Stream: git-wasmtime

Topic: wasmtime / issue #7116 Wasmtime doesn't handle malformed ...

view this post on Zulip Wasmtime GitHub notifications bot (Sep 29 2023 at 19:16):

yagehu opened issue #7116:

Test Case

(module
  (type (func))
  (type (func (param i32 i64 i64 i32) (result i32)))
  (type (func (param i32)))
  (import "wasi_snapshot_preview1" "fd_advise" (func $fd_advise (type 1)))
  (import "wasi_snapshot_preview1" "proc_exit" (func $proc_exit (type 2)))
  (func $_start (type 0)
    (call $fd_advise
      i32.const 0
      i64.const 0
      i64.const 0
      i32.const 6 ;; <--
    )
    (call $proc_exit)
  )
  (memory (;0;) 2)
  (export "memory" (memory 0))
  (export "_start" (func $_start))
)

Steps to Reproduce

Run the above WAT file with Wasmtime.

wasmtime run enum.wat

Expected Results

The fd_advise function should return an error code like inval. The advice variant is specified to 6 cases, so i32.const 0 to 5 should be valid. But invalid ones shouldn't crash the runtime.

Actual Results

Wasmtime prints a stacktrace:

Error: failed to run main module `enum.wat`

Caused by:
    0: failed to invoke command default
    1: error while executing at wasm backtrace:
           0:   0x8e - <unknown>!_start
    2: In func wasi_snapshot_preview1::fd_advise at convert Advice: Invalid enum value Advice
    3: Invalid enum value Advice

Versions and Environment

Wasmtime version or commit: 12.0.2

Operating system: macOS Sonoma 14.0

Architecture: amd64

Extra Info

Wasmer seems to do the correct thing here.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 29 2023 at 19:16):

yagehu added the bug label to Issue #7116.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 29 2023 at 19:21):

yagehu edited issue #7116:

Test Case

(module
  (type (func))
  (type (func (param i32 i64 i64 i32) (result i32)))
  (type (func (param i32)))
  (import "wasi_snapshot_preview1" "fd_advise" (func $fd_advise (type 1)))
  (import "wasi_snapshot_preview1" "proc_exit" (func $proc_exit (type 2)))
  (func $_start (type 0)
    (call $fd_advise
      i32.const 0
      i64.const 0
      i64.const 0
      i32.const 6 ;; <--
    )
    (call $proc_exit)
  )
  (memory (;0;) 2)
  (export "memory" (memory 0))
  (export "_start" (func $_start))
)

Steps to Reproduce

Run the above WAT file with Wasmtime.

wasmtime run enum.wat

Expected Results

The fd_advise function should return an error code like inval. The advice variant is specified to 6 cases, so i32.const 0 to 5 should be valid. But invalid ones shouldn't crash the runtime.

Actual Results

Wasmtime prints a stacktrace:

Error: failed to run main module `enum.wat`

Caused by:
    0: failed to invoke command default
    1: error while executing at wasm backtrace:
           0:   0x8e - <unknown>!_start
    2: In func wasi_snapshot_preview1::fd_advise at convert Advice: Invalid enum value Advice
    3: Invalid enum value Advice

Versions and Environment

Wasmtime version or commit: 12.0.2

Operating system: macOS Sonoma 14.0

Architecture: amd64

Extra Info

Wasmer seems to do the correct thing here.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 29 2023 at 19:28):

pchickey commented on issue #7116:

We treat invalid enum tags the same way we treat invalid and misaligned pointers, by trapping. This behavior has not been captured by the witx abi spec https://github.com/WebAssembly/WASI/blob/main/legacy/tools/witx-docs.md. However, it is required by the component-model spec, and so it will be enforced that way from preview 2 forward.

In general, if you made a programming mistake that results in an out-of-bounds enum variant being passed across the wasi abstraction, that isn't a programming error that can be handled dynamically at runtime, but instead a bug that the programmer must fix for their program to execute correctly. So, I don't think we should change this behavior. If you'd like to argue for it to be specified otherwise, we can hear from other spec implementors over in the WASI repo, but preview 1 behavior is water under the bridge at this point and I'm most interested in specifying preview 2 at this time.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 29 2023 at 19:28):

pchickey closed issue #7116:

Test Case

(module
  (type (func))
  (type (func (param i32 i64 i64 i32) (result i32)))
  (type (func (param i32)))
  (import "wasi_snapshot_preview1" "fd_advise" (func $fd_advise (type 1)))
  (import "wasi_snapshot_preview1" "proc_exit" (func $proc_exit (type 2)))
  (func $_start (type 0)
    (call $fd_advise
      i32.const 0
      i64.const 0
      i64.const 0
      i32.const 6 ;; <--
    )
    (call $proc_exit)
  )
  (memory (;0;) 2)
  (export "memory" (memory 0))
  (export "_start" (func $_start))
)

Steps to Reproduce

Run the above WAT file with Wasmtime.

wasmtime run enum.wat

Expected Results

The fd_advise function should return an error code like inval. The advice variant is specified to 6 cases, so i32.const 0 to 5 should be valid. But invalid ones shouldn't crash the runtime.

Actual Results

Wasmtime prints a stacktrace:

Error: failed to run main module `enum.wat`

Caused by:
    0: failed to invoke command default
    1: error while executing at wasm backtrace:
           0:   0x8e - <unknown>!_start
    2: In func wasi_snapshot_preview1::fd_advise at convert Advice: Invalid enum value Advice
    3: Invalid enum value Advice

Versions and Environment

Wasmtime version or commit: 12.0.2

Operating system: macOS Sonoma 14.0

Architecture: amd64

Extra Info

Wasmer seems to do the correct thing here.

Last updated: Nov 22 2024 at 16:03 UTC