Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure x0 is not modified in mops #403

Merged
merged 4 commits into from
Feb 23, 2024
Merged

Make sure x0 is not modified in mops #403

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5970384
Make sure x0 is not modified in mops
mohanson Feb 22, 2024
edd4461
Ensure aarch64 behavior is consistent with x86
mohanson Feb 23, 2024
fbbe26f
Refactor
mohanson Feb 23, 2024
6b41a7e
Quick fix previous commit
mohanson Feb 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 29 additions & 5 deletions fuzz/fuzz_targets/asm.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
#![no_main]
use ckb_vm::cost_model::constant_cycles;
use ckb_vm::machine::asm::{AsmCoreMachine, AsmMachine};
use ckb_vm::machine::{DefaultMachineBuilder, VERSION2};
use ckb_vm::machine::{DefaultCoreMachine, DefaultMachineBuilder, VERSION2};
use ckb_vm::memory::sparse::SparseMemory;
use ckb_vm::memory::wxorx::WXorXMemory;
use ckb_vm::{Bytes, Error, ISA_A, ISA_B, ISA_IMC, ISA_MOP};
use libfuzzer_sys::fuzz_target;

fn run(data: &[u8]) -> Result<i8, Error> {
fn run_asm(data: &[u8]) -> Result<i8, Error> {
let asm_core = AsmCoreMachine::new(ISA_IMC | ISA_A | ISA_B | ISA_MOP, VERSION2, 200_000);
let core = DefaultMachineBuilder::<Box<AsmCoreMachine>>::new(asm_core)
.instruction_cycle_func(Box::new(constant_cycles))
Expand All @@ -16,10 +18,32 @@ fn run(data: &[u8]) -> Result<i8, Error> {
machine.run()
}

fn run_int(data: &[u8]) -> Result<i8, Error> {
let machine_memory = WXorXMemory::new(SparseMemory::<u64>::default());
let machine_core = DefaultCoreMachine::new_with_memory(
ISA_IMC | ISA_A | ISA_B | ISA_MOP,
VERSION2,
200_000,
machine_memory,
);
let mut machine = DefaultMachineBuilder::new(machine_core)
.instruction_cycle_func(Box::new(constant_cycles))
.build();
let program = Bytes::copy_from_slice(data);
machine.load_program(&program, &[])?;
machine.run()
}

fuzz_target!(|data: &[u8]| {
let r0 = run(data);
let r1 = run(data);
let r2 = run(data);
let r0 = run_asm(data);
let r1 = run_asm(data);
let r2 = run_asm(data);
let r3 = run_int(data);
assert_eq!(r0, r1);
assert_eq!(r1, r2);
if r2.is_ok() {
assert_eq!(r2.unwrap(), r3.unwrap());
} else {
assert!(r3.is_err())
}
});
36 changes: 20 additions & 16 deletions src/machine/asm/execute_aarch64.S
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,17 +75,17 @@
str v, REGISTER_ADDRESS(RD) SEP \
str ZERO_VALUE, ZERO_ADDRESS

#define WRITE_RD_V2(v) \
str v, REGISTER_ADDRESS(RD)

#define WRITE_RS1(v) \
str v, REGISTER_ADDRESS(RS1) SEP \
str ZERO_VALUE, ZERO_ADDRESS
str v, REGISTER_ADDRESS(RS1)

#define WRITE_RS2(v) \
str v, REGISTER_ADDRESS(RS2) SEP \
str ZERO_VALUE, ZERO_ADDRESS
str v, REGISTER_ADDRESS(RS2)

#define WRITE_RS3(v) \
str v, REGISTER_ADDRESS(RS3) SEP \
str ZERO_VALUE, ZERO_ADDRESS
str v, REGISTER_ADDRESS(RS3)

#define NEXT_INST \
ldr TEMP1, [INST_ARGS] SEP \
Expand All @@ -96,6 +96,10 @@
add INST_PC, INST_PC, 16 SEP \
br TEMP2

#define NEXT_INST_V2 \
str ZERO_VALUE, ZERO_ADDRESS SEP \
NEXT_INST

#define DECODE_R \
ubfx RS1, TEMP1, 0, 8 SEP \
ubfx RS2, TEMP1, 8, 8
Expand Down Expand Up @@ -1873,9 +1877,9 @@ ckb_vm_x64_execute:
ldr TEMP4, REGISTER_ADDRESS(RS2)
adds TEMP3, TEMP3, TEMP4
adc TEMP1, TEMP1, TEMP1
WRITE_RD(TEMP3)
WRITE_RD_V2(TEMP3)
WRITE_RS3(TEMP1)
NEXT_INST
NEXT_INST_V2
.CKB_VM_ASM_LABEL_OP_SBBS:
DECODE_R4
mov TEMP1, 0
Expand All @@ -1884,9 +1888,9 @@ ckb_vm_x64_execute:
subs TEMP3, TEMP3, TEMP4
adc TEMP1, TEMP1, TEMP1
eor TEMP1, TEMP1, 1
WRITE_RD(TEMP3)
WRITE_RD_V2(TEMP3)
WRITE_RS3(TEMP1)
NEXT_INST
NEXT_INST_V2
.CKB_VM_ASM_LABEL_OP_ADD3A:
DECODE_R5
mov TEMP2, 0
Expand All @@ -1897,10 +1901,10 @@ ckb_vm_x64_execute:
mov TEMP3, TEMP2
ldr TEMP1, REGISTER_ADDRESS(RS4_TEMP5)
add TEMP3, TEMP3, TEMP1
WRITE_RD(TEMP4)
WRITE_RD_V2(TEMP4)
WRITE_RS2(TEMP2)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.CKB_VM_ASM_LABEL_OP_ADD3B:
DECODE_R5
mov TEMP2, 0
Expand All @@ -1911,10 +1915,10 @@ ckb_vm_x64_execute:
mov TEMP3, TEMP2
ldr TEMP1, REGISTER_ADDRESS(RS4_TEMP5)
add TEMP3, TEMP3, TEMP1
WRITE_RD(TEMP4)
WRITE_RD_V2(TEMP4)
WRITE_RS1(TEMP2)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.CKB_VM_ASM_LABEL_OP_ADD3C:
DECODE_R5
mov TEMP3, 0
Expand All @@ -1923,9 +1927,9 @@ ckb_vm_x64_execute:
ldr TEMP4, REGISTER_ADDRESS(RS4_TEMP5)
adds TEMP1, TEMP1, TEMP2
adc TEMP3, TEMP3, TEMP4
WRITE_RD(TEMP1)
WRITE_RD_V2(TEMP1)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.exit_max_cycles_exceeded:
mov x0, CKB_VM_ASM_RET_MAX_CYCLES_EXCEEDED
b .exit
Expand Down
27 changes: 17 additions & 10 deletions src/machine/asm/execute_x64.S
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -338,6 +338,9 @@
movq v, REGISTER_ADDRESS(RD); \
movq $0, ZERO_ADDRESS

#define WRITE_RD_V2(v) \
movq v, REGISTER_ADDRESS(RD); \

#define WRITE_RS1(v) \
movq v, REGISTER_ADDRESS(RS1); \

Expand Down Expand Up @@ -365,6 +368,10 @@
addq $16, INST_PC; \
jmp *TEMP1

#define NEXT_INST_V2 \
movq $0, ZERO_ADDRESS; \
NEXT_INST

#define DECODE_R \
movzbl %cl, RS1d; \
movzbl %ch, RS2rd
Expand Down Expand Up @@ -2346,19 +2353,19 @@ ckb_vm_x64_execute:
movq REGISTER_ADDRESS(RS1), %rcx
addq REGISTER_ADDRESS(RS2r), %rcx
adc $0, TEMP1
WRITE_RD(%rcx)
WRITE_RD_V2(%rcx)
WRITE_RS3(TEMP1)
NEXT_INST
NEXT_INST_V2
.p2align 3
.CKB_VM_ASM_LABEL_OP_SBBS:
DECODE_R4
xor TEMP1, TEMP1
movq REGISTER_ADDRESS(RS1), %rcx
subq REGISTER_ADDRESS(RS2r), %rcx
adc $0, TEMP1
WRITE_RD(%rcx)
WRITE_RD_V2(%rcx)
WRITE_RS3(TEMP1)
NEXT_INST
NEXT_INST_V2
.p2align 3
.CKB_VM_ASM_LABEL_OP_ADD3A:
DECODE_R5
Expand All @@ -2368,10 +2375,10 @@ ckb_vm_x64_execute:
adc $0, TEMP2
movq TEMP2, TEMP3
addq REGISTER_ADDRESS(RS4_TEMP1), TEMP3
WRITE_RD(%rcx)
WRITE_RD_V2(%rcx)
WRITE_RS2r(TEMP2)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.p2align 3
.CKB_VM_ASM_LABEL_OP_ADD3B:
DECODE_R5
Expand All @@ -2381,20 +2388,20 @@ ckb_vm_x64_execute:
adc $0, TEMP2
movq TEMP2, TEMP3
addq REGISTER_ADDRESS(RS4_TEMP1), TEMP3
WRITE_RD(%rcx)
WRITE_RD_V2(%rcx)
WRITE_RS1(TEMP2)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.p2align 3
.CKB_VM_ASM_LABEL_OP_ADD3C:
DECODE_R5
xor TEMP3, TEMP3
movq REGISTER_ADDRESS(RS1), %rcx
addq REGISTER_ADDRESS(RS2r), %rcx
adcq REGISTER_ADDRESS(RS4_TEMP1), TEMP3
WRITE_RD(%rcx)
WRITE_RD_V2(%rcx)
WRITE_RS3(TEMP3)
NEXT_INST
NEXT_INST_V2
.p2align 3
.exit_out_of_bound:
mov TEMP3, CKB_VM_ASM_ASM_CORE_MACHINE_OFFSET_ERROR_ARG0(MACHINE)
Expand Down
Loading