-
Notifications
You must be signed in to change notification settings - Fork 745
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wasm-as/wasm-dis seem to miscompile ref.null with type-index heap type #6860
Comments
The lack of validation failure is because we do not faithfully implement the proper validation of branches as discussed in WebAssembly/gc#516. To avoid emitting invalid binaries, we instead have a fixup that inserts extra casts as necessary when emitting a binary: e5f2edf The behavior where the Now that we are trying to run the upstream spec tests in Binaryen, issues like this are going to become more important to fix. I'm thinking the best course of action will be to perform real Wasm validation at parse time, then subsequently use the current, looser validation for the IR. @kripken, does building validation into |
Even with proper validation, we will not precisely round-trip |
Do you mean just validation of the few things we have to do there, that can't be done on the IR? That sgtm, and is what we do already with some validation that we have in the binary reader for example. |
I see. To me it was definitely surprising behavior for |
The more actively maintained option for assembling and disassembling would be https://github.com/bytecodealliance/wasm-tools, but WABT also works well as long as you don't need GC support. A warning or error is an interesting idea, but my gut reaction is that the benefit wouldn't be worth the complexity. There is rarely a need for precise assembly/disassembly, and when there is, I expect users to quickly discover that Binaryen isn't the tool for the job, as you have.
No, to get full fidelity we would need a more heavyweight approach than we've taken so far. To validate unreachable code, branches, and nulls properly, we would need to maintain a separate type stack and implement the full algorithm for standard validation. Thankfully this could be encapsulated entirely in IRBuilder. We could add an option to turn it off to continue testing IR validation errors. |
How much work do you think that would be? If it's significant then I'm not sure getting a few more spec tests to pass is worth it. |
I don't think it would be too significant. It would basically be just one more I think the marginal benefit of getting those last few spec tests running will be large, though. Beyond getting to run all the other tests in files we would otherwise have to skip because of one or two bad test cases, we would also have an in-tree way of validating that the binaries we emit are valid for real. Currently we rely on fuzzing with V8 to detect problems there. It will be much better not to have to rely on V8 for that. |
Good points. But I think we can disable the one or two bad testcases in a file without ignoring the entire file? We can identify them by line or by module index (or name, if the modules are named). In fact I seem to recall we had a mechanism for just that, but I could be wrong. I 100% agree it is important to have tests that we emit valid binaries. But tests that check we don't accept invalid ones seem more like a nice-to-have. |
I've noticed some seemingly incorrect behavior in binaryen working with one of the cases from the
br_if.wast
spec test on the wasm-3.0 branch:(see WebAssembly/gc#516 for discussion about this issue).
Using
wasm-as
version 118 and building this with--enable-reference-types
and--enable-gc
, I notice:ref.null $t
becomesd0 73
, which corresponds to(ref.null nofunc)
instead of(ref.null $t)
.wasm-as
doesn't report a validation failure.Likewise, disassembling the assembled binary from the spec tests:
(I typically use
echo -ne "\x00\x61\x73\x6d..."
to convert this to binary)...
wasm-dis
disassembles theref.null
in this binary, encoded asd0 00
, as(ref.null nofunc)
. Instead, I think heap type00
should be interpreted as a type index.The text was updated successfully, but these errors were encountered: