* Adds support for flags datatype
This commit adds support for `FlagsDatatype`. In WASI, flags are
represented as bitfields/bitflags, therefore, it is important
for the type to have bitwise operations implemented, and some
way of checking whether the current set of flags contains some
other set (i.e., they intersect). Thus, this commit automatically
derives `BitAnd`, etc. for the derived flags datatype. It also
automatically provides an `ALL_FLAGS` value which corresponds to
a bitwise-or of all flag values present and is provided for
convenience.
* Simplify read_from_guest
In preparation for landing `string` support in `wiggle`, I've
revisited `GuestArray` and the deref mechanics, and decided to
scrap the current approach in favour of the previous. Namely, for
`T: GuestTypeCopy` we provide `GuestArray::as_ref` which then can
be derefed directly to `&[T]` since the guest and host types have
matching representation, and for other types (thinking here of
our infamous arrays of pointers), I've instead added a way to
iterate over the pointers. Then, it is up to the `wiggle`'s client
to know whether they can deref whatever the pointer stored in array
is pointing at.
* Add array generation to wiggle-generate crate
This commit:
* adds array generation to `wiggle-generate` crate which implies
that we can now generate arrays from `witx` files
* introduces two test interface functions `foo::reduce_excuses` and
`foo::populate_excuses`, and adds matching prop-tests
* adds an out-of-boundary check to `HostMemory::mem_area_strat` since
now, given we're generating arrays for testing with an arbitrary
but bounded number of elements, it is possible to violate the boundary
* refactors `Region::extend` to a new signature `extend(times: u32)`
which multiplies the current pointer `len` by `times`
* fixes bug in `GuestArray::as_ref` and `GuestArrayMut::as_ref_mut` methods
where we were not validating the first element (we always started the
validation from the second element)
* Fix generation of arrays in witx
This commit fixes how `arrays` are auto-generated from `witx` files.
In particular, the changes include:
* Since by design every `array` in `witx` represents an immutable
slab of memory, we will only ever operate on `GuestArray` in which
case I've gone ahead and removed `GuestArrayMut` so as to unclutter
the code somewhat. If we find ourselves in need for it in the future,
I reckon it will be better to write it from scratch (since the codebase
will inevitably evolve by then considerably) rather than maintaining an
unused implementation.
* I've rewritten `GuestArrayRef<T>` to be a wrapper for `Vec<GuestRef<T>>`.
Also, `GuestArray::as_ref` now borrows each underlying "element" of the
array one-by-one rather than borrowing the entire chunk of memory at once.
This change is motivated by the inability to coerce type parameter `T` in
`GuestArray<T>` in more complicated cases such as arrays of guest pointers
`GuestPtr<T>` to `*const T` for reuse in `std::slice::from_raw_parts` call.
(In general, the size of Wasm32 pointer is 4 bytes, while
```
std::mem::size_of::<T>() == std::mem::size_of::<GuestPtr<S>>() == 16
```
which is problematic; i.e., I can't see how I could properly extract guest
pointers from slices of 4 bytes and at the same time not allocate.)
* I've augmented fuzz tests by (re-)defining two `array` types:
```
(typename $const_excuse_array (array (@witx const_pointer $excuse)))
(typename $excuse_array (array (@witx pointer $excuse)))
```
This should hopefully emulate and test the `iovec` and `ciovec` arrays
present in WASI spec.
* Refactor naming and crates info
This commit:
* changes workspace crates to have a `wiggle_` prefix in names
* rename `memory` module of `wiggle-memory` crate to `runtime`
* fixes authors of all crates
* Rename wiggle memory crate to runtime
This commit refactors and reorganises the `memory.rs` module. Now,
it consists of two submodules: `memory::ptr` which contains `GuestPtr`
and `GuestRef` (and their mutable versions), and `memory::array` which
contains `GuestArray` and `GuestArrayRef` (and their mutable versions).
This commit also adds basic unit sanity tests for the `memory::ptr`
submodule.
* Add first pass at GuestArray
* Return &'a [T] instead of Vec<Refs>
Also, add a sanity test for `GuestArray`.
* Change approach in GuestArray::as_ref
The new approach should avoid unnecessary copying (does it?) by
iterating through the memory and firstly validating the guest pointers,
to then extracting the slice `&'a [T]` using the unsafe `slice::from_raw_parts`
fn.
* Redo implementation of GuestArray and GuestArrayMut
This commit:
* redos the impl of `as_ref` and `as_ref_mut` for `GuestArray` and
`GuestArrayMut` structs in that they now return dynamically borrow
checked `GuestArrayRef` and `GuestArrayRefMut` structs
* introduces `GuestArrayRef` and `GuestArrayRefMut` structs which
perform dynamic borrow-checking of memory region at runtime, and
can be derefed to `&[T]` and `&mut [T]`
* adds a few sanity checks for the introduced types
* Rename r#ref to ref_
* Add constructors for GuestArray and GuestArrayMut
This commit:
* adds constructors for `GuestArray` and `GuestArrayMut` both of
which can now *only* be constructed from `GuestPtr::array` and
`GuestPtrMut::array_mut` respectively
* changes `Region::extend` to extend the region by adding to the
current `len` (avoids problem of asserting for > 0)
* implements `fmt::Debug` for most of memory types for easier testing
(implementation is *not* enforced on the generic parameter `T` in
the struct; rather, if `T` impls `fmt::Debug` then so does the
memory type such as `GuestPtr<'_, T>`)
* Add some basic sanity tests for Region
This commit adds some basic sanity tests for `overlap` method
of `Region`.
* Refactor overlaps method of Region struct
This commit refactors `Region::overlaps` method.
* Add some docs
* Assert Region's len is nonzero
* generator: take an &mut GuestMemory
rather than pass the owned GuestMemory in, just give exclusive access
to it. Makes testing easier.
* tests: start transforming tests to check abi-level generated code as well
* finish lowering of test funcs
* tests: rename variables to more sensible names
* proptesting: reliably finds that we dont allow stuff to be right against end of memory!
* memory: fix off-by-one calc in GuestMemory::contains(&self, Region)
ty proptest!
also, refactored the Region::overlaps to be the same code but easier to
read.
* generator: better location information in GuestError
* testing: proptest generates memory areas, tests everything
* Add some (incomplete set) basic sanity end-to-end tests
This commit adds some (an incomplete set of) basic sanity end-to-end
tests. It uses `test.witx` to autogenerate types and module interface
functions (aka the syscalls), and tests their implementation. For
the host memory, it uses simplistic `&mut [u8]` where we have full
control of the addressing and contents.
* Add sanity test for baz interface func
This commit adds a sanity test for the `Foo::baz` interface func.
* Upcast start/len for Region to avoid overflow
* Reenable alignment checking for memory
* use an array to implement hostmemory
Co-authored-by: Pat Hickey <pat@moreproductive.org>
