wasmer
wasmer copied to clipboard
Published
20 hours ago •
wasmerio
wasmerio
SIGILL When Creating New Instance
trafficstars
Describe the bug
While trying to create a wasm module in C, I noticed I get a crash when compiling a certain module. Specifically, with wasm 2.3.0 on the cranelift compiler and using the universal engine, I get the following:
Job 1, 'build/debug/main' terminated by signal SIGILL (Illegal instruction)
Specifically, when running under gdb and collecting a backtrace, I get the following:
0x0000555555bab9b7 in wasmer_vm::instance::InstanceHandle::new (allocator=..., module=..., finished_functions=..., finished_function_call_trampolines=..., finished_memories=..., finished_tables=..., finished_globals=..., imports=..., vmshared_signatures=..., host_state=..., imported_function_envs=...) at /home/billy/.cargo/registry/src/github.com-1ecc6299db9ec823/hashbrown-0.12.3/src/raw/mod.rs:939
939 iter: RawIterRange::new(self.table.ctrl.as_ptr(), data, self.table.buckets()),
(gdb) bt
#0 0x0000555555bab9b7 in wasmer_vm::instance::InstanceHandle::new (allocator=..., module=...,
finished_functions=..., finished_function_call_trampolines=..., finished_memories=...,
finished_tables=..., finished_globals=..., imports=..., vmshared_signatures=..., host_state=...,
imported_function_envs=...)
at /home/billy/.cargo/registry/src/github.com-1ecc6299db9ec823/hashbrown-0.12.3/src/raw/mod.rs:939
#1 0x00005555556e6faf in wasmer_engine::artifact::Artifact::instantiate<wasmer_engine_universal::artifact::UniversalArtifact> (self=<optimized out>, tunables=..., resolver=..., host_state=...)
at /home/billy/.cargo/registry/src/github.com-1ecc6299db9ec823/wasmer-engine-2.3.0/src/artifact.rs:112
#2 0x00005555556da56d in wasmer::sys::module::Module::instantiate (self=0x7fffffffbb80, resolver=...)
at src/sys/module.rs:282
#3 0x00005555556ca12a in wasmer::sys::instance::Instance::new (module=0x555556c90b50, resolver=...)
at src/sys/instance.rs:126
#4 0x00005555556b096f in bot_handler::setup_bot_inner (file_name_ptr=0x555556081125, player_index=1)
at src/lib.rs:74
#5 0x00005555556b242e in bot_handler::setup_bot (file_name_ptr=0x555556081125, player_index=1)
at src/lib.rs:97
Here's the function code that causes the crash
let wasm_file_name = unsafe { CStr::from_ptr(file_name_ptr).to_str()? };
println!("File: {}", wasm_file_name);
let wasm_bytes = fs::read(wasm_file_name)?;
let store = Store::default();
let module = Module::new(&store, wasm_bytes)?;
let import_object = imports! {};
let instance = Instance::new(&module, &import_object)?;
Running the code under valgrind produces the following:
==34847== Memcheck, a memory error detector
==34847== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==34847== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==34847== Command: build/debug/main
==34847==
INFO: Initializing raylib 4.0
INFO: DISPLAY: Device initialized successfully
INFO: > Display size: 1920 x 1080
INFO: > Screen size: 800 x 450
INFO: > Render size: 800 x 450
INFO: > Viewport offsets: 0, 0
INFO: GLAD: OpenGL extensions loaded successfully
INFO: GL: Supported extensions count: 232
INFO: GL: OpenGL device information:
INFO: > Vendor: AMD
INFO: > Renderer: AMD Radeon Vega 3 Graphics (raven, LLVM 14.0.6, DRM 3.46, 5.18.3-zen1-x86_64)
INFO: > Version: 4.6 (Core Profile) Mesa 22.1.3
INFO: > GLSL: 4.60
INFO: GL: DXT compressed textures supported
INFO: GL: ETC2/EAC compressed textures supported
INFO: TEXTURE: [ID 1] Texture loaded successfully (1x1 | R8G8B8A8 | 1 mipmaps)
INFO: TEXTURE: [ID 1] Default texture loaded successfully
INFO: SHADER: [ID 1] Vertex shader compiled successfully
INFO: SHADER: [ID 2] Fragment shader compiled successfully
INFO: SHADER: [ID 3] Program shader loaded successfully
INFO: SHADER: [ID 3] Default shader loaded successfully
INFO: RLGL: Render batch vertex buffers loaded successfully in RAM (CPU)
INFO: RLGL: Render batch vertex buffers loaded successfully in VRAM (GPU)
INFO: RLGL: Default OpenGL state initialized successfully
INFO: TEXTURE: [ID 2] Texture loaded successfully (128x128 | GRAY_ALPHA | 1 mipmaps)
INFO: FONT: Default font loaded successfully (224 glyphs)
File: bots/aggro.wasm
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x863444: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x84EA98: wasmparser::validator::Validator::validate_all (parser.rs:701)
==34847== by 0x2FE3BC: wasmer_compiler::compiler::Compiler::validate_module (compiler.rs:110)
==34847== by 0x2D4986: wasmer_engine_universal_artifact::engine::UniversalEngineBuilder::validate (engine.rs:47)
==34847== by 0x2A3034: validate (engine.rs:174)
==34847== by 0x2A3034: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::validate (engine.rs:108)
==34847== by 0x28E112: wasmer::sys::module::Module::from_binary (module.rs:173)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x84E7AA: wasmparser::validator::Validator::validate_all (validator.rs:335)
==34847==
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x8634FA: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x84EA98: wasmparser::validator::Validator::validate_all (parser.rs:701)
==34847== by 0x2FE3BC: wasmer_compiler::compiler::Compiler::validate_module (compiler.rs:110)
==34847== by 0x2D4986: wasmer_engine_universal_artifact::engine::UniversalEngineBuilder::validate (engine.rs:47)
==34847== by 0x2A3034: validate (engine.rs:174)
==34847== by 0x2A3034: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::validate (engine.rs:108)
==34847== by 0x28E112: wasmer::sys::module::Module::from_binary (module.rs:173)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x84E7AA: wasmparser::validator::Validator::validate_all (validator.rs:335)
==34847==
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x863444: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x828A15: {closure#0} (parser.rs:701)
==34847== by 0x828A15: next<core::result::Result<wasmparser::parser::Payload, wasmparser::primitives::BinaryReaderError>, wasmparser::parser::{impl#0}::parse_all::{closure_env#0}> (module.rs:24)
==34847== by 0x828A15: wasmer_compiler::translator::module::translate_module (module.rs:24)
==34847== by 0x812838: wasmer_compiler::translator::environ::ModuleEnvironment::translate (environ.rs:91)
==34847== by 0x29E7C2: wasmer_engine_universal::artifact::UniversalArtifact::new (artifact.rs:54)
==34847== by 0x2A3137: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::compile (engine.rs:118)
==34847== by 0x28E151: wasmer::sys::module::Module::from_binary (module.rs:177)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x8287EA: wasmer_compiler::translator::module::translate_module (module.rs:18)
==34847==
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x8634FA: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x828A15: {closure#0} (parser.rs:701)
==34847== by 0x828A15: next<core::result::Result<wasmparser::parser::Payload, wasmparser::primitives::BinaryReaderError>, wasmparser::parser::{impl#0}::parse_all::{closure_env#0}> (module.rs:24)
==34847== by 0x828A15: wasmer_compiler::translator::module::translate_module (module.rs:24)
==34847== by 0x812838: wasmer_compiler::translator::environ::ModuleEnvironment::translate (environ.rs:91)
==34847== by 0x29E7C2: wasmer_engine_universal::artifact::UniversalArtifact::new (artifact.rs:54)
==34847== by 0x2A3137: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::compile (engine.rs:118)
==34847== by 0x28E151: wasmer::sys::module::Module::from_binary (module.rs:177)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x8287EA: wasmer_compiler::translator::module::translate_module (module.rs:18)
==34847==
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x863444: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x828A15: {closure#0} (parser.rs:701)
==34847== by 0x828A15: next<core::result::Result<wasmparser::parser::Payload, wasmparser::primitives::BinaryReaderError>, wasmparser::parser::{impl#0}::parse_all::{closure_env#0}> (module.rs:24)
==34847== by 0x828A15: wasmer_compiler::translator::module::translate_module (module.rs:24)
==34847== by 0x812838: wasmer_compiler::translator::environ::ModuleEnvironment::translate (environ.rs:91)
==34847== by 0x2B868C: wasmer_engine_universal_artifact::artifact::UniversalArtifactBuild::new (artifact.rs:52)
==34847== by 0x29EB2B: wasmer_engine_universal::artifact::UniversalArtifact::new (artifact.rs:67)
==34847== by 0x2A3137: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::compile (engine.rs:118)
==34847== by 0x28E151: wasmer::sys::module::Module::from_binary (module.rs:177)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x8287EA: wasmer_compiler::translator::module::translate_module (module.rs:18)
==34847==
==34847== Conditional jump or move depends on uninitialised value(s)
==34847== at 0x8634FA: wasmparser::parser::Parser::parse (parser.rs:447)
==34847== by 0x828A15: {closure#0} (parser.rs:701)
==34847== by 0x828A15: next<core::result::Result<wasmparser::parser::Payload, wasmparser::primitives::BinaryReaderError>, wasmparser::parser::{impl#0}::parse_all::{closure_env#0}> (module.rs:24)
==34847== by 0x828A15: wasmer_compiler::translator::module::translate_module (module.rs:24)
==34847== by 0x812838: wasmer_compiler::translator::environ::ModuleEnvironment::translate (environ.rs:91)
==34847== by 0x2B868C: wasmer_engine_universal_artifact::artifact::UniversalArtifactBuild::new (artifact.rs:52)
==34847== by 0x29EB2B: wasmer_engine_universal::artifact::UniversalArtifact::new (artifact.rs:67)
==34847== by 0x2A3137: <wasmer_engine_universal::engine::UniversalEngine as wasmer_engine::engine::Engine>::compile (engine.rs:118)
==34847== by 0x28E151: wasmer::sys::module::Module::from_binary (module.rs:177)
==34847== by 0x248F8C: wasmer::sys::module::Module::new (module.rs:125)
==34847== by 0x264729: bot_handler::setup_bot_inner (lib.rs:71)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Uninitialised value was created by a stack allocation
==34847== at 0x8287EA: wasmer_compiler::translator::module::translate_module (module.rs:18)
==34847==
==34847== Warning: set address range perms: large range [0x59cc7000, 0x1d9cc7000) (noaccess)
==34847== valgrind: Unrecognised instruction at address 0x75f9b7.
==34847== at 0x75F9B7: wasmer_vm::instance::InstanceHandle::new (mod.rs:0)
==34847== by 0x29AFAE: wasmer_engine::artifact::Artifact::instantiate (artifact.rs:112)
==34847== by 0x28E56C: wasmer::sys::module::Module::instantiate (module.rs:282)
==34847== by 0x27E129: wasmer::sys::instance::Instance::new (instance.rs:126)
==34847== by 0x26496E: bot_handler::setup_bot_inner (lib.rs:74)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Your program just tried to execute an instruction that Valgrind
==34847== did not recognise. There are two possible reasons for this.
==34847== 1. Your program has a bug and erroneously jumped to a non-code
==34847== location. If you are running Memcheck and you just saw a
==34847== warning about a bad jump, it's probably your program's fault.
==34847== 2. The instruction is legitimate but Valgrind doesn't handle it,
==34847== i.e. it's Valgrind's fault. If you think this is the case or
==34847== you are not sure, please let us know and we'll try to fix it.
==34847== Either way, Valgrind will now raise a SIGILL signal which will
==34847== probably kill your program.
==34847== valgrind: Unrecognised instruction at address 0x75f9b7.
==34847== at 0x75F9B7: wasmer_vm::instance::InstanceHandle::new (mod.rs:0)
==34847== by 0x29AFAE: wasmer_engine::artifact::Artifact::instantiate (artifact.rs:112)
==34847== by 0x28E56C: wasmer::sys::module::Module::instantiate (module.rs:282)
==34847== by 0x27E129: wasmer::sys::instance::Instance::new (instance.rs:126)
==34847== by 0x26496E: bot_handler::setup_bot_inner (lib.rs:74)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
==34847== Your program just tried to execute an instruction that Valgrind
==34847== did not recognise. There are two possible reasons for this.
==34847== 1. Your program has a bug and erroneously jumped to a non-code
==34847== location. If you are running Memcheck and you just saw a
==34847== warning about a bad jump, it's probably your program's fault.
==34847== 2. The instruction is legitimate but Valgrind doesn't handle it,
==34847== i.e. it's Valgrind's fault. If you think this is the case or
==34847== you are not sure, please let us know and we'll try to fix it.
==34847== Either way, Valgrind will now raise a SIGILL signal which will
==34847== probably kill your program.
==34847==
==34847== Process terminating with default action of signal 4 (SIGILL): dumping core
==34847== Illegal opcode at address 0x75F9B7
==34847== at 0x75F9B7: wasmer_vm::instance::InstanceHandle::new (mod.rs:0)
==34847== by 0x29AFAE: wasmer_engine::artifact::Artifact::instantiate (artifact.rs:112)
==34847== by 0x28E56C: wasmer::sys::module::Module::instantiate (module.rs:282)
==34847== by 0x27E129: wasmer::sys::instance::Instance::new (instance.rs:126)
==34847== by 0x26496E: bot_handler::setup_bot_inner (lib.rs:74)
==34847== by 0x26642D: setup_bot (lib.rs:97)
==34847== by 0x1B6054: main (src/main.c:54)
echo "`wasmer -V` | `rustc -V` | `uname -m`"
Steps to reproduce
The source code is available at https://github.com/billyb2/shooter2_c/tree/sigill
By follwing the instructions in the README.md and compilining and running the executable, it should result in the same crash.
Expected behavior
When running the scared.wasm file (by changing src/main.c to load scared.wasm instead of aggro.wasm), I just expect the file to load and run.
Actual behavior
There's a sigill and a crash, which is highly unexpected.
Thanks for opening the issue! We can't access the url shared (https://github.com/billyb2/shooter2_c/tree/sigill), perhaps you forgot to publish it? Once we are able to reproduce it, we can start working on a fix :)
@syrusakbary I apologize, I must have had the repo private. It should be public now :)
It doesn't build for me. I get
Compiling bot_handler v0.1.0 (/home/seb/git/shooter2_c/bot_src/bot_lib)
error[E0432]: unresolved import `std::ffi::c_char`
--> src/lib.rs:8:22
|
8 | use std::ffi::{CStr, c_char};
| ^^^^^^ no `c_char` in `ffi`
I don't see any .wasm file built with the project? is that normal?
Yea sorry, I totally spaced to put this in the README.md but you'll need to enter the bot_arc/aggro_bot folder and run the just copy cuando to add a bot to the bots/ folder.
I still have error.
5 warnings generated.
cp aggro.wasm ../../bots/aggro.wasm
cp: cannot create regular file '../../bots/aggro.wasm': No such file or directory
error: Recipe `copy` failed on line 24 with exit code 1
Can't you just attach the relelvant .wasm files dirrectly here?
Ah, I forgot you also need to mkdir bots/ directory. But yes I'll attach the wasm files shortly
I haven't found anything yet, but I'm on a MacOS machine for the next 3 weeks (with no access to my linux box), so it may be challenging. What you can do on your side also is to try with latest warmer 3.0 version. Try using the latest alpha version and see if it works.
I tried to create a minimum project to reproduced the issue: Cargo.toml:
[package]
name = "minimum_3073"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
wasmer = { version = "2", default-features = false, features = ["sys", "default-cranelift", "default-universal"] }
src/main.rs
use std::fs;
use wasmer::{imports, Module, Instance, Store};
fn main() {
let wasm_file_name = "aggro.wasm";
println!("File: {}", wasm_file_name);
let wasm_bytes = fs::read(wasm_file_name).unwrap();
let store = Store::default();
let module = Module::new(&store, wasm_bytes).unwrap();
let import_object = imports! {};
let instance = Instance::new(&module, &import_object).unwrap();
println!("Instance: {:?}", instance);
}
And putting the ago.wasm in current folder, I get no specific issue in a debug build.
And I don't reproduce the issue on my side. Can you check on yours?
That minimum program also runs on a linux x86_64 box....
@billyb2 can you check this on your side?
That minimum program also runs on a linux x86_64 box....
@billyb2 can you check this on your side?
I can confirm that I get 0 errors when using your minimal example...strange.
That would suggest some memory corruption happening before, especially because there is a SIGILL, with the illegal instruction not recognized by Valgrind (to bad there isn't a dump of the opcode, that might help finding what's going on).
Without any simple way to reproduce the issue, I don't see how to fix this one.
We'll close the issue now. But feel free to reopen @billyb2 if you think the issue is on our side and we have a way to reproduce it!