Fix null pointer access in fast interpreter mode when configurable software bound check is enabled #6680
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (C) 2019 Intel Corporation. All rights reserved. | |
| # SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception | |
| name: compilation on SGX | |
| on: | |
| # will be triggered on PR events | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| paths: | |
| - ".github/workflows/build_llvm_libraries.yml" | |
| - ".github/workflows/compilation_on_sgx.yml" | |
| - "build-scripts/**" | |
| - "core/**" | |
| - "!core/deps/**" | |
| - "product-mini/**" | |
| - "samples/**" | |
| - "!samples/workload/**" | |
| - "tests/wamr-test-suites/**" | |
| - "wamr-compiler/**" | |
| - "wamr-sdk/**" | |
| # will be triggered on push events | |
| push: | |
| branches: | |
| - main | |
| - "dev/**" | |
| paths: | |
| - ".github/workflows/build_llvm_libraries.yml" | |
| - ".github/workflows/compilation_on_sgx.yml" | |
| - "build-scripts/**" | |
| - "core/**" | |
| - "!core/deps/**" | |
| - "product-mini/**" | |
| - "samples/**" | |
| - "!samples/workload/**" | |
| - "tests/wamr-test-suites/**" | |
| - "wamr-compiler/**" | |
| - "wamr-sdk/**" | |
| # allow to be triggered manually | |
| workflow_dispatch: | |
| # Cancel any in-flight jobs for the same PR/branch so there's only one active | |
| # at a time | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| # ref types enabled in wamrc by default, so we need to enable it for iwasm in AOT mode | |
| AOT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0 -DWAMR_BUILD_REF_TYPES=1" | |
| CLASSIC_INTERP_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=0 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0" | |
| FAST_INTERP_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=0 -DWAMR_BUILD_FAST_INTERP=1 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0" | |
| FAST_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_FAST_JIT=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=1" | |
| LLVM_LAZY_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=1 -DWAMR_BUILD_LAZY_JIT=1" | |
| LLVM_EAGER_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=1 -DWAMR_BUILD_LAZY_JIT=0" | |
| jobs: | |
| build_llvm_libraries: | |
| uses: ./.github/workflows/build_llvm_libraries.yml | |
| with: | |
| os: "ubuntu-20.04" | |
| arch: "X86" | |
| build_iwasm: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| make_options_run_mode: [ | |
| # Running modes supported | |
| $AOT_BUILD_OPTIONS, | |
| $CLASSIC_INTERP_BUILD_OPTIONS, | |
| $FAST_INTERP_BUILD_OPTIONS, | |
| $FAST_JIT_BUILD_OPTIONS, | |
| # Running modes unsupported | |
| #$LLVM_LAZY_JIT_BUILD_OPTIONS, | |
| #$LLVM_EAGER_JIT_BUILD_OPTIONS, | |
| ] | |
| make_options_feature: [ | |
| # Features | |
| "-DWAMR_BUILD_CUSTOM_NAME_SECTION=1", | |
| # doesn't support | |
| # "-DWAMR_BUILD_DEBUG_AOT=1", | |
| # "-DWAMR_BUILD_DEBUG_INTERP=1", | |
| "-DWAMR_BUILD_DUMP_CALL_STACK=1", | |
| "-DWAMR_BUILD_LIB_PTHREAD=1", | |
| "-DWAMR_BUILD_LIB_WASI_THREADS=1", | |
| "-DWAMR_BUILD_LOAD_CUSTOM_SECTION=1", | |
| "-DWAMR_BUILD_MINI_LOADER=1", | |
| "-DWAMR_BUILD_MEMORY_PROFILING=1", | |
| "-DWAMR_BUILD_MULTI_MODULE=1", | |
| "-DWAMR_BUILD_PERF_PROFILING=1", | |
| "-DWAMR_BUILD_REF_TYPES=1", | |
| # doesn't support | |
| # "-DWAMR_BUILD_SIMD=1", | |
| "-DWAMR_BUILD_TAIL_CALL=1", | |
| "-DWAMR_DISABLE_HW_BOUND_CHECK=1", | |
| "-DWAMR_BUILD_SGX_IPFS=1", | |
| ] | |
| os: [ubuntu-20.04] | |
| platform: [linux-sgx] | |
| exclude: | |
| # uncompatiable mode and feature | |
| # MINI_LOADER only on INTERP mode | |
| - make_options_run_mode: $AOT_BUILD_OPTIONS | |
| make_options_feature: "-DWAMR_BUILD_MINI_LOADER=1" | |
| steps: | |
| - name: install SGX SDK and necessary libraries | |
| run: | | |
| mkdir -p /opt/intel | |
| cd /opt/intel | |
| wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin | |
| chmod +x sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
| wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
| sudo apt update | |
| sudo apt install -y libsgx-launch libsgx-urts | |
| source /opt/intel/sgxsdk/environment | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Build iwasm | |
| run: | | |
| mkdir build && cd build | |
| cmake .. ${{ matrix.make_options_run_mode }} ${{ matrix.make_options_feature }} | |
| cmake --build . --config Release --parallel 4 | |
| cd ../enclave-sample | |
| make | |
| working-directory: product-mini/platforms/${{ matrix.platform }} | |
| run_samples_file: | |
| needs: [build_iwasm, build_llvm_libraries] | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| iwasm_make_options_run_mode: [ | |
| # Running modes supported | |
| $AOT_BUILD_OPTIONS, | |
| $CLASSIC_INTERP_BUILD_OPTIONS, | |
| $FAST_INTERP_BUILD_OPTIONS, | |
| $FAST_JIT_BUILD_OPTIONS, | |
| # Running modes unsupported | |
| #$LLVM_LAZY_JIT_BUILD_OPTIONS, | |
| #$LLVM_EAGER_JIT_BUILD_OPTIONS, | |
| ] | |
| os: [ubuntu-20.04] | |
| wasi_sdk_release: | |
| [ | |
| "https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-19/wasi-sdk-19.0-linux.tar.gz", | |
| ] | |
| wabt_release: | |
| [ | |
| "https://github.com/WebAssembly/wabt/releases/download/1.0.31/wabt-1.0.31-ubuntu.tar.gz", | |
| ] | |
| iwasm_make_options_feature: [ | |
| # Features to be tested: IPFS | |
| "-DWAMR_BUILD_SGX_IPFS=1", | |
| ] | |
| platform: [linux-sgx] | |
| include: | |
| - os: ubuntu-20.04 | |
| llvm_cache_key: ${{ needs.build_llvm_libraries.outputs.cache_key }} | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: download and install wasi-sdk | |
| run: | | |
| cd /opt | |
| sudo wget ${{ matrix.wasi_sdk_release }} | |
| sudo tar -xzf wasi-sdk-*.tar.gz | |
| sudo mv wasi-sdk-19.0 wasi-sdk | |
| - name: download and install wabt | |
| run: | | |
| cd /opt | |
| sudo wget ${{ matrix.wabt_release }} | |
| sudo tar -xzf wabt-1.0.31-*.tar.gz | |
| sudo mv wabt-1.0.31 wabt | |
| - name: build wasi-libc (needed for wasi-threads) | |
| run: | | |
| mkdir wasi-libc | |
| cd wasi-libc | |
| git init | |
| # "Fix a_store operation in atomic.h" commit on main branch | |
| git fetch https://github.com/WebAssembly/wasi-libc \ | |
| 1dfe5c302d1c5ab621f7abf04620fae92700fd22 | |
| git checkout FETCH_HEAD | |
| make \ | |
| AR=/opt/wasi-sdk/bin/llvm-ar \ | |
| NM=/opt/wasi-sdk/bin/llvm-nm \ | |
| CC=/opt/wasi-sdk/bin/clang \ | |
| THREAD_MODEL=posix | |
| working-directory: core/deps | |
| - name: install SGX SDK and necessary libraries | |
| run: | | |
| mkdir -p /opt/intel | |
| cd /opt/intel | |
| wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin | |
| chmod +x sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
| wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
| sudo apt update | |
| sudo apt install -y libsgx-launch libsgx-urts | |
| - name: Build iwasm for testing samples | |
| run: | | |
| mkdir build && cd build | |
| cmake .. ${{ matrix.iwasm_make_options_run_mode }} ${{ matrix.iwasm_make_options_feature }} | |
| cmake --build . --config Release --parallel 4 | |
| cd ../enclave-sample | |
| make | |
| working-directory: product-mini/platforms/${{ matrix.platform }} | |
| - name: Get LLVM libraries | |
| if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS' | |
| id: retrieve_llvm_libs | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ./core/deps/llvm/build/bin | |
| ./core/deps/llvm/build/include | |
| ./core/deps/llvm/build/lib | |
| ./core/deps/llvm/build/libexec | |
| ./core/deps/llvm/build/share | |
| key: ${{ matrix.llvm_cache_key }} | |
| fail-on-cache-miss: true | |
| - name: Build wamrc only for testing samples in aot mode | |
| if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS' | |
| run: | | |
| mkdir build && cd build | |
| cmake .. | |
| cmake --build . --config Release --parallel 4 | |
| cp wamrc `pwd`/../../product-mini/platforms/${{ matrix.platform }}/enclave-sample | |
| working-directory: wamr-compiler | |
| - name: Build Sample [file] | |
| run: | | |
| cd samples/file | |
| mkdir build && cd build | |
| cmake .. | |
| cmake --build . --config Debug --parallel 4 | |
| cp wasm-app/file.wasm `pwd`/../../../product-mini/platforms/${{ matrix.platform }}/enclave-sample | |
| - name: Test Sample [file] in non-aot mode | |
| if: matrix.iwasm_make_options_run_mode != '$AOT_BUILD_OPTIONS' | |
| run: | | |
| source /opt/intel/sgxsdk/environment | |
| ./iwasm --dir=. file.wasm | |
| working-directory: product-mini/platforms/${{ matrix.platform }}/enclave-sample | |
| - name: Test Sample [file] in aot mode | |
| if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS' | |
| run: | | |
| source /opt/intel/sgxsdk/environment | |
| ./wamrc -sgx -o file.aot file.wasm | |
| ./iwasm --dir=. file.aot | |
| working-directory: product-mini/platforms/${{ matrix.platform }}/enclave-sample | |
| spec_test_default: | |
| needs: [build_iwasm, build_llvm_libraries] | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| matrix: | |
| running_mode: ["classic-interp", "fast-interp", "aot", "fast-jit"] | |
| test_option: ["-x -p -s spec -b -P", "-x -p -s spec -S -b -P", "-x -p -s spec -X -b -P"] | |
| llvm_cache_key: ["${{ needs.build_llvm_libraries.outputs.cache_key }}"] | |
| exclude: | |
| # classic-interp, fast-interp and fast-jit don't support simd | |
| - running_mode: "classic-interp" | |
| test_option: "-x -p -s spec -S -b -P" | |
| - running_mode: "fast-interp" | |
| test_option: "-x -p -s spec -S -b -P" | |
| - running_mode: "fast-jit" | |
| test_option: "-x -p -s spec -S -b -P" | |
| # classic-interp, fast-interp and fast jit don't support XIP | |
| - running_mode: "classic-interp" | |
| test_option: "-x -p -s spec -X -b -P" | |
| - running_mode: "fast-interp" | |
| test_option: "-x -p -s spec -X -b -P" | |
| - running_mode: "fast-jit" | |
| test_option: "-x -p -s spec -X -b -P" | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Get LLVM libraries | |
| if: matrix.running_mode == 'aot' | |
| id: retrieve_llvm_libs | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ./core/deps/llvm/build/bin | |
| ./core/deps/llvm/build/include | |
| ./core/deps/llvm/build/lib | |
| ./core/deps/llvm/build/libexec | |
| ./core/deps/llvm/build/share | |
| key: ${{ matrix.llvm_cache_key }} | |
| - name: Quit if cache miss | |
| if: matrix.running_mode == 'aot' && steps.retrieve_llvm_libs.outputs.cache-hit != 'true' | |
| run: echo "::error::can not get prebuilt llvm libraries" && exit 1 | |
| - name: install SGX SDK and necessary libraries | |
| run: | | |
| mkdir -p /opt/intel | |
| cd /opt/intel | |
| wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin | |
| chmod +x sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin | |
| echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
| wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
| sudo apt update | |
| sudo apt install -y libsgx-launch libsgx-urts | |
| - name: run spec tests | |
| run: | | |
| source /opt/intel/sgxsdk/environment | |
| ./test_wamr.sh ${{ matrix.test_option }} -t ${{ matrix.running_mode }} | |
| working-directory: ./tests/wamr-test-suites |