Wasmtime GitHub notifications bot (Jan 16 2024 at 07:42): Wasmtime GitHub notifications bot (Jan 16 2024 at 07:42):erxiaozhou added the bug label to Issue #7779.
Wasmtime GitHub notifications bot (Jan 16 2024 at 07:42):erxiaozhou opened issue #7779:
Test Case
Steps to Reproduce
/home/zph/CP912/wasmtime/install/bin/wasmtime run <path_of_the__test_case> --invoke to_testExpected Results
No exception
Actual Results
An exception indicating "Memory OOB"
Error: failed to run main module `<path_to_the_test_case>` Caused by: 0: failed to invoke `to_test` 1: error while executing at wasm backtrace: 0: 0x13f - <unknown>!<wasm function 0> 2: wasm trap: out of bounds memory accessVersions and Environment
Wasmtime version or commit: 37300d3f4b51e0e3374e3c4fc382b7603b065c8b
Operating system: ubuntu 20.04
Architecture: x86_64
Extra Info
According to the specification, there should not be an exception, because here
s+n=9, is not larger than the length ofdata.dataandd+n=0, is smaller than the length ofmem.data.
Wasmtime GitHub notifications bot (Jan 16 2024 at 17:18):fitzgen commented on issue #7779:
<details>
<summary>WAT disassembly of the test case</summary>
(module (type (;0;) (func (param i32 i32 i32 i32) (result i32))) (type (;1;) (func (param i32))) (type (;2;) (func)) (type (;3;) (func (result i32))) (func (;0;) (type 2) (local i32 f32 i64 f64) i32.const 0 i32.const 9 i32.const 0 memory.init 2) (func (;1;) (type 3) (result i32) i32.const 1 i32.const 3 i32.add) (func (;2;) (type 3) (result i32) i32.const 2 i32.const 3 i32.add) (func (;3;) (type 3) (result i32) i32.const 3 i32.const 3 i32.add) (table (;0;) 10 20 funcref) (memory (;0;) 1 5) (global (;0;) i32 (i32.const 541)) (global (;1;) (mut i32) (i32.const 191)) (global (;2;) f32 (f32.const 0x1.0e8p+9 (;=541;))) (global (;3;) (mut f32) (f32.const 0x1.8p+7 (;=192;))) (global (;4;) i64 (i64.const 54)) (global (;5;) (mut i64) (i64.const 19)) (global (;6;) f64 (f64.const 0x1.bp+5 (;=54;))) (global (;7;) (mut f64) (f64.const 0x1.3p+4 (;=19;))) (global (;8;) (mut i32) (i32.const 0)) (global (;9;) (mut f32) (f32.const 0x0p+0 (;=0;))) (global (;10;) (mut i64) (i64.const 0)) (global (;11;) (mut f64) (f64.const 0x0p+0 (;=0;))) (global (;12;) (mut f32) (f32.const 0x1.566586p-55 (;=3.71227e-17;))) (global (;13;) (mut i64) (i64.const -7377836612904162111)) (global (;14;) (mut i32) (i32.const 32562)) (global (;15;) (mut f32) (f32.const 0x1.566586p-55 (;=3.71227e-17;))) (global (;16;) (mut i64) (i64.const -7377836612904162111)) (global (;17;) (mut i32) (i32.const 32562)) (global (;18;) (mut f64) (f64.const 0x1.664c806fbc53dp+822 (;=3.91437e+247;))) (global (;19;) (mut f64) (f64.const 0x1.664c806fbc53dp+822 (;=3.91437e+247;))) (export "_start" (func 0)) (export "to_test" (func 0)) (elem (;0;) (i32.const 0) func 1 2 3 0 1) (elem (;1;) (i32.const 5) func 3 3 2 1) (elem (;2;) (i32.const 9) func 0) (data (;0;) (i32.const 8) "\01\02\03\04\05\06\07\08") (data (;1;) (i32.const 16) "\01\02\03\04\05\06\07\08\ff") (data (;2;) (i32.const 32) "\01\02\03\04\05\06\07\08\ff"))</details>
Wasmtime GitHub notifications bot (Jan 16 2024 at 19:07):fitzgen commented on issue #7779:
Reduced test case:
(module (type (;0;) (func)) (func (;0;) (type 0) (local i32 f32 i64 f64) i32.const 0 i32.const 9 i32.const 0 memory.init 2 ) (memory (;0;) 1 5) (export "_start" (func 0)) (data (;0;) (i32.const 8) "") (data (;1;) (i32.const 16) "") (data (;2;) (i32.const 32) "\01\02\03\04\05\06\07\08\ff") )
Wasmtime GitHub notifications bot (Jan 16 2024 at 19:07):alexcrichton commented on issue #7779:
Thanks for the report! I think though that this is working as intended, the data segment being used here is an "active data segment" which implicitly gets a
data.dropduring module instantiation, meaning that the data segment has length 0 by the timememory.initis executed at which point the offset of 9 is out-of-bounds.
Wasmtime GitHub notifications bot (Jan 16 2024 at 19:09):fitzgen closed issue #7779:
Test Case
Steps to Reproduce
/home/zph/CP912/wasmtime/install/bin/wasmtime run <path_of_the__test_case> --invoke to_testExpected Results
No exception
Actual Results
An exception indicating "Memory OOB"
Error: failed to run main module `<path_to_the_test_case>` Caused by: 0: failed to invoke `to_test` 1: error while executing at wasm backtrace: 0: 0x13f - <unknown>!<wasm function 0> 2: wasm trap: out of bounds memory accessVersions and Environment
Wasmtime version or commit: 37300d3f4b51e0e3374e3c4fc382b7603b065c8b
Operating system: ubuntu 20.04
Architecture: x86_64
Extra Info
According to the specification, there should not be an exception, because here
s+n=9, is not larger than the length ofdata.dataandd+n=0, is smaller than the length ofmem.data.
Wasmtime GitHub notifications bot (Jan 16 2024 at 19:09):fitzgen commented on issue #7779:
I believe Alex's interpretation is correct, closing.
Wasmtime GitHub notifications bot (Jan 16 2024 at 19:21):fitzgen commented on issue #7779:
@erxiaozhou thanks for filing this bug report! In the future, you can make the bug reports even more helpful by reducing the test case before filing an issue. I've filed a PR documenting how that is done here: https://github.com/bytecodealliance/wasmtime/pull/7780
Last updated: Oct 23 2024 at 20:03 UTC