Wasmtime GitHub notifications bot (Jan 26 2025 at 00:09): Wasmtime GitHub notifications bot (Jan 26 2025 at 00:09):alexcrichton added the fuzz-bug label to Issue #10115.
Wasmtime GitHub notifications bot (Jan 26 2025 at 00:09):alexcrichton added the wasm-proposal:simd label to Issue #10115.
Wasmtime GitHub notifications bot (Jan 26 2025 at 00:09):alexcrichton added the winch label to Issue #10115.
Wasmtime GitHub notifications bot (Jan 26 2025 at 00:09):alexcrichton opened issue #10115:
Found via OSS-Fuzz this fails locally:
$ cargo run -q wast -C compiler=winch ./tests/spec_testsuite/simd_load_extend.wast -W fuel=$((1<<62)) Error: failed to run script file './tests/spec_testsuite/simd_load_extend.wast' Caused by: 0: failed directive on ./tests/spec_testsuite/simd_load_extend.wast:163:1 1: error while executing at wasm backtrace: 0: <unknown>!<wasm function 0> 2: wasm trap: all fuel consumed by WebAssemblywhile this passes:
$ cargo run -q wast -C compiler=winch ./tests/spec_testsuite/simd_load_extend.wastBisection points at https://github.com/bytecodealliance/wasmtime/pull/9950 so I think this isn't a regression and it was just discovered via fuzzing recently. (cc @jeffcharles)
Wasmtime GitHub notifications bot (Jan 27 2025 at 15:11):jeffcharles commented on issue #10115:
Interesting! For another data point, I tried running
cargo run -q wast -C compiler=cranelift ./tests/spec_testsuite/simd_load_extend.wast -W fuel=$((1<<62))and that command seems to have the same output of a wasm trap with all fuel consumed by WebAssembly.
Wasmtime GitHub notifications bot (Jan 27 2025 at 15:36):alexcrichton commented on issue #10115:
Oops, definitely looks like a bisection gone wrong! I'll restart again from the fuzz bug and see what happens.
Wasmtime GitHub notifications bot (Jan 27 2025 at 17:14):alexcrichton commented on issue #10115:
Ok now with https://github.com/bytecodealliance/wasmtime/pull/10123 it's much easier to reproduce and now I get:
$ cargo run wast ./tests/spec_testsuite/simd_load_extend.wast -Ccompiler=winch -Omemory-reservation=0 -Omemory-reservation-for-growth=0 -Omemory-guard-size=0 Error: failed to run script file './tests/spec_testsuite/simd_load_extend.wast' Caused by: 0: failed directive on ./tests/spec_testsuite/simd_load_extend.wast:230:1 1: expected trap, got Core([V128(39470863835196892219191952515)])where this matches the actual OSS-Fuzz test case too (I mistakenly thought the fuel error was what oss-fuzz uncovered).
I'll note that I haven't re-bisected, though.
Wasmtime GitHub notifications bot (Jan 27 2025 at 20:29):saulecabrera closed issue #10115:
Found via OSS-Fuzz this fails locally:
$ cargo run -q wast -C compiler=winch ./tests/spec_testsuite/simd_load_extend.wast -W fuel=$((1<<62)) Error: failed to run script file './tests/spec_testsuite/simd_load_extend.wast' Caused by: 0: failed directive on ./tests/spec_testsuite/simd_load_extend.wast:163:1 1: error while executing at wasm backtrace: 0: <unknown>!<wasm function 0> 2: wasm trap: all fuel consumed by WebAssemblywhile this passes:
$ cargo run -q wast -C compiler=winch ./tests/spec_testsuite/simd_load_extend.wastBisection points at https://github.com/bytecodealliance/wasmtime/pull/9950 so I think this isn't a regression and it was just discovered via fuzzing recently. (cc @jeffcharles)
Last updated: Feb 28 2025 at 03:10 UTC