Update fibers to avoid no-return functions (#12928)

* Update fibers to avoid no-return functions

This commit is aimed at fixing the ASAN false positives in #12899.
Initially the fix there was to in

Update fibers to avoid no-return functions (#12928)

* Update fibers to avoid no-return functions

This commit is aimed at fixing the ASAN false positives in #12899.
Initially the fix there was to invoke some `__asan_*` intrinsics, and
I ended up finding a sort of smaller set of `__asan_*` intrinsics to
call as well. In the end what's happening though is that fibers, upon
terminating, have a few frames of Rust code on the stack before
switching off. To ASAN these frames never returned so when a stack is
subsequently reused ASAN is tricked into thinking this is buffer
overflow or use-after-free since it's stomping on frames that haven't
returned.

The fix in this commit is to avoid this style of function which doesn't
returns. Functions which don't return in Rust are easy to leak memory
from and are a hazard from a safety perspective as well (e.g. it's
unsafe to skip running destructors of stack variables). I feel we've had
better success over time with "all Rust functions always return" and so
what's what was applied here. Unlike #12899 or my thoughts on that PR
this does not have any new `__asan_*` intrinsic calls. Instead what this
does is it shuffles around responsibility for what exact piece of the
infrastructure is responsible for what. Specifically `fiber_start`
functions now actually return, meaning the `wasmtime_fiber_start` naked
function actually resumes execution, unlike before. The
`wasmtime_fiber_start` then delegates to `wasmtime_fiber_switch`
immediately to perform the final switch.

Effectively there's now only two function frames that never return, and
both of these frames are handwritten inline assembly. This means that
ASAN gets to see that all normal functions return and updates all of its
metadata accordingly. The end result is that the original issue from #12899
is fixed and this I feel is in general more robust as well.

One caveat is that the handwritten `wasmtime_fiber_start` assembly needs
to invoke a sibling `wasmtime_fiber_switch_` function. In lieu of trying
to figure out how to get PIC-vs-not calls working (e.g. static calls)
I've opted to use indirect function calls and pointers instead. This
mirrors historical changes in our fiber implementation too.

* Fix CI builds

* Fix miri

show more ...

Work around naked-function-plus-LTO issue (#11960)

This is an attempt to apply a local fix for #11957 which works around
the upstream Rust issue mentioned in that issue.

Rewrite `wasmtime_fiber_init` in Rust (#11860)

* Rewrite `wasmtime_fiber_init` in Rust

This commit updates all implementations of `wasmtime_fiber_init` to be
defined in Rust rather than purely in i

Rewrite `wasmtime_fiber_init` in Rust (#11860)

* Rewrite `wasmtime_fiber_init` in Rust

This commit updates all implementations of `wasmtime_fiber_init` to be
defined in Rust rather than purely in inline assembly. There was never a
need to define this function in inline assembly and as far as I can
remember I did this originally for consistency with the other functions.
The motivation for this PR is to avoid the need to figure out how to do
PIC-relative addressing in `wasmtime_fiber_init` to get the symbol
address of `wasmtime_fiber_start`. This has apparently never worked on
i686 platforms and this is now becoming a problem on nightly Rust where
LLD complains about this (and presumably the default linker didn't?).

In rewriting these functions I additionally fixed a few minor issues:

* On AArch64 the registers are now ordered differently to make the order
more consistent on the stack.
* On s390x the unix.rs-specified 16-bytes-at-the-top-of-the-stack is now
separate from the 160-byte register save area as opposed to having it
folded into the same.

* Remove unnecessary comments

show more ...

Use `naked_asm!`, delete `asm_func!` (#11405)

This deletes our home-grown `asm_func!` macro in favor of using
`#[unsafe(naked)]` functions within Wasmtime. This is needed for
fiber-related bits righ

Use `naked_asm!`, delete `asm_func!` (#11405)

This deletes our home-grown `asm_func!` macro in favor of using
`#[unsafe(naked)]` functions within Wasmtime. This is needed for
fiber-related bits right now where we need tight control over the exact
assembly of some functions. This additionally migrates s390x fiber bits
to Rust as inline assembly is now stable for s390x.

prtest:full

show more ...

Port wasmtime-fiber to `no_std` and allow `async` feature in `no_std` Wasmtime. (#9689)

This PR allows a `no_std` Wasmtime build to be configured with the
`async` feature. (Previously, a minimal `no

Port wasmtime-fiber to `no_std` and allow `async` feature in `no_std` Wasmtime. (#9689)

This PR allows a `no_std` Wasmtime build to be configured with the
`async` feature. (Previously, a minimal `no_std` configuration could
only run with sync entry points, without suspending of stacks.)

The main hurdle to this support was the `wasmtime-fiber` crate.
Fortunately, the "unix" variant of fibers was almost entirely portable
to a `no_std` environment, owing to the fact that it implements
stack-switching manually in assembly itself. I moved the per-ISA
implementations to a shared submodule and built the nostd platform
backend for `wasmtime-fiber` with a stripped-down version of the unix
backend.

The nostd backend does not support mmap'd stacks, does not support
custom stack allocators, and does not propagate panics.

prtest:full

show more ...