Change `numLocalBytes` to `u32` #500

DianQK · 2024-08-09T12:40:18Z

When we have 8192 i64 locals, the required bytes are 65536.

IIUC, the test cases in the test/regression directory are not actually being tested.

tommie · 2024-08-09T13:00:28Z

IIUC, the test cases in the test/regression directory are not actually being tested.

No, sorry, I just started adding them for future use as I was fixing security issues.

Agreed it would be good to convert them to .wast and actually run them. :)

tommie · 2024-08-09T13:05:40Z

source/m3_function.h

@@ -71,7 +71,7 @@ typedef struct M3Function
    u16                     numRetAndArgSlots;

    u16                     numLocals;                              // not including args
-    u16                     numLocalBytes;
+    u32                     numLocalBytes;


There are many more u16 fields here that are counting slots. A slot is 4 (or 8) bytes, so only increasing this variable isn't going to help much in the general case.

wasm3/source/m3_compile.c

Line 2893 in 35b5e2f

o->function->numLocalBytes = (maxSlot - o->slotFirstLocalIndex) * sizeof (m3slot_t);

This PR addresses the issue caused by this line. I don't think we need to change the slot count to u32, but I'm not sure which other variable types we might need to adjust. It makes more sense to me to add -fsanitize=integer in the CI.

If you use 4 times as many locals as you are using now, you'll wrap around the maxStackSlots slot counter. So just changing this line only moves the problem by a factor of 4, not 2^16. Is that good enough?

It makes more sense to me to add -fsanitize=integer in the CI.

Fixing the overflows (by returning error) and enabling UBSan does sound nice.

If you use 4 times as many locals as you are using now, you'll wrap around the maxStackSlots slot counter. So just changing this line only moves the problem by a factor of 4, not 2^16. Is that good enough?

I can verify that when I set d_m3MaxFunctionStackHeight to 32767, it first encounters m3Err_functionStackOverflow in AllocateSlotsWithinRange.

Thanks for checking!

tommie · 2024-08-09T18:29:00Z

I made #504 for running regression tests. It's unfortunately a large change, splitting run-spec-test.py so the JSON parsing is separate from downloading the spec tests.

When we have 8192 `i64` locals, the required bytes are 65536.

tommie reviewed Aug 9, 2024

View reviewed changes

DianQK force-pushed the numLocalBytes-truncation-loss branch from 689b26a to 4472181 Compare August 10, 2024 06:46

Change numLocalBytes to u32

9172d69

When we have 8192 `i64` locals, the required bytes are 65536.

DianQK force-pushed the numLocalBytes-truncation-loss branch from 4472181 to 9172d69 Compare August 10, 2024 06:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Change `numLocalBytes` to `u32` #500

Change `numLocalBytes` to `u32` #500

Change numLocalBytes to u32 #500

Are you sure you want to change the base?

Change numLocalBytes to u32 #500

Conversation

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Change `numLocalBytes` to `u32` #500

Change `numLocalBytes` to `u32` #500