Closed
Description
Hi,
I observed two crash and assertion failed in wasm2js (based on commit 7773426). The poc files are attached.
How to reproduce:
wasm2js poc
Report of backtrace in gdb
Assertaion failed
#0 0x00007ffff6f78428 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00007ffff6f7a02a in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007ffff6f70bd7 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#3 0x00007ffff6f70c82 in __assert_fail () from /lib/x86_64-linux-gnu/libc.so.6
#4 0x0000000000f1bad3 in wasm::asmangle (name=<incomplete type>) at binaryen/src/asmjs/asmangle.cpp:26
#5 0x0000000000a982ee in wasm::Wasm2JSBuilder::fromName (this=0x7fffffffc718, name=..., scope=wasm::NameScope::Top)
at binaryen/src/wasm2js.h:207
#6 0x0000000000a72a0c in wasm::Wasm2JSBuilder::processWasm (this=0x7fffffffc718, wasm=0x7fffffffd450, funcName=...)
at binaryen/src/wasm2js.h:384
#7 0x0000000000a7ac9f in (anonymous namespace)::emitWasm (wasm=..., output=..., flags=..., options=..., name=...)
at binaryen/src/tools/wasm2js.cpp:502
#8 0x0000000000a79bc2 in main (argc=0x2, argv=0x7fffffffdcb8) at binaryen/src/tools/wasm2js.cpp:925
#9 0x00007ffff6f63830 in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#10 0x0000000000a71219 in _start ()
Crash
Stopped reason: SIGSEGV
#0 0x0000000000e561b4 in wasm::LocalSet::finalize (this=0x1486b40) at binaryen/src/wasm/wasm.cpp:465
#1 0x0000000000b13832 in wasm::Builder::makeLocalSet (this=0x7fffffffac78, index=0x0, value=0x0) at binaryen/src/wasm-builder.h:244
#2 0x0000000000f2dbe9 in wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier::visitLocalSet(wasm::LocalSet*) (this=0x7fffffffac50, curr=0x7ffff0000b10) at binaryen/src/ir/ExpressionManipulator.cpp:96
#3 0x0000000000f2d25b in wasm::Visitor<wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier, wasm::Expression*>::visit(wasm::Expression*) (this=0x7fffffffac50, curr=0x7ffff0000b10) at binaryen/src/wasm-traversal.h:112
#4 0x0000000000f2cfb0 in wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier::copy(wasm::Expression*) (this=0x7fffffffac50, curr=0x7ffff0000b10) at binaryen/src/ir/ExpressionManipulator.cpp:44
#5 0x0000000000f2d63f in wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier::visitBlock(wasm::Block*) (this=0x7fffffffac50, curr=0x7ffff0000b48) at binaryen/src/ir/ExpressionManipulator.cpp:50
#6 0x0000000000f2d17b in wasm::Visitor<wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier, wasm::Expression*>::visit(wasm::Expression*) (this=0x7fffffffac50, curr=0x7ffff0000b48) at binaryen/src/wasm-traversal.h:96
#7 0x0000000000f2cfb0 in wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>)::Copier::copy(wasm::Expression*) (this=0x7fffffffac50, curr=0x7ffff0000b48) at binaryen/src/ir/ExpressionManipulator.cpp:44
#8 0x0000000000f2ce73 in wasm::ExpressionManipulator::flexibleCopy(wasm::Expression*, wasm::Module&, std::function<wasm::Expression* (wasm::Expression*)>) (original=0x7ffff0000b48,
wasm=..., custom=...) at binaryen/src/ir/ExpressionManipulator.cpp:229
#9 0x0000000000c34fbd in wasm::ExpressionManipulator::copy (original=0x7ffff0000b48, wasm=...) at binaryen/src/ir/manipulation.h:62
#10 0x0000000000c34cc1 in wasm::ModuleUtils::copyFunction (func=0x14673e0, out=...) at binaryen/src/ir/module-utils.h:99
#11 0x0000000000c3475d in wasm::I64ToI32Lowering::doWalkFunction (this=0x1469ca0, func=0x14673e0)
at binaryen/src/passes/I64ToI32Lowering.cpp:176
#12 0x0000000000c21ae3 in wasm::Walker<wasm::I64ToI32Lowering, wasm::Visitor<wasm::I64ToI32Lowering, void> >::walkFunction (this=0x1469cc8, func=0x14673e0)
at binaryen/src/wasm-traversal.h:504
#13 0x0000000000c210ac in wasm::Walker<wasm::I64ToI32Lowering, wasm::Visitor<wasm::I64ToI32Lowering, void> >::doWalkModule (this=0x1469cc8, module=0x7fffffffd460)
at binaryen/src/wasm-traversal.h:569
#14 0x0000000000c20bfe in wasm::I64ToI32Lowering::doWalkModule (this=0x1469ca0, module=0x7fffffffd460)
at binaryen/src/passes/I64ToI32Lowering.cpp:147
#15 0x0000000000c206a3 in wasm::Walker<wasm::I64ToI32Lowering, wasm::Visitor<wasm::I64ToI32Lowering, void> >::walkModule (this=0x1469cc8, module=0x7fffffffd460)
at binaryen/src/wasm-traversal.h:543
#16 0x0000000000c1c75f in wasm::WalkerPass<wasm::PostWalker<wasm::I64ToI32Lowering, wasm::Visitor<wasm::I64ToI32Lowering, void> > >::run (this=0x1469ca0, runner=0x7fffffffc4a8,
module=0x7fffffffd460) at binaryen/src/pass.h:331
#17 0x0000000000b062a8 in wasm::PassRunner::runPass (this=0x7fffffffc4a8, pass=0x1469ca0) at binaryen/src/passes/pass.cpp:685
#18 0x0000000000b05cc0 in wasm::PassRunner::run (this=0x7fffffffc4a8) at binaryen/src/passes/pass.cpp:563
#19 0x0000000000a722bf in wasm::Wasm2JSBuilder::processWasm (this=0x7fffffffc728, wasm=0x7fffffffd460, funcName=...)
at binaryen/src/wasm2js.h:332
#20 0x0000000000a7ac9f in (anonymous namespace)::emitWasm (wasm=..., output=..., flags=..., options=..., name=...)
at binaryen/src/tools/wasm2js.cpp:502
#21 0x0000000000a79bc2 in main (argc=0x2, argv=0x7fffffffdcc8) at binaryen/src/tools/wasm2js.cpp:925
#22 0x00007ffff6f63830 in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#23 0x0000000000a71219 in _start ()
Metadata
Metadata
Assignees
Labels
No labels