T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
b73b831892c3f982d2158f53faebeac468f612dc
wasmtime/.github/workflows/main.yml
Alex Crichton b73b831892 Replace binaryen -ttf based fuzzing with wasm-smith (#2336) 
This commit removes the binaryen support for fuzzing from wasmtime,
instead switching over to `wasm-smith`. In general it's great to have
what fuzzing we can, but our binaryen support suffers from a few issues:

* The Rust crate, binaryen-sys, seems largely unmaintained at this
  point. While we could likely take ownership and/or send PRs to update
  the crate it seems like the maintenance is largely on us at this point.

* Currently the binaryen-sys crate doesn't support fuzzing anything
  beyond MVP wasm, but we're interested at least in features like bulk
  memory and reference types. Additionally we'll also be interested in
  features like module-linking. New features would require either
  implementation work in binaryen or the binaryen-sys crate to support.

* We have 4-5 fuzz-bugs right now related to timeouts simply in
  generating a module for wasmtime to fuzz. One investigation along
  these lines in the past revealed a bug in binaryen itself, and in any
  case these bugs would otherwise need to get investigated, reported,
  and possibly fixed ourselves in upstream binaryen.

Overall I'm not sure at this point if maintaining binaryen fuzzing is
worth it with the advent of `wasm-smith` which has similar goals for
wasm module generation, but is much more readily maintainable on our
end.

Additonally in this commit I've added a fuzzer for wasm-smith's
`SwarmConfig`-based fuzzer which should expand the coverage of tested
modules.

Closes #2163
2020-10-29 10:02:59 -05:00

616 lines
22 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches: [main]
tags-ignore: [dev]
pull_request:
branches: [main]
defaults:
run:
shell: bash
jobs:
# Check Code style quickly by running `rustfmt` over all code
rustfmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
- run: rustup component add rustfmt
- run: cargo fmt --all -- --check
# Build `mdBook` documentation for `wasmtime`, and upload it as a temporary
# build artifact
doc_book:
name: Doc - build the book
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- run: |
set -e
curl -L https://github.com/rust-lang-nursery/mdBook/releases/download/v0.4.4/mdbook-v0.4.4-x86_64-unknown-linux-gnu.tar.gz | tar xzf -
echo `pwd` >> $GITHUB_PATH
- run: (cd docs && mdbook build)
- run: cargo build -p wasmtime
- run: (cd docs && mdbook test -L ../target/debug/deps)
- uses: actions/upload-artifact@v1
with:
name: doc-book
path: docs/book
# Build rustdoc API documentation for `wasmtime*` crates. Note that we don't
# want to document all our transitive dependencies, hence `--no-deps`. This is
# a temporary build artifact we upload to consume later.
doc_api:
name: Doc - build the API documentation
runs-on: ubuntu-latest
env:
RUSTDOCFLAGS: -Dintra-doc-link-resolution-failure
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: nightly-2020-08-25
- run: cargo doc --no-deps --all --exclude wasmtime-cli --exclude test-programs --exclude cranelift-codegen-meta
- run: cargo doc --package cranelift-codegen-meta --document-private-items
- uses: actions/upload-artifact@v1
with:
name: doc-api
path: target/doc
doc_capi:
name: Doc - build the C API documentation
runs-on: ubuntu-latest
container: ubuntu:20.04
steps:
- run: apt-get update && apt-get install -y doxygen git
- uses: actions/checkout@v2
with:
submodules: true
- run: cd crates/c-api && doxygen doxygen.conf
- uses: actions/upload-artifact@v1
with:
name: doc-c-api
path: crates/c-api/html
# Quick checks of various feature combinations and whether things
# compile. The goal here isn't to run tests, mostly just serve as a
# double-check that Rust code compiles and is likely to work everywhere else.
checks:
name: Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: nightly-2020-08-25
# Check some feature combinations of the `wasmtime` crate
- run: cargo check --manifest-path crates/wasmtime/Cargo.toml --no-default-features
- run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features wat
- run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features lightbeam
- run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features jitdump
# Check some feature combinations of the `wasmtime-c-api` crate
- run: cargo check --manifest-path crates/c-api/Cargo.toml --no-default-features
- run: cargo check --manifest-path crates/c-api/Cargo.toml --features wat
- run: cargo check --manifest-path crates/c-api/Cargo.toml --features wasi
# Check a few builds of the cranelift backend
# - only x86 backend support,
# - only arm64 backend support,
# - experimental arm32 support,
# - no debug_assertions.
- run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/arm64
- run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/x86
- run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/arm32
- run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util
env:
CARGO_PROFILE_DEV_DEBUG_ASSERTIONS: false
# Check whether `crates/wasi-common` cross-compiles to the following targets:
# * wasm32-unknown-emscripten
# * armv7-unknown-linux-gnueabihf
- run: |
rustup target add wasm32-unknown-emscripten
rustup target add armv7-unknown-linux-gnueabihf
- run: cargo check --target wasm32-unknown-emscripten -p wasi-common
- run: cargo check --target armv7-unknown-linux-gnueabihf -p wasi-common
# Check that codegen and wasm crates typecheck on 1.43.0; this is required
# for Firefox.
- run: rustup install 1.43.0
- run: cargo +1.43.0 check -p cranelift-codegen
- run: cargo +1.43.0 check -p cranelift-wasm
fuzz_targets:
name: Fuzz Targets
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: nightly-2020-08-25
- run: cargo install cargo-fuzz --vers "^0.8"
- run: cargo fetch
working-directory: ./fuzz
- run: cargo fuzz build --dev
rebuild_peephole_optimizers:
name: Rebuild Peephole Optimizers
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Test `peepmatic`
run: |
cargo test \
--package peepmatic \
--package peepmatic-automata \
--package peepmatic-fuzzing \
--package peepmatic-macro \
--package peepmatic-runtime \
--package peepmatic-test \
--package peepmatic-souper
- name: Rebuild Peepmatic-based peephole optimizers
run: |
cargo test \
--features 'enable-peepmatic rebuild-peephole-optimizers' \
peepmatic
working-directory: ./cranelift/codegen
- name: Upload rebuilt peephole optimizers
uses: actions/upload-artifact@v2
with:
name: peephole-optimizers
path: cranelift/codegen/src/preopt.serialized
- name: Check that built peephole optimizers are up to date
run: git diff --exit-code
- name: Test with Peepmatic-based peephole optimizers
run: cargo test --features 'enable-peepmatic'
working-directory: ./cranelift
# Perform all tests (debug mode) for `wasmtime`. This runs stable/beta/nightly
# channels of Rust as well as macOS/Linux/Windows.
test:
name: Test
runs-on: ${{ matrix.os }}
strategy:
matrix:
build: [stable, beta, nightly, windows, macos]
include:
- build: stable
os: ubuntu-latest
rust: stable
- build: beta
os: ubuntu-latest
rust: beta
- build: nightly
os: ubuntu-latest
rust: nightly-2020-08-25
- build: macos
os: macos-latest
rust: stable
- build: windows
os: windows-latest
rust: stable
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: ${{ matrix.rust }}
- uses: ./.github/actions/define-llvm-env
- name: Install libclang
# Note: libclang is pre-installed on the macOS and linux images.
if: matrix.os == 'windows-latest'
run: |
curl https://releases.llvm.org/9.0.0/LLVM-9.0.0-win64.exe -o llvm-installer.exe
7z x llvm-installer.exe -oC:/llvm-binary
echo LIBCLANG_PATH=C:/llvm-binary/bin/libclang.dll >> $GITHUB_ENV
echo C:/llvm-binary/bin >> $GITHUB_PATH
- name: Query Clang Version
if: matrix.os == 'windows-latest'
run: |
where clang.exe
clang.exe --version
# Install wasm32 targets in order to build various tests throughout the
# repo
- run: rustup target add wasm32-wasi
- run: rustup target add wasm32-unknown-unknown
- run: cargo fetch --locked
- run: cargo fetch --locked --manifest-path crates/test-programs/wasi-tests/Cargo.toml
# Ensure all our examples build and execute
- run: cargo run -p run-examples
env:
RUST_BACKTRACE: 1
# Build and test all features except for lightbeam
- run: |
cargo test \
--features test-programs/test_programs \
--all \
--exclude lightbeam \
--exclude wasmtime-lightbeam \
--exclude peepmatic \
--exclude peepmatic-automata \
--exclude peepmatic-fuzzing \
--exclude peepmatic-macro \
--exclude peepmatic-runtime \
--exclude peepmatic-test \
--exclude peepmatic-souper
env:
RUST_BACKTRACE: 1
# Test debug (DWARF) related functionality.
- run: |
sudo apt-get install -y gdb
cargo test test_debug_dwarf -- --ignored --test-threads 1
if: matrix.os == 'ubuntu-latest'
env:
RUST_BACKTRACE: 1
# Build and test lightbeam if we're using the nightly toolchain. Note that
# Lightbeam tests fail right now, but we don't want to block on that.
- run: cargo build --package lightbeam
if: matrix.build == 'nightly'
- run: cargo test --package lightbeam
if: matrix.build == 'nightly'
continue-on-error: true
env:
RUST_BACKTRACE: 1
# Perform all tests (debug mode) for `wasmtime` with the experimental x64
# backend. This runs on the nightly channel of Rust (because of issues with
# unifying Cargo features on stable) on Ubuntu.
test_x64:
name: Test x64 new backend
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: nightly-2020-08-25
- uses: ./.github/actions/define-llvm-env
# Install wasm32 targets in order to build various tests throughout the
# repo.
- run: rustup target add wasm32-wasi
- run: rustup target add wasm32-unknown-unknown
# Run the x64 CI script.
- run: ./ci/run-experimental-x64-ci.sh
env:
CARGO_VERSION: "+nightly-2020-08-25"
RUST_BACKTRACE: 1
# Verify that cranelift's code generation is deterministic
meta_determinist_check:
name: Meta deterministic check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Install Rust
run: rustup update stable && rustup default stable
- run: cd cranelift/codegen && cargo build --features all-arch
- run: ci/ensure_deterministic_build.sh
# Perform release builds of `wasmtime` and `libwasmtime.so`. Builds on
# Windows/Mac/Linux, and artifacts are uploaded after the build is finished.
# Note that we also run tests here to test exactly what we're deploying.
build:
name: Build wasmtime
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- build: x86_64-linux
os: ubuntu-latest
rust: stable
- build: x86_64-macos
os: macos-latest
rust: stable
- build: x86_64-windows
os: windows-latest
rust: stable
- build: x86_64-mingw
os: windows-latest
target: x86_64-pc-windows-gnu
rust: beta # needs rust-lang/rust#69351 to ride to stable
- build: aarch64-linux
os: ubuntu-latest
rust: stable
target: aarch64-unknown-linux-gnu
gcc_package: gcc-aarch64-linux-gnu
gcc: aarch64-linux-gnu-gcc
qemu: qemu-aarch64 -L /usr/aarch64-linux-gnu
qemu_target: aarch64-linux-user
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ./.github/actions/install-rust
with:
toolchain: ${{ matrix.rust }}
- uses: ./.github/actions/binary-compatible-builds
if: matrix.target == ''
- name: Configure Cargo target
run: |
echo CARGO_BUILD_TARGET=${{ matrix.target }} >> $GITHUB_ENV
rustup target add ${{ matrix.target }}
if: matrix.target != ''
- name: Install cross-compilation tools
run: |
set -ex
sudo apt-get update
sudo apt-get install -y ${{ matrix.gcc_package }}
# Download and build qemu from source since the most recent release is
# way faster at arm emulation than the current version github actions'
# ubuntu image uses. Disable as much as we can to get it to build
# quickly.
curl https://download.qemu.org/qemu-5.0.0.tar.xz | tar xJf -
cd qemu-5.0.0
./configure --target-list=${{ matrix.qemu_target }} --prefix=$HOME/qemu --disable-tools --disable-slirp --disable-fdt --disable-capstone --disable-docs
make -j$(nproc) install
# Configure Cargo for cross compilation and tell it how it can run
# cross executables
upcase=$(echo ${{ matrix.target }} | awk '{ print toupper($0) }' | sed 's/-/_/g')
echo CARGO_TARGET_${upcase}_RUNNER=$HOME/qemu/bin/${{ matrix.qemu }} >> $GITHUB_ENV
echo CARGO_TARGET_${upcase}_LINKER=${{ matrix.gcc }} >> $GITHUB_ENV
# See comments in the source for why we enable this during QEMU
# emulation.
echo WASMTIME_TEST_NO_HOG_MEMORY=1 >> $GITHUB_ENV
if: matrix.target != '' && matrix.os == 'ubuntu-latest'
# Install wasm32-wasi target in order to build wasi-common's integration
# tests
- run: rustup target add wasm32-wasi
# Build `wasmtime` and executables
- run: $CENTOS cargo build --release --bin wasmtime
# Build `libwasmtime.so`
- run: $CENTOS cargo build --release --manifest-path crates/c-api/Cargo.toml
# Test what we just built.
#
# Ignore some optional dependencies that are used by features that aren't
# enabled by default, are tested in other, dedicated CI jobs, and which
# would increase build times here.
- run: |
$CENTOS cargo test \
--features test-programs/test_programs \
--release \
--all \
--exclude lightbeam \
--exclude wasmtime-lightbeam \
--exclude peepmatic \
--exclude peepmatic-automata \
--exclude peepmatic-fuzzing \
--exclude peepmatic-macro \
--exclude peepmatic-runtime \
--exclude peepmatic-test \
--exclude peepmatic-souper \
--exclude wasmtime-fuzz
env:
RUST_BACKTRACE: 1
# Postprocess the macOS dylib a bit to have a more reasonable `LC_ID_DYLIB`
# directive than the default one that comes out of the linker when typically
# doing `cargo build`. For more info see #984
- run: install_name_tool -id "@rpath/libwasmtime.dylib" target/release/libwasmtime.dylib
if: matrix.os == 'macos-latest'
# ... and now perform some goop to move all the relevant artifacts into
# something that we'll upload from this action.
- run: mkdir dist
# Move binaries to dist folder
- run: cp target/release/wasmtime dist
if: matrix.os != 'windows-latest' && matrix.target == ''
- run: cp target/${{ matrix.target }}/release/wasmtime dist
if: matrix.os != 'windows-latest' && matrix.target != ''
- run: cp target/release/wasmtime.exe dist
if: matrix.build == 'x86_64-windows'
- run: cp target/x86_64-pc-windows-gnu/release/wasmtime.exe dist
if: matrix.build == 'x86_64-mingw'
# Move libwasmtime dylib to dist folder
- run: cp target/release/libwasmtime.{so,a} dist
if: matrix.os == 'ubuntu-latest' && matrix.target == ''
- run: cp target/${{ matrix.target }}/release/libwasmtime.{so,a} dist
if: matrix.os == 'ubuntu-latest' && matrix.target != ''
- run: cp target/release/libwasmtime.{dylib,a} dist
if: matrix.os == 'macos-latest'
- run: cp target/release/wasmtime.{dll,lib,dll.lib} dist
if: matrix.build == 'x86_64-windows'
- run: cp target/x86_64-pc-windows-gnu/release/{wasmtime.dll,libwasmtime.a} dist
if: matrix.build == 'x86_64-mingw'
# Make a Windows MSI installer if we're on Windows
- run: |
export WT_VERSION=`cat Cargo.toml | sed -n 's/^version = "\([^"]*\)".*/\1/p'`
"$WIX/bin/candle" -arch x64 -out target/wasmtime.wixobj ci/wasmtime.wxs
"$WIX/bin/light" -out dist/installer.msi target/wasmtime.wixobj -ext WixUtilExtension
rm dist/installer.wixpdb
if: matrix.build == 'x86_64-windows'
- uses: actions/upload-artifact@v1
with:
name: bins-${{ matrix.build }}
path: dist
# Consumes all published artifacts from all the previous build steps, creates
# a bunch of tarballs for all of them, and then publishes the tarballs
# themselves as an artifact (for inspection) and then optionally creates
# github releases and/or tags for pushes.
publish:
name: Publish
needs: [doc_book, doc_api, build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- run: rustup update stable && rustup default stable
# Download all the artifacts that we'll be publishing. Should keep an eye on
# the `download-artifact` repository to see if we can ever get something
# like "download all artifacts" or "download this list of artifacts"
- name: Download book
uses: actions/download-artifact@v1
with:
name: doc-book
- name: Download API docs
uses: actions/download-artifact@v1
with:
name: doc-api
- name: Download C API docs
uses: actions/download-artifact@v1
with:
name: doc-c-api
- name: Download x86_64 macOS binaries
uses: actions/download-artifact@v1
with:
name: bins-x86_64-macos
- name: Download x86_64 Linux binaries
uses: actions/download-artifact@v1
with:
name: bins-x86_64-linux
- name: Download AArch64 Linux binaries
uses: actions/download-artifact@v1
with:
name: bins-aarch64-linux
- name: Download x86_64 Windows binaries
uses: actions/download-artifact@v1
with:
name: bins-x86_64-windows
- name: Download x86_64 Windows MinGW binaries
uses: actions/download-artifact@v1
with:
name: bins-x86_64-mingw
- name: Assemble gh-pages
run: |
mv doc-book gh-pages
mv doc-api gh-pages/api
mv doc-c-api gh-pages/c-api
# If this is a push to the main branch push to the `gh-pages` using a
# deploy key. Note that a deploy key is necessary for now because otherwise
# using the default token for github actions doesn't actually trigger a page
# rebuild.
- name: Push to gh-pages
run: curl -LsSf https://git.io/fhJ8n | rustc - && (cd gh-pages && ../rust_out)
env:
GITHUB_DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }}
BUILD_REPOSITORY_ID: ${{ github.repository }}
BUILD_SOURCEVERSION: ${{ github.sha }}
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
- name: Calculate tag name
run: |
name=dev
if [[ $GITHUB_REF == refs/tags/v* ]]; then
name=${GITHUB_REF:10}
fi
echo ::set-output name=val::$name
echo TAG=$name >> $GITHUB_ENV
id: tagname
# Assemble all the build artifacts into tarballs and zip archives.
- name: Assemble tarballs
run: |
./ci/build-tarballs.sh x86_64-linux
./ci/build-tarballs.sh x86_64-windows .exe
./ci/build-tarballs.sh x86_64-mingw .exe
./ci/build-tarballs.sh x86_64-macos
./ci/build-tarballs.sh aarch64-linux
# Upload all assembled tarballs as an artifact of the github action run, so
# that way even PRs can inspect the output.
- uses: actions/upload-artifact@v1
with:
name: tarballs
path: dist
# The action 'pypa/gh-action-pypi-publish' will try to upload all files in the
# dist/ folder. This folder also contains non-package files, and therefore the
# action fails.
#
# To prevent the action from failing all .whl files are copied into a new
# directory.
- run: |
mkdir -p tmp/whl
find dist/ -name '*.whl' -type f -exec cp '{}' tmp/whl -v \;
# ... and if this was an actual push (tag or `main`) then we publish a
# new release. This'll automatically publish a tag release or update `dev`
# with this `sha`
- name: Publish Release
uses: ./.github/actions/github-release
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v'))
with:
files: "dist/*"
name: ${{ steps.tagname.outputs.val }}
token: ${{ secrets.GITHUB_TOKEN }}
cargo-audit:
env:
CARGO_AUDIT_VERSION: 0.11.2
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/cache@v1
with:
path: ${{ runner.tool_cache }}/cargo-audit
key: cargo-audit-bin-${{ env.CARGO_AUDIT_VERSION }}
- run: echo "${{ runner.tool_cache }}/cargo-audit/bin" >> $GITHUB_PATH
- run: |
cargo install --root ${{ runner.tool_cache }}/cargo-audit --version ${{ env.CARGO_AUDIT_VERSION }} cargo-audit
cargo audit
verify-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- run: rustup update stable && rustup default stable
- run: |
cd ${{ runner.tool_cache }}
curl -L https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | tar xzf -
echo "`pwd`/sccache-0.2.13-x86_64-unknown-linux-musl" >> $GITHUB_PATH
echo RUSTC_WRAPPER=sccache >> $GITHUB_ENV
- run: |
rustc scripts/publish.rs
./publish verify
Reference in New Issue View Git Blame Copy Permalink