diff --git a/.devcontainer/requirements.txt b/.devcontainer/requirements.txt index f8473e2729..a8ed4b65d6 100644 --- a/.devcontainer/requirements.txt +++ b/.devcontainer/requirements.txt @@ -2,3 +2,4 @@ black nose pycparser pylint +requests diff --git a/build-scripts/build_llvm.py b/build-scripts/build_llvm.py index 3d241355b4..68ef640e39 100755 --- a/build-scripts/build_llvm.py +++ b/build-scripts/build_llvm.py @@ -304,7 +304,7 @@ def main(): "default": { "repo": "https://github.com/llvm/llvm-project.git", "repo_ssh": "git@github.com:llvm/llvm-project.git", - "branch": "release/18.x", + "branch": "llvmorg-18.1.8", }, } diff --git a/build-scripts/config_common.cmake b/build-scripts/config_common.cmake index e1fd26dcbe..8a608eb0fe 100644 --- a/build-scripts/config_common.cmake +++ b/build-scripts/config_common.cmake @@ -196,7 +196,10 @@ if (NOT WAMR_BUILD_SANITIZER STREQUAL "") message(FATAL_ERROR "Unsupported sanitizers: ${INVALID_SANITIZERS}") endif() # common flags for all sanitizers - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -O0 -fno-omit-frame-pointer -fno-sanitize-recover=all") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -O0 -fno-omit-frame-pointer -fno-sanitize-recover=all -fno-sanitize=alignment") + if(CMAKE_C_COMPILER_ID MATCHES ".*Clang") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-sanitize=unsigned-integer-overflow") + endif() if(SANITIZER_FLAGS) string(REPLACE ";" "," SANITIZER_FLAGS_STR "${SANITIZER_FLAGS}") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=${SANITIZER_FLAGS_STR}") diff --git a/build-scripts/unsupported_combination.cmake b/build-scripts/unsupported_combination.cmake index 50c56fc822..4284be32bf 100644 --- a/build-scripts/unsupported_combination.cmake +++ b/build-scripts/unsupported_combination.cmake @@ -61,7 +61,6 @@ endfunction() # Below are the unsupported combinations checks # Please keep this list in sync with tests/unit/unsupported-features/CMakeLists.txt # and tests/wamr-test-suites/test_wamr.sh -cmake_print_variables(WAMR_BUILD_INTERP WAMR_BUILD_FAST_INTERP WAMR_BUILD_JIT WAMR_BUILD_EXCE_HANDLING) if(WAMR_BUILD_EXCE_HANDLING EQUAL 1) check_aot_mode_error("Unsupported build configuration: EXCE_HANDLING + AOT") diff --git a/tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt b/tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt index 500ad8fe3c..de0f6aebb8 100644 --- a/tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt +++ b/tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt @@ -172,21 +172,19 @@ set(IWASM_DIR ${REPO_ROOT_DIR}/core/iwasm) # Global setting add_compile_options(-Wno-unused-command-line-argument) -# Enable fuzzer -add_definitions(-DWASM_ENABLE_FUZZ_TEST=1) -# '-fsanitize=vptr' not allowed with '-fno-rtti -# But, LLVM by default, disables the use of `rtti` in the compiler -add_compile_options(-fsanitize=fuzzer -fno-sanitize=vptr) -add_link_options(-fsanitize=fuzzer -fno-sanitize=vptr) - # Enable sanitizers if not in oss-fuzz environment set(CFLAGS_ENV $ENV{CFLAGS}) -string(FIND "${CFLAGS_ENV}" "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" FUZZ_POS) + string(FIND "${CFLAGS_ENV}" "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" FUZZ_POS) if (FUZZ_POS GREATER -1) set(IN_OSS_FUZZ 1) else() set(IN_OSS_FUZZ 0) endif() +# Enable fuzzer +add_definitions(-DWASM_ENABLE_FUZZ_TEST=1) + +include(${CMAKE_CURRENT_LIST_DIR}/sanitizer_flags.cmake) + add_subdirectory(aot-compiler) add_subdirectory(wasm-mutator) diff --git a/tests/fuzz/wasm-mutator-fuzz/aot-compiler/CMakeLists.txt b/tests/fuzz/wasm-mutator-fuzz/aot-compiler/CMakeLists.txt index 5ca33906a5..23e30aed12 100644 --- a/tests/fuzz/wasm-mutator-fuzz/aot-compiler/CMakeLists.txt +++ b/tests/fuzz/wasm-mutator-fuzz/aot-compiler/CMakeLists.txt @@ -1,12 +1,6 @@ # Copyright (C) 2025 Intel Corporation. All rights reserved. # SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -# Set default build options with the ability to override from the command line -if(NOT WAMR_BUILD_INTERP) - set(WAMR_BUILD_INTERP 1) -endif() - -set(WAMR_BUILD_WAMR_COMPILER 1) set(WAMR_BUILD_AOT 0) set(WAMR_BUILD_INTERP 1) set(WAMR_BUILD_JIT 0) @@ -67,17 +61,5 @@ target_link_directories(aotclib PUBLIC ${LLVM_LIBRARY_DIR}) target_link_libraries(aotclib PUBLIC ${REQUIRED_LLVM_LIBS}) -if(NOT IN_OSS_FUZZ) - message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment for aotclib") - target_compile_options(aotclib PUBLIC - -fprofile-instr-generate -fcoverage-mapping - -fno-sanitize-recover=all - -fsanitize=address,undefined - -fsanitize=float-divide-by-zero,unsigned-integer-overflow,local-bounds,nullability - -fno-sanitize=alignment - ) - target_link_options(aotclib PUBLIC -fsanitize=address,undefined -fprofile-instr-generate) -endif() - add_executable(aot_compiler_fuzz aot_compiler_fuzz.cc) target_link_libraries(aot_compiler_fuzz PRIVATE stdc++ aotclib) diff --git a/tests/fuzz/wasm-mutator-fuzz/aot-compiler/aot_compiler_fuzz.cc b/tests/fuzz/wasm-mutator-fuzz/aot-compiler/aot_compiler_fuzz.cc index c8ec4c0d52..69f67edf9e 100644 --- a/tests/fuzz/wasm-mutator-fuzz/aot-compiler/aot_compiler_fuzz.cc +++ b/tests/fuzz/wasm-mutator-fuzz/aot-compiler/aot_compiler_fuzz.cc @@ -31,6 +31,10 @@ LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) AOTCompOption option = { 0 }; aot_comp_data_t comp_data = NULL; aot_comp_context_t comp_ctx = NULL; + uint8 *aot_file_buf = NULL; + uint32 aot_file_size = 0; + wasm_module_t aot_module = NULL; + wasm_module_inst_t inst = NULL; /* libfuzzer don't allow to modify the given Data, so make a copy here */ std::vector myData(Data, Data + Size); @@ -78,6 +82,31 @@ LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) goto DESTROY_COMP_CTX; } + aot_file_buf = aot_emit_aot_file_buf(comp_ctx, comp_data, &aot_file_size); + if (!aot_file_buf) { + handle_aot_recent_error("[EMITTING AOT FILE]"); + goto DESTROY_COMP_CTX; + } + + aot_module = + wasm_runtime_load(aot_file_buf, aot_file_size, error_buf, 128); + if (!aot_module) { + std::cout << "[LOADING AOT MODULE] " << error_buf << std::endl; + goto RELEASE_AOT_FILE_BUF; + } + + inst = wasm_runtime_instantiate(aot_module, 1024*8, 0, error_buf, 128); + if (!inst) { + std::cout << "[INSTANTIATING AOT MODULE] " << error_buf << std::endl; + goto UNLOAD_AOT_MODULE; + } + +DEINSTANTIZE_AOT_MODULE: + wasm_runtime_deinstantiate(inst); +UNLOAD_AOT_MODULE: + wasm_runtime_unload(aot_module); +RELEASE_AOT_FILE_BUF: + wasm_runtime_free(aot_file_buf); DESTROY_COMP_CTX: aot_destroy_comp_context(comp_ctx); DESTROY_COMP_DATA: diff --git a/tests/fuzz/wasm-mutator-fuzz/sanitizer_flags.cmake b/tests/fuzz/wasm-mutator-fuzz/sanitizer_flags.cmake new file mode 100644 index 0000000000..3c7e767955 --- /dev/null +++ b/tests/fuzz/wasm-mutator-fuzz/sanitizer_flags.cmake @@ -0,0 +1,30 @@ +if(NOT IN_OSS_FUZZ) + message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment for vmlib") + + add_compile_options(-fprofile-instr-generate -fcoverage-mapping) + + # + # Sync up with the content of infra/base-images/base-builder/Dockerfile in oss-fuzz + # + + # SANITIZER_FLAGS_address + add_compile_options(-fsanitize=address -fsanitize-address-use-after-scope) + + # SANITIZER_FLAGS_undefined + add_compile_options( + -fsanitize=array-bounds,bool,builtin,enum,function,integer-divide-by-zero,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unsigned-integer-overflow,unreachable,vla-bound,vptr + -fno-sanitize-recover=array-bounds,bool,builtin,enum,function,integer-divide-by-zero,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unreachable,vla-bound,vptr + ) + + add_link_options(-fsanitize=address,undefined -fprofile-instr-generate) +endif() + +# Always disable unsigned-integer-overflow +if(CMAKE_C_COMPILER_ID MATCHES ".*Clang") + add_compile_options(-fno-sanitize=unsigned-integer-overflow) +endif() + +# '-fsanitize=vptr' not allowed with '-fno-rtti +# But, LLVM by default, disables the use of `rtti` in the compiler +add_compile_options(-fsanitize=fuzzer -fno-sanitize=vptr) +add_link_options(-fsanitize=fuzzer -fno-sanitize=vptr) diff --git a/tests/fuzz/wasm-mutator-fuzz/wasm-mutator/CMakeLists.txt b/tests/fuzz/wasm-mutator-fuzz/wasm-mutator/CMakeLists.txt index b501baecf2..dc1febb529 100644 --- a/tests/fuzz/wasm-mutator-fuzz/wasm-mutator/CMakeLists.txt +++ b/tests/fuzz/wasm-mutator-fuzz/wasm-mutator/CMakeLists.txt @@ -6,43 +6,46 @@ if(CUSTOM_MUTATOR EQUAL 1) endif() # Set default build options with the ability to override from the command line -if(NOT WAMR_BUILD_INTERP) +if(NOT DEFINED WAMR_BUILD_INTERP) set(WAMR_BUILD_INTERP 1) endif() -if(NOT WAMR_BUILD_AOT) +if(NOT DEFINED WAMR_BUILD_AOT) set(WAMR_BUILD_AOT 1) endif() -if(NOT WAMR_BUILD_JIT) +if(NOT DEFINED WAMR_BUILD_JIT) set(WAMR_BUILD_JIT 0) endif() -if(NOT WAMR_BUILD_LIBC_BUILTIN) +if(NOT DEFINED WAMR_BUILD_LIBC_BUILTIN) set(WAMR_BUILD_LIBC_BUILTIN 0) endif() -if(NOT WAMR_BUILD_LIBC_WASI) +if(NOT DEFINED WAMR_BUILD_LIBC_WASI) set(WAMR_BUILD_LIBC_WASI 1) endif() -if(NOT WAMR_BUILD_FAST_INTERP) +if(NOT DEFINED WAMR_BUILD_FAST_INTERP) set(WAMR_BUILD_FAST_INTERP 1) endif() -if(NOT WAMR_BUILD_MULTI_MODULE) +if(NOT DEFINED WAMR_BUILD_MULTI_MODULE) set(WAMR_BUILD_MULTI_MODULE 0) endif() -if(NOT WAMR_BUILD_LIB_PTHREAD) +if(NOT DEFINED WAMR_BUILD_LIB_PTHREAD) set(WAMR_BUILD_LIB_PTHREAD 0) endif() -if(NOT WAMR_BUILD_MINI_LOADER) +if(NOT DEFINED WAMR_BUILD_MINI_LOADER) set(WAMR_BUILD_MINI_LOADER 0) endif() -set(WAMR_BUILD_SIMD 1) +if(NOT DEFINED WAMR_BUILD_SIMD) + set(WAMR_BUILD_SIMD 1) +endif() + set(WAMR_BUILD_REF_TYPES 1) set(WAMR_BUILD_GC 1) @@ -56,15 +59,3 @@ target_link_libraries(vmlib PUBLIC ${REQUIRED_LLVM_LIBS}) add_executable(wasm_mutator_fuzz wasm_mutator_fuzz.cc) target_link_libraries(wasm_mutator_fuzz PRIVATE vmlib m) - -if(NOT IN_OSS_FUZZ) - message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment for vmlib") - target_compile_options(vmlib PUBLIC - -fprofile-instr-generate -fcoverage-mapping - -fno-sanitize-recover=all - -fsanitize=address,undefined - -fsanitize=float-divide-by-zero,unsigned-integer-overflow,local-bounds,nullability - -fno-sanitize=alignment - ) - target_link_options(vmlib PUBLIC -fsanitize=address,undefined -fprofile-instr-generate) -endif()