Merge branch main into dev/simd_for_interp #3925
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.13 to 3.27.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.26.13...v3.27.0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Refine looking up aot function with index * refine the code
* Bump AOT_CURRENT_VERSION for WAMR 2.x (gc, memory64) Maybe it's too late because we have already made a few releases since then. But this might still help users who haven't upgraded to WAMR 2.x yet. Also, for the purpose of the versioning, it's safer to bump needlessly than missing necessary bumps. Fixes #3837 * test-tools/aot-analyzer/include/config.h: bump AOT_CURRENT_VERSION
) When checking for integer overflow, you may often write tests like p + i < p. This works fine if p and i are unsigned integers, since any overflow in the addition will cause the value to simply "wrap around." However, using this pattern when p is a pointer is problematic because pointer overflow has undefined behavior according to the C and C++ standards. If the addition overflows and has an undefined result, the comparison will likewise be undefined; it may produce an unintended result, or may be deleted entirely by an optimizing compiler.
This commit refactors the AOT loader in `aot_loader.c` to support compatible versions of the AOT_CURRENT_VERSION constant. Previously, the loader only accepted the exact AOT_CURRENT_VERSION value, but now it also accepts version 3. This change ensures that the runtime can load modules AoT-compiled with different versions of wamrc as long as they have compatible AOT_CURRENT_VERSION values. Related to #3880.
add wasm loader check: in code entry, the code size should match the size of vec(locals) + expr, and expr should end with opcode end
fix(uwp): Gate NTSTATUS definition behind WINAPI_PARTITION_DESKTOP for UWP build
While resolving linked globals in multi-module mode, WAMR tries to copy the linked global's initial value into the destination global in the current module. However, a bug in the implementation causes the copy to be done from the InitializerExpression struct, not from its WASMValue field. This did not come up in WAMR's spec test runner because those are built with WASM_ENABLE_SPEC_TEST, which means these globals are resolved as builtins, not linked globals, which goes through a different (presumably not faulty) path.
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.27.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.27.0...v3.27.1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…local definition anyway (#3899)
Reference Info: 377955855 wamr:wasm_mutator_fuzz_loader: Direct-leak in wasm_loader_emit_br_info https://issues.oss-fuzz.com/issues/377955855
`module_inst->table_count = module->import_table_count + module->table_count`, using it as an index will go through `module->import_tables` and `module->tables`, but aot init data is only available for non-import tables.
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.27.1...v3.27.4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
allowing custom ARC toolchain on Windows
The recent version of the rust toolchain will emit ref types opcodes, which needs to enable this feature in the `iwasm` build. The vector format parsing logic has some errors in the current version. I disabled the check for now and am waiting for further investigation.
wenyongh
requested review from
loganek,
lum1n0us,
no1wudi,
xujuntwt95329 and
yamt
as code owners
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| # Initializes the CodeQL tools for scanning. | ||
| - name: Initialize CodeQL | ||
| uses: github/codeql-action/init@v3.26.13 | ||
| uses: github/codeql-action/init@v3.27.4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
| ./.github/scripts/codeql_buildscript.sh | ||
| - name: Perform CodeQL Analysis | ||
| uses: github/codeql-action/analyze@v3.26.13 | ||
| uses: github/codeql-action/analyze@v3.27.4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
|
|
||
| - name: Upload CodeQL results to code scanning | ||
| uses: github/codeql-action/upload-sarif@v3.26.13 | ||
| uses: github/codeql-action/upload-sarif@v3.27.4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Check possible integer overflow in aot memory boundary check when the wasm memory is 64-bit.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.