From 91de5de049272deb1a592e85839d2c638bee5e52 Mon Sep 17 00:00:00 2001 From: Alex Crichton Date: Fri, 14 Apr 2023 19:07:32 -0500 Subject: [PATCH] Update wasm-tools crates (#6215) While bringing in no major updates for Wasmtime I've taken this opportunity to list myself for `cargo vet` with wildcard audits of this family of crates. That means I shouldn't need to further add any more entries in the future for updating these crates and additionally any other organizations using these audits will automatically be able to have audits for version that I publish. While here I also ran `cargo vet prune` which was able to remove a number of our exemptions. --- Cargo.lock | 34 +++---- Cargo.toml | 14 +-- cranelift/wasm/src/func_translator.rs | 11 +-- cranelift/wasm/src/sections_translator.rs | 2 +- crates/environ/src/module_environ.rs | 2 +- supply-chain/audits.toml | 104 ++++++++++++++++++++++ supply-chain/imports.lock | 61 +++++++++---- 7 files changed, 179 insertions(+), 49 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7f209bf16e..a2d61a663e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3574,9 +3574,9 @@ dependencies = [ [[package]] name = "wasm-mutate" -version = "0.2.22" +version = "0.2.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "956f9fd2f785491bdb243ae608c53fd6bb9956f9e174c1fc5a77354fce396698" +checksum = "50e95b75cb9d63543aafcf63678b2aee1453872ce77e06f226f5306780c73411" dependencies = [ "egg", "log", @@ -3588,9 +3588,9 @@ dependencies = [ [[package]] name = "wasm-smith" -version = "0.12.5" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "549cb78be46f43ad6746402871336cb6a989127fb847e93eb6ba0817647485a6" +checksum = "8d4865ce3f78be697d178a6a247544d1b0eb772bb723aa13b471b7a06562e8b0" dependencies = [ "arbitrary", "flagset", @@ -3640,9 +3640,9 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.102.0" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "48134de3d7598219ab9eaf6b91b15d8e50d31da76b8519fe4ecfcec2cf35104b" +checksum = "2c437373cac5ea84f1113d648d51f71751ffbe3d90c00ae67618cf20d0b5ee7b" dependencies = [ "indexmap", "url", @@ -3659,9 +3659,9 @@ dependencies = [ [[package]] name = "wasmprinter" -version = "0.2.54" +version = "0.2.55" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dc17ae63836d010a2bf001c26a5fedbb9a05e5f71117fb63e0ab878bfbe1ca3" +checksum = "51befda9d7eefac615a2ef75f42d2f2bd243cdabaa141a8ea0f9ffa3fc79ccf4" dependencies = [ "anyhow", "wasmparser", @@ -3818,7 +3818,7 @@ dependencies = [ "wasmtime-wasi-nn", "wasmtime-wasi-threads", "wasmtime-wast", - "wast 55.0.0", + "wast 56.0.0", "wat", "windows-sys", ] @@ -4154,7 +4154,7 @@ dependencies = [ "anyhow", "log", "wasmtime", - "wast 55.0.0", + "wast 56.0.0", ] [[package]] @@ -4193,9 +4193,9 @@ dependencies = [ [[package]] name = "wast" -version = "55.0.0" +version = "56.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4984d3e1406571f4930ba5cf79bd70f75f41d0e87e17506e0bd19b0e5d085f05" +checksum = "6b54185c051d7bbe23757d50fe575880a2426a2f06d2e9f6a10fd9a4a42920c0" dependencies = [ "leb128", "memchr", @@ -4205,11 +4205,11 @@ dependencies = [ [[package]] name = "wat" -version = "1.0.61" +version = "1.0.62" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af2b53f4da14db05d32e70e9c617abdf6620c575bd5dd972b7400037b4df2091" +checksum = "56681922808216ab86d96bb750f70d500b5a7800e41564290fd46bb773581299" dependencies = [ - "wast 55.0.0", + "wast 56.0.0", ] [[package]] @@ -4478,9 +4478,9 @@ dependencies = [ [[package]] name = "wit-parser" -version = "0.6.4" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f887c3da527a51b321076ebe6a7513026a4757b6d4d144259946552d6fc728b3" +checksum = "365273e457e2cacf762df10df4b1e0d4d9912b5332ff4cf2a172760fd67b7ec4" dependencies = [ "anyhow", "id-arena", diff --git a/Cargo.toml b/Cargo.toml index e2362f3bd5..040ad47ae5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -175,14 +175,14 @@ winch-test-macros = { path = "winch/test-macros" } target-lexicon = { version = "0.12.3", default-features = false, features = ["std"] } anyhow = "1.0.22" -wasmparser = "0.102.0" -wat = "1.0.61" -wast = "55.0.0" -wasmprinter = "0.2.54" +wasmparser = "0.103.0" +wat = "1.0.62" +wast = "56.0.0" +wasmprinter = "0.2.55" wasm-encoder = "0.25.0" -wasm-smith = "0.12.5" -wasm-mutate = "0.2.22" -wit-parser = "0.6.4" +wasm-smith = "0.12.6" +wasm-mutate = "0.2.23" +wit-parser = "0.7.0" windows-sys = "0.45.0" env_logger = "0.9" rustix = "0.36.7" diff --git a/cranelift/wasm/src/func_translator.rs b/cranelift/wasm/src/func_translator.rs index 9608d00f2b..e4594abbc1 100644 --- a/cranelift/wasm/src/func_translator.rs +++ b/cranelift/wasm/src/func_translator.rs @@ -202,13 +202,10 @@ fn declare_locals( let constant_handle = builder.func.dfg.constants.insert([0; 16].to_vec().into()); builder.ins().vconst(ir::types::I8X16, constant_handle) } - Ref(wasmparser::RefType { - nullable: true, - heap_type, - }) => environ.translate_ref_null(builder.cursor(), heap_type.try_into()?)?, - Ref(wasmparser::RefType { - nullable: false, .. - }) => unreachable!(), + Ref(t) => { + assert!(t.is_nullable()); + environ.translate_ref_null(builder.cursor(), t.heap_type().try_into()?)? + } }; let ty = builder.func.dfg.value_type(zeroval); diff --git a/cranelift/wasm/src/sections_translator.rs b/cranelift/wasm/src/sections_translator.rs index 6b6bfd1e8c..4f9abe0c97 100644 --- a/cranelift/wasm/src/sections_translator.rs +++ b/cranelift/wasm/src/sections_translator.rs @@ -317,7 +317,7 @@ pub fn parse_element_section<'data>( } }; environ.declare_table_elements( - TableIndex::from_u32(table_index), + TableIndex::from_u32(table_index.unwrap_or(0)), base, offset, segments, diff --git a/crates/environ/src/module_environ.rs b/crates/environ/src/module_environ.rs index aa30dd9bd4..1d835799be 100644 --- a/crates/environ/src/module_environ.rs +++ b/crates/environ/src/module_environ.rs @@ -456,7 +456,7 @@ impl<'a, 'data> ModuleEnvironment<'a, 'data> { table_index, offset_expr, } => { - let table_index = TableIndex::from_u32(table_index); + let table_index = TableIndex::from_u32(table_index.unwrap_or(0)); let mut offset_expr_reader = offset_expr.get_binary_reader(); let (base, offset) = match offset_expr_reader.read_operator()? { Operator::I32Const { value } => (None, value as u32), diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 5e7aab46a5..1037eabab5 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -8,6 +8,19 @@ user-id = 696 start = "2019-03-16" end = "2024-03-10" +[[wildcard-audits.wasm-encoder]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2020-12-11" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + [[wildcard-audits.wasm-mutate]] who = "Nick Fitzgerald " criteria = "safe-to-deploy" @@ -15,6 +28,45 @@ user-id = 696 start = "2022-02-17" end = "2024-03-10" +[[wildcard-audits.wasm-mutate]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2022-01-05" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + +[[wildcard-audits.wasm-smith]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2020-09-03" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + +[[wildcard-audits.wasmparser]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2020-07-13" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + [[wildcard-audits.wasmprinter]] who = "Nick Fitzgerald " criteria = "safe-to-deploy" @@ -22,6 +74,58 @@ user-id = 696 start = "2021-04-28" end = "2024-03-10" +[[wildcard-audits.wasmprinter]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2019-11-18" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + +[[wildcard-audits.wast]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2019-10-16" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + +[[wildcard-audits.wat]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2019-10-18" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + +[[wildcard-audits.wit-parser]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 +start = "2019-12-02" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + [[audits.addr2line]] who = "Alex Crichton " criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index b50fdf6acb..ba42273596 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -2,18 +2,53 @@ # cargo-vet imports lock [[publisher.wasm-mutate]] -version = "0.2.22" -when = "2023-03-10" -user-id = 696 -user-login = "fitzgen" -user-name = "Nick Fitzgerald" +version = "0.2.23" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wasm-smith]] +version = "0.12.6" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wasmparser]] +version = "0.103.0" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" [[publisher.wasmprinter]] -version = "0.2.54" -when = "2023-03-10" -user-id = 696 -user-login = "fitzgen" -user-name = "Nick Fitzgerald" +version = "0.2.55" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wast]] +version = "56.0.0" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wat]] +version = "1.0.62" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wit-parser]] +version = "0.7.0" +when = "2023-04-13" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" [[audits.embark-studios.audits.anyhow]] who = "Johan Andersson " @@ -240,12 +275,6 @@ criteria = "safe-to-deploy" delta = "1.13.1 -> 1.16.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.pkg-config]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.3.25 -> 0.3.26" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.quote]] who = "Nika Layzell " criteria = "safe-to-deploy"