From be78c8b30235ce4ae80c0a017c8ca8ca0fbf84b0 Mon Sep 17 00:00:00 2001 From: Andrew Brown Date: Wed, 10 Aug 2022 06:37:20 -0700 Subject: [PATCH] [fuzz] Fix order of operands passed in to `wasm-spec-interpreter` In #4671, the meta-differential fuzz target was finding errors when running certain Wasm modules (specifically `shr_s` in that case). @conrad-watt diagnosed the issue as a missing reversal in the operands passed to the spec interpreter. This change fixes #4671 and adds an additional unit test to keep it fixed. --- .../fuzzing/wasm-spec-interpreter/ocaml/interpret.ml | 2 +- .../fuzzing/wasm-spec-interpreter/src/with_library.rs | 11 +++++++++++ crates/fuzzing/wasm-spec-interpreter/tests/shr_s.wat | 9 +++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 crates/fuzzing/wasm-spec-interpreter/tests/shr_s.wat diff --git a/crates/fuzzing/wasm-spec-interpreter/ocaml/interpret.ml b/crates/fuzzing/wasm-spec-interpreter/ocaml/interpret.ml index 16c5bb61e2a8..96afecead337 100644 --- a/crates/fuzzing/wasm-spec-interpreter/ocaml/interpret.ml +++ b/crates/fuzzing/wasm-spec-interpreter/ocaml/interpret.ml @@ -55,7 +55,7 @@ let extract_exported_func export = match export with (** Interpret the first exported function and return the result. Use provided parameters if they exist, otherwise use default (zeroed) values. *) let interpret_exn module_bytes opt_params = - let opt_params_ = Option.map (List.map convert_to_wasm) opt_params in + let opt_params_ = Option.map (List.rev_map convert_to_wasm) opt_params in let module_ = parse module_bytes in let m_isa = Ast_convert.convert_module (module_.it) in let fuel = Z.of_string "4611686018427387904" in diff --git a/crates/fuzzing/wasm-spec-interpreter/src/with_library.rs b/crates/fuzzing/wasm-spec-interpreter/src/with_library.rs index 2242f08b5d27..acae7bb41424 100644 --- a/crates/fuzzing/wasm-spec-interpreter/src/with_library.rs +++ b/crates/fuzzing/wasm-spec-interpreter/src/with_library.rs @@ -119,4 +119,15 @@ mod tests { ])] ); } + + // See issue https://github.com/bytecodealliance/wasmtime/issues/4671. + #[test] + fn order_of_params() { + let module = wat::parse_file("tests/shr_s.wat").unwrap(); + + let parameters = Some(vec![Value::I32(1795123818), Value::I32(-2147483648)]); + let results = interpret(&module, parameters.clone()).unwrap(); + + assert_eq!(results, vec![Value::I32(1795123818)]); + } } diff --git a/crates/fuzzing/wasm-spec-interpreter/tests/shr_s.wat b/crates/fuzzing/wasm-spec-interpreter/tests/shr_s.wat new file mode 100644 index 000000000000..c9733d766ae2 --- /dev/null +++ b/crates/fuzzing/wasm-spec-interpreter/tests/shr_s.wat @@ -0,0 +1,9 @@ +(module + (type (;0;) (func (param i32 i32) (result i32))) + (func (;0;) (type 0) (param i32 i32) (result i32) + local.get 0 + local.get 1 + i32.shr_s + ) + (export "test" (func 0)) +)