Wasmtime GitHub notifications bot (Jul 19 2021 at 18:44): Wasmtime GitHub notifications bot (Jul 19 2021 at 18:44):alexcrichton labeled issue #3099:
Given this input:
(module (memory 0) (func (param v128 i32) local.get 1 local.get 0 local.get 0 i8x16.eq v128.store) )wasmtime yields:
$ wasmtime bar.wat --enable-simd --enable-cranelift-debug-verifier Error: failed to run main module `bar.wat` Caused by: 0: WebAssembly failed to compile 1: Compilation error: function u0:0(i64 vmctx, i64, i8x16, i32) fast { gv0 = vmctx gv1 = load.i64 notrap aligned readonly gv0 gv2 = load.i64 notrap aligned gv1 gv3 = vmctx gv4 = load.i64 notrap aligned readonly gv3+36 heap0 = static gv4, min 0, bound 0x0001_0000_0000, offset_guard 0x8000_0000, index_type i32 stack_limit = gv2 block0(v0: i64, v1: i64, v2: i8x16, v3: i32): @0024 v4 = icmp eq v2, v2 @0026 v5 = heap_addr.i64 heap0, v3, 1 @0026 store little v4, v5 ;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ; error: inst2 (store.b8x16 little v4, v5): has an invalid controlling type b8x16 @002a jump block1 block1: @002a return } ; 1 verifier error detected (see above). Compilation aborted.
Wasmtime GitHub notifications bot (Jul 19 2021 at 18:44):alexcrichton opened issue #3099:
Given this input:
(module (memory 0) (func (param v128 i32) local.get 1 local.get 0 local.get 0 i8x16.eq v128.store) )wasmtime yields:
$ wasmtime bar.wat --enable-simd --enable-cranelift-debug-verifier Error: failed to run main module `bar.wat` Caused by: 0: WebAssembly failed to compile 1: Compilation error: function u0:0(i64 vmctx, i64, i8x16, i32) fast { gv0 = vmctx gv1 = load.i64 notrap aligned readonly gv0 gv2 = load.i64 notrap aligned gv1 gv3 = vmctx gv4 = load.i64 notrap aligned readonly gv3+36 heap0 = static gv4, min 0, bound 0x0001_0000_0000, offset_guard 0x8000_0000, index_type i32 stack_limit = gv2 block0(v0: i64, v1: i64, v2: i8x16, v3: i32): @0024 v4 = icmp eq v2, v2 @0026 v5 = heap_addr.i64 heap0, v3, 1 @0026 store little v4, v5 ;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ; error: inst2 (store.b8x16 little v4, v5): has an invalid controlling type b8x16 @002a jump block1 block1: @002a return } ; 1 verifier error detected (see above). Compilation aborted.
Wasmtime GitHub notifications bot (Jul 19 2021 at 20:31):abrown commented on issue #3099:
I haven't dug into this but I think it may be related to #1147: due to not having a generic
v128type in CLIF we are forced toraw_bitcastto and from a default vector type,i8x16. Perhaps the stores need to haveraw_bitcasts before them incode_translator.rs?
Wasmtime GitHub notifications bot (Aug 17 2021 at 18:40):alexcrichton commented on issue #3099:
The fuzzers have rediscovered this today with:
(module (type (;0;) (func (param funcref funcref funcref f64 f64))) (func (;0;) (type 0) (param funcref funcref funcref f64 f64) i32.const 8 v128.const i32x4 0x00000000 0x00000000 0x00000000 0x00000000 v128.const i32x4 0x00000000 0x00000000 0x00000000 0x00000000 i16x8.le_u v128.store offset=3) (memory (;0;) 3426 12143))
Wasmtime GitHub notifications bot (Aug 17 2021 at 18:40):alexcrichton labeled issue #3099:
Given this input:
(module (memory 0) (func (param v128 i32) local.get 1 local.get 0 local.get 0 i8x16.eq v128.store) )wasmtime yields:
$ wasmtime bar.wat --enable-simd --enable-cranelift-debug-verifier Error: failed to run main module `bar.wat` Caused by: 0: WebAssembly failed to compile 1: Compilation error: function u0:0(i64 vmctx, i64, i8x16, i32) fast { gv0 = vmctx gv1 = load.i64 notrap aligned readonly gv0 gv2 = load.i64 notrap aligned gv1 gv3 = vmctx gv4 = load.i64 notrap aligned readonly gv3+36 heap0 = static gv4, min 0, bound 0x0001_0000_0000, offset_guard 0x8000_0000, index_type i32 stack_limit = gv2 block0(v0: i64, v1: i64, v2: i8x16, v3: i32): @0024 v4 = icmp eq v2, v2 @0026 v5 = heap_addr.i64 heap0, v3, 1 @0026 store little v4, v5 ;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ; error: inst2 (store.b8x16 little v4, v5): has an invalid controlling type b8x16 @002a jump block1 block1: @002a return } ; 1 verifier error detected (see above). Compilation aborted.
Wasmtime GitHub notifications bot (Aug 18 2021 at 14:42):alexcrichton commented on issue #3099:
Another fuzz bug came in today about this, so to confirm this affects all lane widths of boolean vectors, not just
b8x16but alsob16x8,b32x4, andb64x2produced by all the other forms of comparison instructions.
Wasmtime GitHub notifications bot (Aug 18 2021 at 17:16):alexcrichton closed issue #3099:
Given this input:
(module (memory 0) (func (param v128 i32) local.get 1 local.get 0 local.get 0 i8x16.eq v128.store) )wasmtime yields:
$ wasmtime bar.wat --enable-simd --enable-cranelift-debug-verifier Error: failed to run main module `bar.wat` Caused by: 0: WebAssembly failed to compile 1: Compilation error: function u0:0(i64 vmctx, i64, i8x16, i32) fast { gv0 = vmctx gv1 = load.i64 notrap aligned readonly gv0 gv2 = load.i64 notrap aligned gv1 gv3 = vmctx gv4 = load.i64 notrap aligned readonly gv3+36 heap0 = static gv4, min 0, bound 0x0001_0000_0000, offset_guard 0x8000_0000, index_type i32 stack_limit = gv2 block0(v0: i64, v1: i64, v2: i8x16, v3: i32): @0024 v4 = icmp eq v2, v2 @0026 v5 = heap_addr.i64 heap0, v3, 1 @0026 store little v4, v5 ;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ; error: inst2 (store.b8x16 little v4, v5): has an invalid controlling type b8x16 @002a jump block1 block1: @002a return } ; 1 verifier error detected (see above). Compilation aborted.
Last updated: Nov 22 2024 at 16:03 UTC