Currently wasmtime's error message for `wasmtime nonexistent.wasm`
doesn't actually refer to `nonexistent.wasm` anywhere, so this commit
fills that in as contextual information on the returned error.
Do this by updating `crossbeam-epoch` and auditing this update of
crossbeam. The newer version of crossbeam additionally updates its
version of `memoffset`.
This commit adds `cargo vet` trust entries for any crate published by
BurntSushi, of which a good number are in our dependency graph. This
additionally updates the `bstr` crate to its latest version and updates
regex-related dependencies from other crates to avoid duplication of
versions.
* Remove deny.toml exception for wasm-coredump-builder
This isn't used any more so no need to continue to list this.
* Update Wasmtime's pretty_env_logger dependency
This removes a `deny.toml` exception for that crate, but `openvino-sys`
still depends on `pretty_env_logger 0.4.0` so a new exception is added
for that.
* Update criterion and clap dependencies
This commit started out by updating the `criterion` dependency to remove
an entry in `deny.toml`, but that ended up transitively requiring a
`clap` dependency upgrade from 3.x to 4.x because `criterion` uses
pieces of clap 4.x. Most of this commit is then dedicated to updating
clap 3.x to 4.x which was relatively simple, mostly renaming attributes
here and there.
* Update gimli-related dependencies
I originally wanted to remove the `indexmap` clause in `deny.toml` but
enough dependencies haven't updated from 1.9 to 2.0 that it wasn't
possible. In the meantime though this updates some various dependencies
to bring them to the latest and a few of them now use `indexmap` 2.0.
* Update deps to remove `windows-sys 0.45.0`
This involved updating tokio/mio and then providing new audits for new
crates. The tokio exemption was updated from its old version to the new
version and tokio remains un-audited.
* Update `syn` to 2.x.x
This required a bit of rewriting for the component-macro related bits
but otherwise was pretty straightforward. The `syn` 1.x.x track is still
present in the wasi-crypto tree at this time.
I've additionally added some trusted audits for my own publications of
`wasm-bindgen`
* Update bitflags to 2.x.x
This updates Wasmtime's dependency on the `bitflags` crate to the 2.x.x
track to keep it up-to-date.
* Update the cap-std family of crates
This bumps them all to the next major version to keep up with updates.
I've additionally added trusted entries for publishes of cap-std crates
from Dan.
There's still lingering references to rustix 0.37.x which will need to
get weeded out over time.
* Update memoffset dependency to latest
Avoids having two versions in our crate graph.
* Fix tests
* Update try_from for wiggle flags
* Fix build on AArch64 Linux
* Enable `event` for rustix on Windows too
Currently Cargo's interpretation of prerelease version doesn't quite
match semver's, meaning that hyper, which is taking semver's
interpretation, has broken Wasmtime builds without lock files. The rc.4
version of hyper released is no longer compatible with our
usage which means that `cargo install wasmtime-cli` currently fails. It
passes, however, with `--locked`.
To resolve this the dependency on hyper gets an `=` dependency for now
to force it to be at this version.
* Disable some icmp optimizations for vector types
This is a fix for #6725 where some icmp rules written for scalars were
accidentally firing for vectors and generating invalid code, namely
producing an `iconst` of a vector type.
* Fix test compile
* Cranelift: upgrade to regalloc2 0.9.2.
This pulls in bytecodealliance/regalloc2#152, which fixes a bug that is
reachable on RISC-V: when two different register classes have the same
stackslot size, the register allocation result might share a slot
between two different classes, which can result in moves between classes
that will cause a panic. The fix properly separates slots by class.
* cargo-vet update for regalloc2 0.9.2.
Released today this updates from 1.69.0 to 1.71.0. Note that 1.70.0 was
skipped due to presumed codegen bugs for s390x and riscv64. These were
previously tested to work with 1.71.0, so it's time to confirm.
* Update wasm-tools dependencies
* Get tests passing after wasm-tools update
Mostly dealing with updates to `wasmparser`'s API.
* Update `cargo vet` for new crates
* Add `equivalent`, `hashbrown`, and `quote` to the list of trusted
authors. We already trust these authors for other crates.
* Pull in some upstream audits for various deps.
* I've audited the `pulldown-cmark` dependency upgrade myself.
* Adding all missing branches to is_zero and adding cornercase to vall_true tests
* Starting to work on iterator
* Move Iterator implementation to DataValueExt
* Backup commit
* quick and dirty iterator
* adding test
* Simplifying code. Adding tests
* New implementation for Opcode::VallTrue
* Adding i64x2 testcase
* Using try_fold makes the code way more readable
* Correct results
* Simplify code even more
* Fix typo and propagate error up the chain
* Simply clone() DataValue without going through integers
* Return InvalidType for is_zero on any vector
* Handle V64 and V128 together
Co-authored-by: Afonso Bordado <afonso360@users.noreply.github.com>
* Reformat code
* Reduce visibility of extractlanes
---------
Co-authored-by: Afonso Bordado <afonso360@users.noreply.github.com>
This commit fixes a mistake from the SSE2-simd work where an SSSE3 guard
was missing from a usage of `pshufb`. I assumed that the SSE4.1 guard
was enough but a fuzz-generated test case shows that it's possible to
enable SSE4.1 without SSSE3 so a second condition is added here (SSE4.1
remains for `pinsrb` and SSSE3 is for `pshufb`).
* Fix some warnings on nightly Rust
* One is to avoid using `drop(&mut T)`
* Another is to avoid using `()` in FFI functions since apparently
that's not recommended. Working around this in the macro was pretty
tricky, however.
* Fix a typo
* Review feedback
We discussed this in today's Wasmtime meeting and the consensus was that
we trust each of these people to have a sufficient standard of care for
anything they release.
This reduces our estimated audit backlog by about 184 kLOC.
For the most part, the trust records I'm adding here are identical to
trust records that Mozilla is using. The fact that they've also decided
these publishers are trustworthy is reassuring additional evidence for
our decision. The exceptions and notable cases are as follows:
I've chosen to not trust three crates by these authors that Mozilla did
not trust. I suspect Mozilla simply doesn't use these crates or has
manually audited them, rather than there being any problem with the
crates themselves. But I've chosen to be conservative about what we
trust.
- autocfg: we only have an exception for an old version, and that
version is only used transitively by wasi-crypto.
- env_logger: Mozilla has audited some versions; we should update, or
add delta audits.
- thread_local: only used by tracing-subscriber which is only used in
dev-dependencies.
I've trusted one crate that Mozilla did not: libm, when published by
Amanieu. We're trusting libc when published by the same author, and libm
is a small extension of the same trust.
Recent versions of the toml crate have been published by epage so I
looked at in this process, but Mozilla only trusts the older versions
which were published by alexcrichton. They've been delta-auditing the
newer versions. I've chosen to follow their lead on this; Alex is a
trusted contributor to Wasmtime anyway.
* Attempt versioned exports to facilitate having multiple versions in the same crate
* Modify approach to use `export_name` and `link_name`
* Only apply version to names in assembly and foreign item fns
* Attempt to handle the s390x case
* Fix alignment of backslashes in assembly file
* Pretend I understand the preprocessor
* Version symbols in `crates/runtime/src/helpers.c`
* Stop versioning `__jit_debug_register_code` because gdb relies on it and it is uses `weak` linkage
* Version symbol in `crates/fiber/src/windows.c`
* Consolidate `LitStr` creation in macro
* Add new crate to publish script and supply-chain config
* Fix order in supply chain config
* Set `audit-as-crates-io` to false
* Missing `versioned_link` for Windows
* Version strings used in debug
* Formatting
* Get rid of `versioned_str` and bring back `versioned_suffix`
---------
Co-authored-by: Alex Crichton <alex@alexcrichton.com>
This commit adds support for the `local.tee` instruction. This change
also introduces a refactoring to the original implementation of
`local.set` to be able to share most of the code for the implementation
of `local.tee`.
* Update calling conventions for wasm functions slightly
This resolves two issues from recent changes in #6649:
* First the s390x calling convention for wasm functions is changed back
to `WasmtimeSystemV` from `Fast`. This was an accidental omission from
#6649 where the conclusion was that s390x will continue using a
calling convention with little-endian lane order for lane arguments.
The only calling convention that supports this today is
`WasmtimeSystemV`, although the `Tail` calling convention will likely
use it in the future as well.
* Second the apple-aarch64 platform now uses the `Fast` calling
convention instead of `AppleAarch64` calling convention. That
convention was specified in #4195 but local testing shows that is not
necessary in the sense that tests all pass with the `Fast` calling
convention. This means that the prior comment why the `AppleAarch64`
calling convention is required is no longer accurate and in the
absence of a reason not to I went ahead and switched it to `Fast`.
In the near future all wasm functions will unconditionally use the
`Tail` calling convention and at that time the lane order can be
specified on s390x to be little-endian to satisfy all the constraints
here. Additionally any unwinding directives, if necessary for aarch64,
can be specified as needed.
* Fix compile
* Fix signatures registered with modules-in-components
This commit fixes a minor issue in
`FunctionIndices::link_and_append_code` which previously ended up only
filling out the `wasm_to_native_trampolines` field for the first module
rather than all the modules. Additionally the first module might have
too many entries that encompass all modules instead of just its own
entries. The fix in this commit is to refactor this logic to ensure that
the necessary maps are present for all translations.
While technically a bug that can be surfaced through the embedder API
it's pretty obscure. The given test here panics beforehand but succeeds
afterwards, but this is moreso prep for some future resource-related
work where this map will need persisting into the component metadata
side of things.
* Fix build warning
* Store all instantiation arguments in a component
This commit updates how instantiation arguments are rooted within a
component instance. Previously a list of import arguments was "unzipped"
into a list of modules and a list of functions. This is becoming a bit
more cumbersome in an upcoming change for resources where a third style
of import is being added, so instead of this unzipping operation this
commit instead replaces the list of imports with an `Arc`. This way
instantiation is actually a bit cheaper since only one `Arc` needs to be
retained instead of each individual argument imported into a module.
Additionally this refactors the way that exported modules are handled by
avoiding translating everything into one list and instead continuing to
store modules in two separate lists: those in the component and those
imported.
* Add some more words
* handle interface functions correctly in `component::Linker::func_new`
Many months ago, I implemented `func_new`, but only supporting top-level
function imports. If you tried to link a host function under an imported
interface, it would mistakenly treat it as a top-level function and either error
out if it couldn't find a corresponding type definition in the passed
`&Component`; or, if it found a top-level function that happened to have the
same name, it would use that type (which would coincidentally work if the type
happens to match, but lead to a runtime error later on otherwise).
This fixes the issue by looking up the correct component instance when necessary
and getting the type from there.
Note I've made no effort to optimize for performance here. Happy to revisit
that if there's a need.
Signed-off-by: Joel Dice <joel.dice@fermyon.com>
* print names in `func_new`, not intern indexes
Signed-off-by: Joel Dice <joel.dice@fermyon.com>
* use `Vec` instead of linked list in `LinkerInstance`
Signed-off-by: Joel Dice <joel.dice@fermyon.com>
---------
Signed-off-by: Joel Dice <joel.dice@fermyon.com>
Co-authored-by: Alex Crichton <alex@alexcrichton.com>
* Fix a typo in an `unsafe impl Send/Sync`
This commit fixes a mistake in the `PrePatchedFuncRef` type where it has
an `unsafe impl` to make it send/sync but the target of the impl was
mistakenly `InstancePre<T>`
Note that this doesn't actually have any impact on the send/sync-ness of
`InstancePre<T>` since it's not storing an instance of `T`, so it's
always `Send`/`Sync` anyway. Nevertheless this reduces the scope of
unsafety slightly as was originally intended.
* Remove the `PrePatchedFuncRef` entirely
No longer necessary for `Send`/`Sync`-ness any more
* winch(x64): Fix a couple of issues with control flow
This change fixes two issues with the control flow implementation found
when working on https://github.com/bytecodealliance/wasmtime/pull/6610
The two fixes included in this change are:
1. Correctly handle the stack pointer at jump sites: when emitting an
unconditional jump, the stack pointer might be left unbalanced due to
register spilling, this could cause invalid memory accesses.
2. Explicitly track the exit label of the if block: previously the
continuation label of the if block was implicitly treated as the exit
label, which would cause undefined behaviour in programs that use
unconditional branches in the `if` and `else` branches. This slight
disadvantage of the approach in this change is that it involves special casing the
emission of the end of an if block (without else) to account for the
continuation label, since the continuation label is only naturally
bound when there's an else branch.
* Expand on how `pop_sp_for_branch` works
* Update v8 and proc-macro2 dependencies
Gets them both compiling on the latest nightly so we can unpin the Rust
compiler version in OSS-Fuzz.
* Update nightly in CI
* Run `cargo vet` on automated version bumps
As shown in the original CI of #6686 the recent changes for `cargo vet`
0.8.0 mean that the previous release process no longer works since it
requires changes to the lock file for `cargo vet`. This updates the
version bumping process to run `cargo vet` as part of the committed
changes which hopefully will get everything to succeed. To ensure that
the same version of `cargo vet` is used in both locations the
installation procedure was extracted into its own separate little action.
* Configure shell to run in
* Add WasiCtxBuilder setters for the two clock types
Signed-off-by: Ryan Levick <ryan.levick@fermyon.com>
* Move two clocks to dedicated fields in WasiCtx
* Rename clock traits to Host prefix convention
Signed-off-by: Ryan Levick <ryan.levick@fermyon.com>
* Fix tests
---------
Signed-off-by: Ryan Levick <ryan.levick@fermyon.com>
* Shepherd along type information in lifting/lowering
This commit is a large refactor to the component runtime of Wasmtime to
shepherd along type information when lifting and lowering values.
Previously lifting and lowering would assume type information given
context such as "surely lowering a `u32` must lower into the type
`InterfaceType::U32`" or "lowering a `Val` works as it knows its own
type". This is still true, and this commit isn't changing these
features. The rationale for this commit instead stems from the upcoming
implementation of resources in Wasmtime.
Resources are trickier than all existing types in Wasmtime because what
exactly is the type of a resource depends on who you're asking. For
example the host might have one type called `http::Headers` but a
component could import it as two distinct types:
(component
(import "headers1" (type $h1 (sub resource)))
(import "headers2" (type $h2 (sub resource)))
;; ...
)
in the above component the `$h1` and `$h2` types will each get their own
table at runtime for managing their state. This means that if the host
instantiates the component with `http::Headers` supplied as both types
then the same type on the outside maps to two different types inside.
This means that the lowering of a host-defined type into the component
is now dependent on the "name" that the component has for the type,
basically if the function used `$h1` or `$h2`. This overall means that
the type that the component assigned for a function is significant as
part of lifting and lowering. Hence the rationale for this commit,
threading around this type information.
The major change in this commit is updates to the `Lift` and `Lower`
traits. Previously they took a mishmash of parameters and now they
needed to take more parameters, so I've updated them with:
* `Lift` operations take a `&LiftContext<'_>` and an `InterfaceType` as
contextual information. The context stores the store, the options, and
type information. The `InterfaceType` is the type that's being lifted,
which would indicate which resource table to load from for example.
* `Lower` operations now take a `&mut LowerContext<'_, T>` and an
`InterfaceType`. The `LowerContext` is similar to its lift cousin
where it stores the store, options, and type information.
The different context passed in to `lift` and `load`, for example, is no
longer distinguished and both simply take a `&LiftContext<'_>` which
simplifies things a bit.
This refactoring was pretty far reaching and touches quite a bit of the
component model implementation. This is because basically everything
deals with type information as types can be recursively nested in one
another. I've taken the liberty to make code continue to be
ergonomic/understandable where appropriate so some "shapes" of code are
now different to continue to accommodate readability and
maintainability.
Finally it's worth noting that this should not have any actual function
impact on components running today (or tomorrow). User-facing APIs
haven't changed at all here and it's just the guts that are refactored.
One unfortunate aspect, though, is that this is going to be a small perf
hit on lifting/lowering due to the fact that type information
essentially needs to be "iterated" over during the lifting/lowering
process. This iteration involves index lookups in `&ComponentTypes`
along with assertions that when you lower `Vec<T>` that the type is
`InterfaceType::List(i)`. These assertions should always succeed, and in
theory could become some sort of `unreachable_unchecked` in the future,
but for now it's all left as safe checks/panics for us to optimize at a
later date if necessary.
* Fill out a TODO comment
* Fill out more comments
Fixing typo of wasmtime_wasi_nn -> wasmtime_wasi_crypto that was causing
a build error when building the bench-api with the wasi-crypto feature
enabled.
Commons up some code paths and sets the stage for other architectures. This
should have fewer calls back and forth between architecture specific and
independent bits of code, which I have found hard to keep track of. Now,
lowering tail calls is done in architecture specific code that can call out to
architecture independent helpers as needed. Before it was architecture
independent code that would call architecture specific hooks that would call
architecture independent helpers. Too much stuff split across too many
layers. This new approach removes at least one layer of indirection and
unnecessarily confusing abstraction.
This commits removes an assert that checked that the stack pointer
position at the end of a call should be greater or equal than the
position registered at the callsite.
Even though this is true in most cases, there are cases in which this is
invariant is not met and as well as there are cases in which the stack pointer will
inevitably be greater than the position registered at callsite:
1. When the call setup doesn't spill any values and instead it
only consumes memory values from the value stack, the stack pointer
can end up being less than what it was at the callsite.
2. When the call setup spills values that are not going to be consumed
by the call (not used as params to the function) the stack pointer
position can end up being greater than what it was at the callsite.
The assert was originally introduced to ensure the right deallocation of
stack space consumed by the call, and it could be improved by applying
the heuristics mentioned above, but I prefer to remove it since we
already assert when emitting the epilogue that both the value stack and
machine stack are in the correct state when fishing compilation.
This change includes an extra test in which the original invariant
doesn't hold (case 2 described above occurs).
* Remove Wasmtime ABIs from Cranelift
This commit removes the `Wasmtime*` family of ABIs from Cranelift. These
were originally added to support multi-value in Wasmtime via the
`TypedFunc` API, but they should now no longer be necessary. In general
this is a higher-level Wasmtime concern than something all backends of
Cranelift should have to deal with.
Today with recent refactorings it's possible to remove the reliance on
ABI details for multi-value and instead codify it directly into the
Cranelift IR generated. For example wasm calls are able to have a
"purely internal" ABI which Wasmtime's Rust code doesn't see at all, and
the Rust code only interacts with the native ABI. The native ABI is
redefined to be what the previous Wasmtime ABIs were, which is to return
the first of a 2+ value return through a register (native return value)
and everything else through a return pointer.
* Remove some wasmtime_system_v usage in tests
* Add back WasmtimeSystemV for s390x
* Fix some docs and references in winch
* Fix another doc link
Pass in the calling convention so we can make an informed decision of which
register to use as a stack-limit temporary register. We need to choose different
registers on x64, for example, when using the `tail` calling convention vs
system v calling convention.
This is a leftover from #3302 where we used to inject a special `vmctx`
struct if the test requested it. We've removed that capability in #5386
but accidentally left this in, which caused some weird handling of these
test invocations.
* poll.wit: we can returl a list<bool> now
* adapter: fixes for poll-oneoff returning list<bool>
* wasi preview2: fixes for poll-oneoff returning list<bool>
* adapter: manually import poll-oneoff to avoid pulling in std to allocate return vec
* comment describing the skip functions
Marco Concetto Rudilosso
Alex Crichton
Chris Fallin
Javier Cabrera
Trevor Elliott
Matthias Schmidt
Nick Fitzgerald
Saúl Cabrera
Marco Concetto Rudilosso
Jamey Sharp
Adam Petro
Joel Dice
Afonso Bordado
wasmtime-publish
Andrew Brown
Ryan Levick
Stephen Doyle
Pat Hickey