
This all looks right to me, thanks! The intention here is that the differential engine (wasmi here) both configures itself based on
Config
but additionally updatesConfig
with anything it can't support. So for example simd is disabled here unconditionally inConfig
because wasmi doesn't support it, but you're doing the right thing otherwise where features are conditionally enabled in wasmi depending onConfig
for those that wasmi supports.Two minor comments here:
- This is setting
threads_enabled = false
twice- The
min_tables
andmax_tables
handling can probably be removed if wasmi supports reference types which is where multiple tables were added.If you'd like, it might be good to leave some comments here too along the lines of:
// force generated modules to never have features that wasmi doesn't support
or something like that
Robbepop updated PR #7791.
Robbepop submitted PR review.
Robbepop created PR review comment:
I have implemented your code review suggestions.
Robbepop commented on PR #7791:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.Wasmi
v0.31.0
is no longer in development so I am not going to support the standardwasmparser
for it, however, I am going to think about the implications doing so for future Wasmi versions starting fromv0.32.0
once released. Since Wasmi already has astd
crate feature it might be simple to just usewasmparser
if it is enabled and usewasmparser-nostd
otherwise.
Robbepop edited a comment on PR #7791:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.Wasmi
v0.31.0
is no longer in development so I am not going to support the standardwasmparser
for it, however, I am going to think about the implications doing so for future Wasmi versions starting fromv0.32.0
once released. Since Wasmi already has astd
crate feature it might be simple to just usewasmparser
if it is enabled and usewasmparser-nostd
otherwise.From Wasmi's perspective though it would obviously the most ideal solution to simply have
no_std
support in thewasmparser
crate.
Robbepop edited a comment on PR #7791:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.Wasmi
v0.31.0
is no longer in development so I am not going to support the standardwasmparser
for it, however, I am going to think about the implications doing so for future Wasmi versions starting fromv0.32.0
once released. Since Wasmi already has astd
crate feature it might be simple to just usewasmparser
if it is enabled and usewasmparser-nostd
otherwise.From Wasmi's perspective though it would obviously the most ideal solution to simply have
no_std
support in thewasmparser
crate. Maintaining thewasmparser_nostd
fork is okay but not perfect for synchronization.
Robbepop edited a comment on PR #7791:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.Wasmi
v0.31.0
is no longer in development so I am not going to support the standardwasmparser
for it, however, I am going to think about the implications doing so for future Wasmi versions starting fromv0.32.0
once released. Since Wasmi already has astd
crate feature it might be simple to just usewasmparser
if it is enabled and usewasmparser-nostd
otherwise.I have have a wishful thinking for
no_std
support in the officialwasmparser
crate one day. :)
Robbepop edited a comment on PR #7791:
Thanks!
To avoid a new vet of
wasmparser-nostd
would it be possible to conditionally build wasmi with the officialwasmparser
crate instead? That way we could get that auto-vetted.Wasmi
v0.31.0
is no longer in development so I am not going to support the standardwasmparser
for it, however, I am going to think about the implications doing so for future Wasmi versions starting fromv0.32.0
once released. Since Wasmi already has astd
crate feature it might be simple to just usewasmparser
if it is enabled and usewasmparser-nostd
otherwise.I have a wishful thinking for
no_std
support in the officialwasmparser
crate one day. :)
alexcrichton commented on PR #7791:
Ah ok, in that case this is going to have to hold off until one of us gets a chance to vet the dependencies here. I'm stretched a bit thin at the moment so it may be a bit before I can personally get to this (but others can of course beat me to it)
Robbepop commented on PR #7791:
Please tell me if and how I can help with vetting. :)
alexcrichton commented on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
Robbepop commented on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. I never intended this to be a long lasting effort but here we are.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There are a good deal of unit, integration, e2e and fuzz tests.
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies some many months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. I never intended this to be a long lasting effort but here we are.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There are a good deal of unit, integration, e2e and fuzz tests.
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. I never intended this to be a long lasting effort but here we are.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. I never intended this to be a long lasting effort but here we are. In that spirit I think it even lacks tests butwasmparser-nostd
passes thewasmparser
testsuite so I thought it would be good enough as temporary solution at that time.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. Focus was to write it as simple as possible since I never intended this to be a long lasting effort but here we are. In that spirit I think it even lacks tests butwasmparser-nostd
passes thewasmparser
testsuite so I thought it would be good enough as temporary solution at that time.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. Focus was to write it as simple as possible since I never intended this to be a long lasting effort but here we are. In that spirit I think it even lacks tests butwasmparser-nostd
passes thewasmparser
testsuite so I thought it would be good enough as temporary solution at that time.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz) (ignoring the
indexmap-nostd
crate)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much less complex than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. Focus was to write it as simple as possible since I never intended this to be a long lasting effort but here we are. In that spirit I think it even lacks tests butwasmparser-nostd
passes thewasmparser
testsuite so I thought it would be good enough as temporary solution at that time.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz) (ignoring the
indexmap-nostd
crate)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.0
is already used in production by different companies for some months.
- Wasmiv0.31.0
has received a security audit by SRLabs.
- Wasmi0.31.0
is much simpler than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.Thanks for catching this bug! The code is quite old and hasn't seen a lot of love lately.
Otherwise the
wasmparser-nostd
diff is quite large or larger than I remember from thewasmparser
diff, so diffing those directories is requiring a good deal of time to go through to verify it's the same. Additionally I haven't even gotten towasmi
yet which glancing at it is quite large and additionally contains a good deal ofunsafe
code to check.The unfortunate truth is that especially with the component model a lot of very
no_std
unfriendly abstractions such as theIndexMap
has been added which required me to come up with my ownno_std
friendly version of it. Focus was to write it as simple as possible since I never intended this to be a long lasting effort but here we are. In that spirit I think it even lacks tests butwasmparser-nostd
passes thewasmparser
testsuite so I thought it would be good enough as temporary solution at that time.Currently though wasmi is only used for fuzzing so it doesn't necessarily need a thorough review or strict vetting. Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
To provide you with a bit of transparency here about the state of Wasmi:
Cons:
- I work on the project alone.
- There are pretty much no code reviews due to above point.
- There is a fair amount ofunsafe
code use, but mostly in the Wasmi bytecode executor.Pros:
- There is a good deal of tests. (unit, integration, e2e, fuzz) (ignoring the
indexmap-nostd
crate)
- We do have a very extensive CI (incl.miri
)
- Wasmiv0.31.1
is already used in production by different companies for some months.
- Wasmiv0.31.1
has received a security audit by SRLabs.
- Wasmi0.31.1
is much simpler than the Wasmiv0.32.0-beta.n
(onmaster
).
Robbepop updated PR #7791.
Robbepop commented on PR #7791:
I just made this use Wasmi
v0.31.1
instead ofv0.31.0
which is more explicit. Note thatv0.31.0
got yanked some time ago.
Robbepop edited a comment on PR #7791:
I just made this use Wasmi
v0.31.1
instead ofv0.31.0
which is more explicit. Note thatv0.31.0
got yanked some time ago so even previously we already used0.31.1
.
pchickey commented on PR #7791:
Do others have thoughts on whether we should add exemptions for this dependency as opposed to vetting it?
I'm happy with adding a cargo vet exemption for
wasmi 0.31.1
which notes that its only intended to be used in the context of testing. I don't think there is any real benefit to our project to have a higher bar than wasmi already meets for the sake of a fuzzing oracle.
fitzgen commented on PR #7791:
I'm happy with adding a cargo vet exemption for
wasmi 0.31.1
which notes that its only intended to be used in the context of testing. I don't think there is any real benefit to our project to have a higher bar than wasmi already meets for the sake of a fuzzing oracle.Agreed.
Robbepop commented on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.btw. I just published a new
wasmi_arena v0.4.1
and yankedv0.4.0
with the unsoundness fix. (https://crates.io/crates/wasmi_arena/0.4.1)
Robbepop edited a comment on PR #7791:
Reading over some code I think that this impl is not sound as it's supposed to be
T: Sync
. Additionally though I don't think you should need theunsafe impl
at all. You can try changing thePhantomData
to eitherfn() -> Idx
orfn(Idx)
I think as one of them might require the impl and one might not.btw. I just published a new
wasmi_arena v0.4.1
patch release and yankedv0.4.0
.
alexcrichton commented on PR #7791:
Ok I've posted https://github.com/bytecodealliance/wasmtime/pull/7810 with new vet metadata. If you rebase this PR on top of that once it lands should be good to go
Robbepop updated PR #7791.
Robbepop commented on PR #7791:
Something went terribly wrong with the rebase ... let me investigate ...
Robbepop updated PR #7791.
Robbepop deleted a comment on PR #7791:
Something went terribly wrong with the rebase ... let me investigate ...
Robbepop updated PR #7791.
alexcrichton submitted PR review:
Thanks for the patience while we figure out the vetting, and thanks again for helping us out with the update!
Robbepop commented on PR #7791:
Thanks for the patience while we figure out the vetting, and thanks again for helping us out with the update!
Happy to help and thanks for having Wasmi as fuzzing oracle! :)
alexcrichton merged PR #7791.
Last updated: Dec 23 2024 at 12:05 UTC