alexcrichton commented on issue #815:
Lightbeam was removed in https://github.com/bytecodealliance/wasmtime/pull/3390 as explained in RFC 14, so I'm going to close this.
alexcrichton closed issue #815:
Issue description
An addition with overflow make lightbeam to panic when compiled in debug mode.
Note: This issue is similar to https://github.com/bytecodealliance/wasmtime/issues/738. I suspect other overflows like those ones to be in the code.
Overflowed values are then provided to dynasm, meaning that in release mode, Lightbeam will generate Assembly code that will try to access invalid memory address (like 0x0, kernel address, etc.) leading to different errors/panics.
$ ./target/debug/debug_lightbeam load_add_overflow_lightbeam.wasm thread 'main' panicked at 'attempt to add with overflow', XXX/wasmtime/crates/lightbeam/src/backend.rs:1934:106 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.
This issue is related to the macro
load!
when dealing with thei32.load16_s
opcode:Reproduction
Download:
load_add_overflow_lightbeam.zipor
wasm2wat load_add_overflow_lightbeam.wasm
:(module (type (;0;) (func)) (func (;0;) (type 0) i32.const 2 i32.const 1 i32.load16_s offset=2147483647 align=1 unreachable) (memory (;0;) 1) (export "_start" (func 0)) )
Testing program (need to be compiled in debug mode i.e.
RUSTFLAGS=-g cargo build
):use std::env; use std::fs::{File}; use std::io; use std::io::Read; use std::path::PathBuf; use wasmtime_fuzzing::oracles; use wasmtime_jit::CompilationStrategy; /// Read the contents of a file fn read_contents(path: &PathBuf) -> Result<Vec<u8>, io::Error> { let mut buffer: Vec<u8> = Vec::new(); let mut file = File::open(path)?; file.read_to_end(&mut buffer)?; drop(file); Ok(buffer) } fn main() { let args: Vec<String> = env::args().collect(); let wasm_path = std::path::PathBuf::from(&args[1]); let wasm_binary: Vec<u8> = read_contents(&wasm_path).unwrap(); let _res_compile = oracles::compile(&wasm_binary[..], CompilationStrategy::Lightbeam); }
wasmtime commit: 420dcd76fd0d684291901c7a6afeb481481dea7e
Last updated: Nov 22 2024 at 17:03 UTC