Update fibers to avoid no-return functions (#12928)

* Update fibers to avoid no-return functions

This commit is aimed at fixing the ASAN false positives in #12899.
Initially the fix there was to in

Update fibers to avoid no-return functions (#12928)

* Update fibers to avoid no-return functions

This commit is aimed at fixing the ASAN false positives in #12899.
Initially the fix there was to invoke some `__asan_*` intrinsics, and
I ended up finding a sort of smaller set of `__asan_*` intrinsics to
call as well. In the end what's happening though is that fibers, upon
terminating, have a few frames of Rust code on the stack before
switching off. To ASAN these frames never returned so when a stack is
subsequently reused ASAN is tricked into thinking this is buffer
overflow or use-after-free since it's stomping on frames that haven't
returned.

The fix in this commit is to avoid this style of function which doesn't
returns. Functions which don't return in Rust are easy to leak memory
from and are a hazard from a safety perspective as well (e.g. it's
unsafe to skip running destructors of stack variables). I feel we've had
better success over time with "all Rust functions always return" and so
what's what was applied here. Unlike #12899 or my thoughts on that PR
this does not have any new `__asan_*` intrinsic calls. Instead what this
does is it shuffles around responsibility for what exact piece of the
infrastructure is responsible for what. Specifically `fiber_start`
functions now actually return, meaning the `wasmtime_fiber_start` naked
function actually resumes execution, unlike before. The
`wasmtime_fiber_start` then delegates to `wasmtime_fiber_switch`
immediately to perform the final switch.

Effectively there's now only two function frames that never return, and
both of these frames are handwritten inline assembly. This means that
ASAN gets to see that all normal functions return and updates all of its
metadata accordingly. The end result is that the original issue from #12899
is fixed and this I feel is in general more robust as well.

One caveat is that the handwritten `wasmtime_fiber_start` assembly needs
to invoke a sibling `wasmtime_fiber_switch_` function. In lieu of trying
to figure out how to get PIC-vs-not calls working (e.g. static calls)
I've opted to use indirect function calls and pointers instead. This
mirrors historical changes in our fiber implementation too.

* Fix CI builds

* Fix miri

show more ...

Add fiber implementation for riscv32imac (#12506)

* Add fiber implementation for riscv32imac

* Adjusted formatting around commas

* Added padding infront of `last_sp`

chore: fix some minor issues in the comments (#11742)

Signed-off-by: juejinyuxitu <[email protected]>

Use `naked_asm!`, delete `asm_func!` (#11405)

This deletes our home-grown `asm_func!` macro in favor of using
`#[unsafe(naked)]` functions within Wasmtime. This is needed for
fiber-related bits righ

Use `naked_asm!`, delete `asm_func!` (#11405)

This deletes our home-grown `asm_func!` macro in favor of using
`#[unsafe(naked)]` functions within Wasmtime. This is needed for
fiber-related bits right now where we need tight control over the exact
assembly of some functions. This additionally migrates s390x fiber bits
to Rust as inline assembly is now stable for s390x.

prtest:full

show more ...

Improve support for completely unknown architectures (#10107)

* Improve support for completely unknown architectures

This commit is a step in the direction of trying to make Wasmtime more
portable

Improve support for completely unknown architectures (#10107)

* Improve support for completely unknown architectures

This commit is a step in the direction of trying to make Wasmtime more
portable by default. The goal here is to enable Wasmtime to compile for
architectures that it has no prior knowledge of. There's a few
miscellaneous locations through Wasmtime where we need
architecture-specific intrinsics and such but that's all in service of
Cranelift itself. Without Cranelift support none of them are necessary.

This commit plumbs a custom `#[cfg]` from Wasmtime's `build.rs` script
into the crate about whether there's a supported Cranelift backend. If
this isn't available some architecture-specific intrinsics are turned
off and not included. An example is that `vm::arch` entirely disappears
which is only in service of `UnwindHost`, which also disappears.
Furthermore the `helpers.c` file also entirely disappears as it's not
necessary on unknown architectures.

To help keep this working I've added CI to build Wasmtime for
`powerpc64le-unknown-linux-gnu`. Wasmtime currently has no support for
this architecture, although if it grows such support in the future
this'll need to be changed to some other unsupported architecture.

* Review feedback

* Fix powerpc build

* Refactor windows trap handling to look like Unix

Shuffle some files around to be more amenable to #[cfg]

* Move signal-handling tests to wasmtime crate

That way it's got easy access to the #[cfg]'s from the build script

* Disable signals support without a host compiler

Even if custom signals are enabled, don't compile it in.

prtest:full

* Fix windows unused imports

* Fix unused imports on Windows

* Remove untested stubs for arch intrinsics

These aren't needed any more to compile Pulley

* Defer tunables validation to loading modules

Instead of validating at `Engine` config time instead validate at
`Module` config time to enable cross-compilation.

* Skip `Tunables` auto-configuration if cross-compiling

This commit

* Tweak some Tunables based on Pulley

Ensures that specific `--target pulleyNN` works most of the time.

* Update host_segfault.rs to handle new 32-bit defaults

No signal handlers are used at all with Pulley so when the async stack
overflows there's no message printed any more.

* Disable Tunables::signals_based_traps on miri

show more ...

Enable `missing-unsafe-on-extern` lint (#9963)

* Enable `missing-unsafe-on-extern` lint

This'll be a hard error in the 2024 edition so go ahead and opt-in to it
now to ease our future transition.

Enable `missing-unsafe-on-extern` lint (#9963)

* Enable `missing-unsafe-on-extern` lint

This'll be a hard error in the 2024 edition so go ahead and opt-in to it
now to ease our future transition.

* Fix adapter build

* Fix custom c-api build

* Fix fuzzer build

* Fix some Windows `extern` blocks

show more ...

Port wasmtime-fiber to `no_std` and allow `async` feature in `no_std` Wasmtime. (#9689)

This PR allows a `no_std` Wasmtime build to be configured with the
`async` feature. (Previously, a minimal `no

Port wasmtime-fiber to `no_std` and allow `async` feature in `no_std` Wasmtime. (#9689)

This PR allows a `no_std` Wasmtime build to be configured with the
`async` feature. (Previously, a minimal `no_std` configuration could
only run with sync entry points, without suspending of stacks.)

The main hurdle to this support was the `wasmtime-fiber` crate.
Fortunately, the "unix" variant of fibers was almost entirely portable
to a `no_std` environment, owing to the fact that it implements
stack-switching manually in assembly itself. I moved the per-ISA
implementations to a shared submodule and built the nostd platform
backend for `wasmtime-fiber` with a stripped-down version of the unix
backend.

The nostd backend does not support mmap'd stacks, does not support
custom stack allocators, and does not propagate panics.

prtest:full

show more ...