Skip to content
/ WASMaker Public

WASMaker, a novel differential testing framework that can generate complicated Wasm test cases by disassembling and assembling real-world Wasm binaries, which can trigger hidden inconsistencies among Wasm runtimes.

7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

security-pride/WASMaker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
ASTs
ASTs
 
 
WASMaker
WASMaker
 
 
binaries
binaries
 
 
runtimes
runtimes
 
 
.DS_Store
.DS_Store
 
 
.gitattributes
.gitattributes
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
start.sh
start.sh
 
 

Repository files navigation

WASMaker

WASMaker, a novel differential testing framework that can generate complicated Wasm test cases by disassembling and assembling real-world Wasm binaries, which can trigger hidden inconsistencies among Wasm runtimes.

Getting Started

In order to generate and store AST, you need to first install MongoDB and get Wasm binaries from WasmBench.

The script corpus_preprocess.py parses WasmBench binaries and stores ASTs in MongoDB. For convenience, I have pre-imported the ASTs generated from parsing WasmBench into the Docker container. And the fuzz.py will generate Wasm binaries and feed them to each Wasm runtime for fuzzing.

Finally, the output of the runtime is stored in runtime_outputs.txt.

  1. set environment

WASMaker should run well on a server with Ubuntu 22.04. Please download Docker first.

sudo docker build -t wasmaker .
sudo docker run -it wasmaker # run a docker container
  1. Start fuzzing the Wasm runtimes(Wasmtime,Wasmer,WAMR,WasmEdge)
# in the docker container 
cd home/ubuntu/WASMaker/
python3 fuzz.py

The outputs of the runtimes are stored in runtime_outputs.txt, and the generated binaries are stored in /home/ubuntu/binaries.

The outputs are formatted as follows:

==================================================
../binaries/file1.wasm
-----------------wasmtime-----------------
warning: using `--invoke` with a function that returns values is experimental and may break in the future
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493

-----------------wasmer-----------------
timeout 5s
-----------------wamr-----------------
fast jit compilation failed: Error: unsupported opcode
failed to compile fast jit function 0
fast jit compilation failed: Error: unsupported opcode
Exception: failed to compile fast jit function

-----------------wasmedge-----------------
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493
29419985997212769685300370766333065493

Detailed Description

Confirmed Issues

The all binaries of the confirmed issues are stored in home/ubuntu/binaries/confirmed binaries/.

About

WASMaker, a novel differential testing framework that can generate complicated Wasm test cases by disassembling and assembling real-world Wasm binaries, which can trigger hidden inconsistencies among Wasm runtimes.

Resources

Readme
Activity
Custom properties

Stars

7 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages