gnh1201/wasm-micro-runtime
1
0
Fork 0
mirror of https://github.com/bytecodealliance/wasm-micro-runtime.git synced 2025-02-06 06:55:07 +00:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

[fuzzing] Use software bound-check during fuzzing (#4003)

Browse Source 
* Update CMakeLists.txt of fuzzing

- enable software bound-check
- enable wasi
- disable libc builtin and multiple modules

* Fix off-by-one error in result offset calculation for function calls
This commit is contained in:
liang.he 2025-01-06 11:36:11 +08:00 committed by GitHub
parent 1807eec9d2
commit 9989b1cc1b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/iwasm/interpreter/wasm_interp_fast.c
View File

@ -1670,7 +1670,8 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
{ {
uint32 ret_idx; uint32 ret_idx;
WASMFuncType *func_type; WASMFuncType *func_type;
uint32 off, ret_offset; int32 off;
uint32 ret_offset;
uint8 *ret_types; uint8 *ret_types;
if (cur_func->is_import_func) if (cur_func->is_import_func)
func_type = cur_func->u.func_import->func_type; func_type = cur_func->u.func_import->func_type;
@ -1682,9 +1683,9 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
ret_offset = prev_frame->ret_offset; ret_offset = prev_frame->ret_offset;
for (ret_idx = 0, for (ret_idx = 0,
off = sizeof(int16) * (func_type->result_count - 1); off = (int32)sizeof(int16) * (func_type->result_count - 1);
ret_idx < func_type->result_count; ret_idx < func_type->result_count;
ret_idx++, off -= sizeof(int16)) { ret_idx++, off -= (int32)sizeof(int16)) {
if (ret_types[ret_idx] == VALUE_TYPE_I64 if (ret_types[ret_idx] == VALUE_TYPE_I64
|| ret_types[ret_idx] == VALUE_TYPE_F64) { || ret_types[ret_idx] == VALUE_TYPE_F64) {
PUT_I64_TO_ADDR(prev_frame->lp + ret_offset, PUT_I64_TO_ADDR(prev_frame->lp + ret_offset,

8
tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt
View File

@ -66,7 +66,7 @@ if (NOT DEFINED WAMR_BUILD_JIT)
endif () endif ()
if (NOT DEFINED WAMR_BUILD_LIBC_BUILTIN) if (NOT DEFINED WAMR_BUILD_LIBC_BUILTIN)
# Enable libc builtin support by default # Disable libc builtin support by default
set (WAMR_BUILD_LIBC_BUILTIN 0) set (WAMR_BUILD_LIBC_BUILTIN 0)
endif () endif ()
@ -81,7 +81,7 @@ if (NOT DEFINED WAMR_BUILD_FAST_INTERP)
endif () endif ()
if (NOT DEFINED WAMR_BUILD_MULTI_MODULE) if (NOT DEFINED WAMR_BUILD_MULTI_MODULE)
# Enable multiple modules # Disable multiple modules
set (WAMR_BUILD_MULTI_MODULE 0) set (WAMR_BUILD_MULTI_MODULE 0)
endif () endif ()
@ -116,6 +116,10 @@ if (WAMR_BUILD_DEBUG_INTERP EQUAL 1)
set (WAMR_BUILD_SIMD 0) set (WAMR_BUILD_SIMD 0)
endif () endif ()
# sanitizer may use kHandleSignalExclusive to handle SIGSEGV
# like `UBSAN_OPTIONS=handle_segv=2:...`
set (WAMR_DISABLE_HW_BOUND_CHECK 1)
set (REPO_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../../..) set (REPO_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../../..)
message([ceith]:REPO_ROOT_DIR, ${REPO_ROOT_DIR}) message([ceith]:REPO_ROOT_DIR, ${REPO_ROOT_DIR})