Fix off-by-one error in result offset calculation for function calls

Author: lum1n0us

core/iwasm/interpreter/wasm_interp_fast.c

@@ -43,7 +43,7 @@ typedef float64 CellType_F64;
      && (app_addr) <= shared_heap_end_off - bytes + 1)
 
 #define shared_heap_addr_app_to_native(app_addr, native_addr) \
-    native_addr = shared_heap_base_addr + ((app_addr)-shared_heap_start_off)
+    native_addr = shared_heap_base_addr + ((app_addr) - shared_heap_start_off)
 
 #define CHECK_SHARED_HEAP_OVERFLOW(app_addr, bytes, native_addr) \
     if (app_addr_in_shared_heap(app_addr, bytes))                \
@@ -1670,7 +1670,8 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
             {
                 uint32 ret_idx;
                 WASMFuncType *func_type;
-                uint32 off, ret_offset;
+                int32 off;
+                uint32 ret_offset;
                 uint8 *ret_types;
                 if (cur_func->is_import_func)
                     func_type = cur_func->u.func_import->func_type;
@@ -1682,9 +1683,9 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
                 ret_offset = prev_frame->ret_offset;
 
                 for (ret_idx = 0,
-                    off = sizeof(int16) * (func_type->result_count - 1);
+                    off = (int32)sizeof(int16) * (func_type->result_count - 1);
                      ret_idx < func_type->result_count;
-                     ret_idx++, off -= sizeof(int16)) {
+                     ret_idx++, off -= (int32)sizeof(int16)) {
                     if (ret_types[ret_idx] == VALUE_TYPE_I64
                         || ret_types[ret_idx] == VALUE_TYPE_F64) {
                         PUT_I64_TO_ADDR(prev_frame->lp + ret_offset,

tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt

@@ -72,7 +72,7 @@ endif ()
 
 if (NOT DEFINED WAMR_BUILD_LIBC_WASI)
   # Enable libc wasi support by default
-  set (WAMR_BUILD_LIBC_WASI 1)
+  set (WAMR_BUILD_LIBC_WASI 0)
 endif ()
 
 if (NOT DEFINED WAMR_BUILD_FAST_INTERP)