Add checks to avoid wasm_runtime_malloc memory with size 0 (#507)

In some platforms, allocating memory with size 0 may return NULL but not an empty memory block, which causes runtime load, instantiate or execute wasm/aot file failed. We add checks to try to avoid allocating memory in runtime if the size is 0. And in wasm_runtime_malloc/free, output warning if allocate memory with size 0 and free memory with NULL ptr.
Also fix some coding style issues, fix handle riscv32 ilp32d issue, and fix several wasm-c-api issues.

Signed-off-by: Wenyong Huang <[email protected]>

Author: wenyongh

core/iwasm/aot/aot_loader.c

@@ -1117,8 +1117,9 @@ load_function_section(const uint8 *buf, const uint8 *buf_end,
     uint64 size, text_offset;
 
     size = sizeof(void*) * (uint64)module->func_count;
-    if (!(module->func_ptrs = loader_malloc
-                (size, error_buf, error_buf_size))) {
+    if (size > 0
+        && !(module->func_ptrs = loader_malloc
+                    (size, error_buf, error_buf_size))) {
         return false;
     }
 
@@ -1158,8 +1159,9 @@ load_function_section(const uint8 *buf, const uint8 *buf_end,
     }
 
     size = sizeof(uint32) * (uint64)module->func_count;
-    if (!(module->func_type_indexes = loader_malloc
-                (size, error_buf, error_buf_size))) {
+    if (size > 0
+        && !(module->func_type_indexes = loader_malloc
+                    (size, error_buf, error_buf_size))) {
         return false;
     }
 
@@ -1498,7 +1500,8 @@ load_relocation_section(const uint8 *buf, const uint8 *buf_end,
 
     /* Allocate memory for relocation groups */
     size = sizeof(AOTRelocationGroup) * (uint64)group_count;
-    if (!(groups = loader_malloc(size, error_buf, error_buf_size))) {
+    if (size > 0
+        && !(groups = loader_malloc(size, error_buf, error_buf_size))) {
         goto fail;
     }
 
@@ -2065,8 +2068,9 @@ aot_load_from_comp_data(AOTCompData *comp_data, AOTCompContext *comp_ctx,
 
     /* Allocate memory for function pointers */
     size = (uint64)module->func_count * sizeof(void *);
-    if (!(module->func_ptrs =
-            loader_malloc(size, error_buf, error_buf_size))) {
+    if (size > 0
+        && !(module->func_ptrs =
+                loader_malloc(size, error_buf, error_buf_size))) {
         goto fail2;
     }
 
@@ -2085,8 +2089,9 @@ aot_load_from_comp_data(AOTCompData *comp_data, AOTCompContext *comp_ctx,
 
     /* Allocation memory for function type indexes */
     size = (uint64)module->func_count * sizeof(uint32);
-    if (!(module->func_type_indexes =
-            loader_malloc(size, error_buf, error_buf_size))) {
+    if (size > 0
+        && !(module->func_type_indexes =
+                loader_malloc(size, error_buf, error_buf_size))) {
         goto fail3;
     }
     for (i = 0; i < comp_data->func_count; i++)
@@ -2135,7 +2140,8 @@ aot_load_from_comp_data(AOTCompData *comp_data, AOTCompContext *comp_ctx,
     return module;
 
 fail3:
-    wasm_runtime_free(module->func_ptrs);
+    if (module->func_ptrs)
+        wasm_runtime_free(module->func_ptrs);
 fail2:
     if (module->memory_count > 0)
         wasm_runtime_free(module->memories);

core/iwasm/aot/aot_runtime.c

@@ -176,7 +176,7 @@ memories_deinstantiate(AOTModuleInstance *module_inst)
                 wasm_runtime_free(memory_inst->heap_handle.ptr);
             }
 
-            if (memory_inst->heap_data.ptr) {
+            if (memory_inst->memory_data.ptr) {
 #ifndef OS_ENABLE_HW_BOUND_CHECK
                 wasm_runtime_free(memory_inst->memory_data.ptr);
 #else
@@ -202,7 +202,7 @@ memory_instantiate(AOTModuleInstance *module_inst, AOTModule *module,
     uint32 bytes_of_last_page, bytes_to_page_end;
     uint32 heap_offset = num_bytes_per_page *init_page_count;
     uint64 total_size;
-    uint8 *p, *global_addr;
+    uint8 *p = NULL, *global_addr;
 #ifdef OS_ENABLE_HW_BOUND_CHECK
     uint8 *mapped_mem;
     uint64 map_size = 8 * (uint64)BH_GB;
@@ -321,7 +321,8 @@ memory_instantiate(AOTModuleInstance *module_inst, AOTModule *module,
 
 #ifndef OS_ENABLE_HW_BOUND_CHECK
     /* Allocate memory */
-    if (!(p = runtime_malloc(total_size, error_buf, error_buf_size))) {
+    if (total_size > 0
+        && !(p = runtime_malloc(total_size, error_buf, error_buf_size))) {
         return NULL;
     }
 #else
@@ -420,7 +421,8 @@ memory_instantiate(AOTModuleInstance *module_inst, AOTModule *module,
         wasm_runtime_free(memory_inst->heap_handle.ptr);
 fail1:
 #ifndef OS_ENABLE_HW_BOUND_CHECK
-    wasm_runtime_free(memory_inst->memory_data.ptr);
+    if (memory_inst->memory_data.ptr)
+        wasm_runtime_free(memory_inst->memory_data.ptr);
 #else
     os_munmap(mapped_mem, map_size);
 #endif
@@ -504,7 +506,8 @@ memories_instantiate(AOTModuleInstance *module_inst, AOTModule *module,
         }
 
         /* Copy memory data */
-        bh_assert(memory_inst->memory_data.ptr);
+        bh_assert(memory_inst->memory_data.ptr
+                  || memory_inst->memory_data_size == 0);
 
         /* Check memory data */
         /* check offset since length might negative */
@@ -526,9 +529,11 @@ memories_instantiate(AOTModuleInstance *module_inst, AOTModule *module,
             return false;
         }
 
-        bh_memcpy_s((uint8*)memory_inst->memory_data.ptr + base_offset,
-                    memory_inst->memory_data_size - base_offset,
-                    data_seg->bytes, length);
+        if (memory_inst->memory_data.ptr) {
+            bh_memcpy_s((uint8*)memory_inst->memory_data.ptr + base_offset,
+                        memory_inst->memory_data_size - base_offset,
+                        data_seg->bytes, length);
+        }
     }
 
     return true;
@@ -543,6 +548,9 @@ init_func_ptrs(AOTModuleInstance *module_inst, AOTModule *module,
     uint64 total_size =
         ((uint64)module->import_func_count + module->func_count) * sizeof(void*);
 
+    if (module->import_func_count + module->func_count == 0)
+        return true;
+
     /* Allocate memory */
     if (!(module_inst->func_ptrs.ptr = runtime_malloc
                 (total_size, error_buf, error_buf_size))) {
@@ -562,7 +570,8 @@ init_func_ptrs(AOTModuleInstance *module_inst, AOTModule *module,
     }
 
     /* Set defined function pointers */
-    memcpy(func_ptrs, module->func_ptrs, module->func_count * sizeof(void*));
+    bh_memcpy_s(func_ptrs, sizeof(void*) * module->func_count,
+                module->func_ptrs, sizeof(void*) * module->func_count);
     return true;
 }
 
@@ -575,6 +584,9 @@ init_func_type_indexes(AOTModuleInstance *module_inst, AOTModule *module,
     uint64 total_size =
         ((uint64)module->import_func_count + module->func_count) * sizeof(uint32);
 
+    if (module->import_func_count + module->func_count == 0)
+        return true;
+
     /* Allocate memory */
     if (!(module_inst->func_type_indexes.ptr =
                 runtime_malloc(total_size, error_buf, error_buf_size))) {
@@ -586,9 +598,8 @@ init_func_type_indexes(AOTModuleInstance *module_inst, AOTModule *module,
     for (i = 0; i < module->import_func_count; i++, func_type_index++)
         *func_type_index = module->import_funcs[i].func_type_index;
 
-    memcpy(func_type_index, module->func_type_indexes,
-           module->func_count * sizeof(uint32));
-
+    bh_memcpy_s(func_type_index, sizeof(uint32) * module->func_count,
+                module->func_type_indexes, sizeof(uint32) * module->func_count);
     return true;
 }
 
@@ -1688,9 +1699,11 @@ aot_enlarge_memory(AOTModuleInstance *module_inst, uint32 inc_page_count)
         if (!(memory_data = wasm_runtime_malloc((uint32)total_size))) {
             return false;
         }
-        bh_memcpy_s(memory_data, (uint32)total_size,
-                    memory_data_old, total_size_old);
-        wasm_runtime_free(memory_data_old);
+        if (memory_data_old) {
+            bh_memcpy_s(memory_data, (uint32)total_size,
+                        memory_data_old, total_size_old);
+            wasm_runtime_free(memory_data_old);
+        }
     }
 
     memset(memory_data + total_size_old,

core/iwasm/common/wasm_c_api.c

@@ -23,7 +23,7 @@ void
 wasm_instance_delete_internal(wasm_instance_t *);
 
 static void *
-malloc_internal(size_t size)
+malloc_internal(uint64 size)
 {
     void *mem = NULL;
 
@@ -47,8 +47,7 @@ malloc_internal(size_t size)
 /* Vectors */
 #define INIT_VEC(vector_p, func_prefix, size)                                 \
     do {                                                                      \
-        vector_p = malloc_internal(sizeof(*(vector_p)));                      \
-        if (!vector_p) {                                                      \
+        if (!(vector_p = malloc_internal(sizeof(*(vector_p))))) {             \
             goto failed;                                                      \
         }                                                                     \
         func_prefix##_new_uninitialized(vector_p, size);                      \
@@ -75,7 +74,8 @@ malloc_internal(size_t size)
 static inline void
 generic_vec_init_data(Vector *out, size_t num_of_elems, size_t size_of_elem)
 {
-    if (!bh_vector_init(out, num_of_elems, size_of_elem)) {
+    /* size 0 is meaningless for a elemment */
+    if (!size_of_elem || !bh_vector_init(out, num_of_elems, size_of_elem)) {
         out->data = NULL;
         out->max_elems = 0;
         out->num_elems = 0;
@@ -99,7 +99,7 @@ wasm_byte_vec_copy(wasm_byte_vec_t *out, const wasm_byte_vec_t *src)
 
     bh_assert(out && src);
 
-    generic_vec_init_data((Vector *)out, src->size, src->size_of_elem);
+    generic_vec_init_data((Vector *)out, src->size, sizeof(wasm_byte_t));
     if (!out->data) {
         goto failed;
     }
@@ -187,7 +187,7 @@ wasm_engine_new_internal(mem_alloc_type_t type,
         goto failed;
     }
 
-#if BH_DEBUG == 1
+#if BH_DEBUG != 0
     bh_log_set_verbose_level(5);
 #else
     bh_log_set_verbose_level(3);
@@ -459,7 +459,7 @@ wasm_valtype_vec_copy(wasm_valtype_vec_t *out, const wasm_valtype_vec_t *src)
 
     bh_assert(out && src);
 
-    generic_vec_init_data((Vector *)out, src->size, src->size_of_elem);
+    generic_vec_init_data((Vector *)out, src->size, sizeof(wasm_valtype_t *));
     if (!out->data) {
         goto failed;
     }
@@ -1116,33 +1116,41 @@ results_to_argv(const wasm_val_t *results,
 static void
 native_func_trampoline(wasm_exec_env_t exec_env, uint64 *argv)
 {
-    wasm_val_t *params = NULL;
-    wasm_val_t *results = NULL;
+    wasm_val_t *params = NULL, *results = NULL;
     uint32 argc = 0;
     const wasm_func_t *func = NULL;
     wasm_trap_t *trap = NULL;
-
-    bh_assert(argv);
+    size_t param_count, result_count;
 
     func = wasm_runtime_get_function_attachment(exec_env);
     bh_assert(func);
 
-    params = malloc_internal(wasm_func_param_arity(func) * sizeof(wasm_val_t));
-    if (!params) {
-        goto failed;
-    }
+    param_count = wasm_func_param_arity(func);
+    if (param_count) {
+        if (!argv) {
+            goto failed;
+        }
 
-    results =
-      malloc_internal(wasm_func_result_arity(func) * sizeof(wasm_val_t));
-    if (!results) {
-        goto failed;
+        if (!(params = malloc_internal(param_count * sizeof(wasm_val_t)))) {
+            goto failed;
+        }
+
+        /* argv -> const wasm_val_t params[] */
+        if (!(argc = argv_to_params(
+                argv, wasm_functype_params(wasm_func_type(func)), params))) {
+            goto failed;
+        }
     }
 
-    /* argv -> const wasm_val_t params[] */
-    argc =
-      argv_to_params(argv, wasm_functype_params(wasm_func_type(func)), params);
-    if (wasm_func_param_arity(func) && !argc) {
-        goto failed;
+    result_count = wasm_func_result_arity(func);
+    if (result_count) {
+        if (!argv) {
+            goto failed;
+        }
+
+        if (!(results = malloc_internal(result_count * sizeof(wasm_val_t)))) {
+            goto failed;
+        }
     }
 
     if (func->with_env) {
@@ -1164,16 +1172,17 @@ native_func_trampoline(wasm_exec_env_t exec_env, uint64 *argv)
         }
     }
 
-    /* there is no result or there is an exception */
-    if (trap || !wasm_func_result_arity(func)) {
+    if (argv) {
         memset(argv, 0, wasm_func_param_arity(func) * sizeof(uint64));
     }
 
-    /* wasm_val_t results[] -> argv */
-    argc = results_to_argv(results,
-                           wasm_functype_results(wasm_func_type(func)), argv);
-    if (wasm_func_result_arity(func) && !argc) {
-        goto failed;
+    /* there is no trap and there is return values */
+    if (!trap && result_count) {
+        /* wasm_val_t results[] -> argv */
+        if (!(argc = results_to_argv(
+                results, wasm_functype_results(wasm_func_type(func)), argv))) {
+            goto failed;
+        }
     }
 
 failed:
@@ -1503,8 +1512,7 @@ wasm_func_call(const wasm_func_t *func,
     /* a parameter list and a return value list */
     uint32 *argv = NULL;
     WASMFunctionInstanceCommon *func_comm_rt = NULL;
-    size_t param_count = 0;
-    size_t result_count = 0;
+    size_t param_count, result_count, alloc_count;
 
     bh_assert(func && func->func_type && func->inst_comm_rt);
 
@@ -1527,17 +1535,18 @@ wasm_func_call(const wasm_func_t *func,
 
     param_count = wasm_func_param_arity(func);
     result_count = wasm_func_result_arity(func);
-    argv = malloc_internal(
-      sizeof(uint64)
-      * (param_count > result_count ? param_count : result_count));
-    if (!argv) {
-        goto failed;
+    alloc_count = (param_count > result_count) ? param_count : result_count;
+    if (alloc_count) {
+        if (!(argv = malloc_internal(sizeof(uint64) * alloc_count))) {
+            goto failed;
+        }
     }
 
     /* copy parametes */
-    argc = params_to_argv(params, wasm_functype_params(wasm_func_type(func)),
-                          wasm_func_param_arity(func), argv);
-    if (wasm_func_param_arity(func) && !argc) {
+    if (param_count
+        && !(argc = params_to_argv(params,
+                                   wasm_functype_params(wasm_func_type(func)),
+                                   wasm_func_param_arity(func), argv))) {
         goto failed;
     }
 
@@ -1548,9 +1557,10 @@ wasm_func_call(const wasm_func_t *func,
     }
 
     /* copy results */
-    argc = argv_to_results(argv, wasm_functype_results(wasm_func_type(func)),
-                           wasm_func_result_arity(func), results);
-    if (wasm_func_result_arity(func) && !argc) {
+    if (result_count
+        && !(argc = argv_to_results(
+               argv, wasm_functype_results(wasm_func_type(func)),
+               wasm_func_result_arity(func), results))) {
         goto failed;
     }
 
@@ -2734,7 +2744,7 @@ wasm_extern_vec_copy(wasm_extern_vec_t *out, const wasm_extern_vec_t *src)
     size_t i = 0;
     bh_assert(out && src);
 
-    generic_vec_init_data((Vector *)out, src->size, src->size_of_elem);
+    generic_vec_init_data((Vector *)out, src->size, sizeof(wasm_extern_t *));
     if (!out->data) {
         goto failed;
     }