Sync with main branch#4872
Merged
lum1n0us merged 107 commits intobytecodealliance:dev/cm_wasip2from Mar 17, 2026
Merged
Conversation
Correct the error introduced by de4b950.
…ng (bytecodealliance#4697) Add Call Frame Information (CFI) directives to invokeNative_thumb_vfp.s to improve stack unwinding and debugging capabilities on ARM platforms. This enables better backtrace generation and crash analysis. Changes include: - Add .cfi_startproc/.cfi_endproc directives for proper frame tracking - Add .cfi_def_cfa_offset and .cfi_def_cfa to track stack pointer changes - Add .cfi_offset directives to track saved register locations - Convert local labels to use .L prefix following assembly conventions These CFI directives allow debuggers and exception handlers to properly unwind the stack through native function calls, improving the debugging experience for WAMR applications on ARM targets. Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
…dealliance#4711) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 5.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.6.2...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ealliance#4709) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.1 to 4.31.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.29.1...v4.31.3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ions to make supplying a test mandatory, except in exceptional situations. (bytecodealliance#4713)
* fix: remove SIMD prefix handling from interpreter and update opcode definitions * test: add case for classic interpreter handling of unsupported SIMD opcodes
when meeting simd opcode on non-posix platforms
…el naming in Thumb invokeNative (bytecodealliance#4719) This change enhances debugging support and improves assembly code quality: 1. Add CFI (Call Frame Information) directives (.cfi_startproc, .cfi_def_cfa_offset, .cfi_offset, .cfi_endproc) to provide proper call frame information for debuggers 2. Improve label naming by using dot-prefixed conventions (.Lreturn, .Lcall_func, etc.) following assembly best practices These improvements enhance debugging capabilities and code maintainability while preserving functionality. Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
…e#4720) The NuttX project released version 12.11 with improvements and bug fixes. Updating the CI workflows to use the latest stable version ensures that WAMR testing and compilation verification runs against the most current NuttX release. Updated 4 repository references total across 2 workflow files to point to the new release branch. Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
Add Raspberry Pi Pico 2 (Cortex-M33) board configuration to the NuttX CI build matrix to ensure WAMR compatibility testing covers the Cortex-M33 platform. The board configuration path "boards/arm/rp23xx/raspberrypi-pico-2/configs/nsh" is inserted after the cortex-m7 configuration to maintain logical architecture ordering.
…lliance#4707) * track if WASIArguments is configured by user i plan to use this to decide which wasi arguments (the one from module or the one from InstantiationArgs2) to use. * add WASIArguments to InstantiationArgs2 * use wasi configuration from InstantiationArgs2 if any fallback to the via-module configuration for now. * add a few api to configure wasi via InstantiationArgs2 * configure wasi via InstantiationArgs2 for platforms using libc_wasi.c * rt-thread: migrate to libc_wasi_set_init_args * common/libc_wasi.c: retire libc_wasi_init * fix build without wasi
* Namespace generated headers with zephyr/ --------- Signed-off-by: Krisztian Szilvasi <34309983+kr-t@users.noreply.github.com>
…ealliance#4727) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.3 to 4.31.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v4.31.3...v4.31.5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The local fuzzing server is a feature that has not been used for a long time and is currently unmaintained. Temporarily remove it from the codebase, and restore it when needed.
Optimize GitHub Actions workflow execution by limiting triggers to only changes in the compilation_on_zephyr.yml workflow file itself, reducing unnecessary workflow runs when other .github files are modified. * Update pull_request trigger paths to target specific workflow file * Update push trigger paths to target specific workflow file * Eliminates redundant CI runs for documentation and script changes
Disable UF2 binary support for RP23XX boards in the compilation workflow to resolve build issues and maintain consistency with RP2040 board configuration. * Added kconfig-tweak --disable CONFIG_RP23XX_UF2_BINARY * Follows existing pattern for RP2040 boards * Ensures successful compilation for rp23xx target
Signed-off-by: Krisztian Szilvasi <34309983+kr-t@users.noreply.github.com>
…ance#4736) Update NuttX and nuttx-apps repository references from release tags to specific commit hashes to resolve CI build failures. * Updated nuttx from releases/12.11 to 09a71ec7c16c43398d5acbdcbeee7b08736c3170 * Updated nuttx-apps from releases/12.11 to 6bd593459c4af3cef325c3d22bccd5537a8ed755 * Preserved xtensa-specific commit logic in spec_test_on_nuttx.yml * Applied changes to both compilation and spec test workflows Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
…codealliance#4690) * feat: add support for checking unsupported build configurations * docs: improve clarity and formatting in build_wamr.md * feat: add check for unsupported SHARED_HEAP + FAST_JIT configuration and update documentation warning * feat: disable default SIMD setting for 64-bit platform in CMake configuration * feat: update Android and macOS workflows to handle SIMD support in classic interp mode * feat: update SGX compilation workflow to handle unsupported FAST_JIT and classic interp mode without SIMD support * feat: enhance check for unsupported CLASSIC_INTERP configurations * feat: disable fast interpreter for shared heap tests and update unsupported features test library * feat: enhance unsupported combination checks and update build configurations for JIT and SIMD * In regression tests, use llvm-jit and fast-jit to replace multi-tier-jit + running mode. Multi-tier-jit contains both fast-jit and llvm-jit. Fast-jit doesn't support SIMD, but llvm-jit does. So, should multi-tier-jit support SIMD? My answer is NO. - The regular form of multi-tier-jit uses fast-jit as tier1 and llvm-jit as tier2. Therefore, if fast-jit doesn't support SIMD, the entire multi-tier doesn't support SIMD either. - `--fast-jit` and `--llvm-jit` of multi-tier-jit should adhere to the global limitations of multi-tier-jit. * Explicitly specify SIMD, MULTI_MODULE, and their unsupported running modes. - SIMD and Ref. types are enabled by default on linux and darwin. So remove duplicate feature testing from CI - Apply new configuration for wasm-c-api compilation commands
…nce#4738) Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.1 to 6.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v5.0.1...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ealliance#4739) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.5 to 4.31.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v4.31.5...v4.31.6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…nce#4747) Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v6...v6.0.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ealliance#4746) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.6 to 4.31.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v4.31.6...v4.31.7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… env init/destroy (bytecodealliance#4842) * Fix Windows VEH registration/removal lifecycle * Remove redundant OS_THREAD_MUTEX_INITIALIZER guards Since the code is already inside #ifdef BH_PLATFORM_WINDOWS, the macro is always defined. Use NULL directly for clarity. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…dealliance#4859) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ealliance#4858) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.4 to 4.32.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v4.32.4...v4.32.5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…tecodealliance#4847) * Add bounds checking for output tensor buffer in wasi-nn llama.cpp The get_output function copies LLM output into output_tensor->buf without checking against output_tensor->size, allowing writes past the buffer when the model generates output longer than the caller-provided buffer. Add size checks for both the metadata path and the token output loop. Instead of silently truncating output when the buffer is too small, return the too_large error with a diagnostic message. This makes the behavior consistent with the OpenVINO backend's get_output and allows callers to distinguish between successful completion and insufficient buffer size.
* Fix a compilation error by clang-17 ``` variable-sized object may not be initialized ``` clang-17 is the default version on MacOS Tahoe(26.2) on AppleM1
…ts (bytecodealliance#4819) Disable corresponding cases in spec test
…ce#4845) * Fix off-by-one in aot_alloc_tiny_frame overflow check The boundary check in aot_alloc_tiny_frame only verifies that new_frame itself doesn't exceed top_boundary, but doesn't account for the sizeof(AOTTinyFrame) bytes that are about to be written. When new_frame equals top_boundary exactly, the check passes but the subsequent write to new_frame->func_index goes past the boundary. This matches the correct pattern used in aot_alloc_frame (line 4086) which includes the frame size.
) * clean(warnings): fix [-Wsign-compare] in zephyr_file buf_len is a long unsigned int, while bytes_* can be negative due to error values. We don't need to check bytes_* for negative value, as it was done during read/write op. * clean(warnings): fix "MIN" redefined warning Some platforms, like Zephyr, already define MIN and definition in WAMR cause `warning: "MIN" redefined` warning. Check if it was defined before, and do not redefine it. Signed-off-by: Krisztian Szilvasi <34309983+kr-t@users.noreply.github.com>
…ytecodealliance#4862) Signed-off-by: zhenweijin <zhenwei.jin@intel.com>
* refactor(ci): production-ready SGX install script with logging and idempotency - Add comprehensive logging infrastructure to /tmp/install_sgx.log - Implement idempotency checks for SGX packages and SDK - Modularize into functions: platform_detect, install_packages, validate_installation, cleanup - Add strict error handling with set -euo pipefail and error traps - Replace FIXME with proper environment sourcing documentation - Add dynamic platform detection for Ubuntu 20+/Debian 11/12 - Ensure minimal console output (final status only) with all details in log - Verify all acceptance scenarios pass with comprehensive testing * Refactoring enclave-sample aligning sgx BKM. - Buffer interface redesign to separate input and output - prevent untrusted pointer - add module and instance handle release functions for better resource management
…ecodealliance#4865) Remove `wasm_runtime_common.h` and `bh_read_file.h` includes from the wasm_mutator_fuzz harness. All runtime APIs used by this fuzzer (wasm_runtime_init, wasm_runtime_load, wasm_runtime_instantiate, wasm_runtime_call_wasm_a, wasm_runtime_get_export_count, etc.) are declared in the public `wasm_export.h` header. - `wasm_runtime_common.h` (core/iwasm/common/) is an internal implementation header not intended for external use. - `bh_read_file.h` (core/shared/utils/uncommon/) is an internal utility header whose functions are never called in this fuzzer. Verified that the modified harness compiles and runs correctly for all three build targets (classic-interp, fast-interp, llvm-jit) with identical code coverage.
…iance#4837) * Fix RETHROW handler missing IS_INVALID_TAGINDEX check Add validation for exception_tag_index in the RETHROW opcode handler to prevent out-of-bounds access to module->module->tags[] when the tag index is INVALID_TAGINDEX (0xFFFFFFFF). This matches the existing check in the THROW handler. When CATCH_ALL catches a cross-module exception with an unknown tag, it pushes INVALID_TAGINDEX onto the stack. Without this check, a subsequent RETHROW would access tags[0xFFFFFFFF]. * Fix incorrect code section byte counts in exception handling test The hand-crafted WASM binary in load_module_with_exception_handling had an off-by-one in the code section: body size was declared as 7 but the actual body (local count + try/catch_all/end/end) is only 6 bytes. This caused the WASM loader to fail with "unexpected end" when it tried to read past the available bytes. Fix the body size from 7 to 6 and the code section size from 9 to 8.
…iance#4846) * Fix relocation addend sign extension on 32-bit platforms When loading relocations on 32-bit platforms, the addend is read as uint32 and zero-extended to uint64, which corrupts negative addends. For example, -4 (0xFFFFFFFC) becomes 4294967292 instead of remaining -4. Use int32 with sign extension to int64, matching the Windows code path which already handles this correctly.
- refactor(wasi_types): deprecate enums in platform_wasi_types.h. - Use macros instead. Signed-off-by: Krisztian Szilvasi <34309983+kr-t@users.noreply.github.com> Signed-off-by: Dan Kouba <dan@atym.io>
…ealliance#4868) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.5 to 4.32.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v4.32.5...v4.32.6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ion (bytecodealliance#4780) * fix: disable unsigned integer overflow sanitization in build configurations FYI: from https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html `-fsanitize=unsigned-integer-overflow`: Unsigned integer overflow, where the result of an unsigned integer computation cannot be represented in its type. Unlike signed integer overflow, this is not undefined behavior, but it is often unintentional. This sanitizer does not check for lossy implicit conversions performed before such a computation. It brings a more common question: which is better, pre-additional-check or post-additional-check to fix a potential unsigned integer overflow? A pre-additional-check involves using a check to prevent integer overflow from the very beginning. A post-additional-check involves using a check after addition to see if there is an overflow. In this project, post-additional-checking is widely used. let's follow the routine. for performance sensitive logic, use __builtin_add_overflow etc. provide something like https://github.com/yamt/toywasm/blob/9a5622791e99395e26e6e96cef830af3d91a1685/lib/platform.h#L176-L191 and encourage the use of them. ref. bytecodealliance#4549 (comment) * fix: update AOT compiler configuration and enhance error handling in fuzz tests
- detecting host arch. and platform instead of hard-coding - fix few compilation errors because of stricter rules involve by appleclang - refactor: modernize wasm-apps CMakeLists.txt to target-specific options and install commands - refactor: modernize memory64 CMakeLists.txt to target-specific options and install commands - Update running-modes CMakeLists.txt: enable AOT and INTERP; JIT/FAST_JIT gating for x86_64. Fix typo in JIT section. - fix: replace deprecated get_binary_path function with get_test_binary_dir for improved portability - fix: adjust size_level test cases for aarch64 architecture compatibility
* Move exception lock to ModuleInstance data. This lock acquired on each native function call. This cause performance impact on programs, containing many native function calls, and running in multithreaded environment. Update AOT_CURRENT_VERSION constant.
…input in fuzz (bytecodealliance#4869) Signed-off-by: zhenweijin <zhenwei.jin@intel.com>
santon1972
requested review from
TianlongLiang,
loganek,
lum1n0us,
no1wudi and
yamt
as code owners
lum1n0us
approved these changes
Mar 17, 2026
lum1n0us
merged commit 88d22df
into
bytecodealliance:dev/cm_wasip2
778 of 783 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Please sync the cm_wasip2 branch with the main branch