e68aa99588
* Implement the memory64 proposal in Wasmtime This commit implements the WebAssembly [memory64 proposal][proposal] in both Wasmtime and Cranelift. In terms of work done Cranelift ended up needing very little work here since most of it was already prepared for 64-bit memories at one point or another. Most of the work in Wasmtime is largely refactoring, changing a bunch of `u32` values to something else. A number of internal and public interfaces are changing as a result of this commit, for example: * Acessors on `wasmtime::Memory` that work with pages now all return `u64` unconditionally rather than `u32`. This makes it possible to accommodate 64-bit memories with this API, but we may also want to consider `usize` here at some point since the host can't grow past `usize`-limited pages anyway. * The `wasmtime::Limits` structure is removed in favor of minimum/maximum methods on table/memory types. * Many libcall intrinsics called by jit code now unconditionally take `u64` arguments instead of `u32`. Return values are `usize`, however, since the return value, if successful, is always bounded by host memory while arguments can come from any guest. * The `heap_addr` clif instruction now takes a 64-bit offset argument instead of a 32-bit one. It turns out that the legalization of `heap_addr` already worked with 64-bit offsets, so this change was fairly trivial to make. * The runtime implementation of mmap-based linear memories has changed to largely work in `usize` quantities in its API and in bytes instead of pages. This simplifies various aspects and reflects that mmap-memories are always bound by `usize` since that's what the host is using to address things, and additionally most calculations care about bytes rather than pages except for the very edge where we're going to/from wasm. Overall I've tried to minimize the amount of `as` casts as possible, using checked `try_from` and checked arithemtic with either error handling or explicit `unwrap()` calls to tell us about bugs in the future. Most locations have relatively obvious things to do with various implications on various hosts, and I think they should all be roughly of the right shape but time will tell. I mostly relied on the compiler complaining that various types weren't aligned to figure out type-casting, and I manually audited some of the more obvious locations. I suspect we have a number of hidden locations that will panic on 32-bit hosts if 64-bit modules try to run there, but otherwise I think we should be generally ok (famous last words). In any case I wouldn't want to enable this by default naturally until we've fuzzed it for some time. In terms of the actual underlying implementation, no one should expect memory64 to be all that fast. Right now it's implemented with "dynamic" heaps which have a few consequences: * All memory accesses are bounds-checked. I'm not sure how aggressively Cranelift tries to optimize out bounds checks, but I suspect not a ton since we haven't stressed this much historically. * Heaps are always precisely sized. This means that every call to `memory.grow` will incur a `memcpy` of memory from the old heap to the new. We probably want to at least look into `mremap` on Linux and otherwise try to implement schemes where dynamic heaps have some reserved pages to grow into to help amortize the cost of `memory.grow`. The memory64 spec test suite is scheduled to now run on CI, but as with all the other spec test suites it's really not all that comprehensive. I've tried adding more tests for basic things as I've had to implement guards for them, but I wouldn't really consider the testing adequate from just this PR itself. I did try to take care in one test to actually allocate a 4gb+ heap and then avoid running that in the pooling allocator or in emulation because otherwise that may fail or take excessively long. [proposal]: https://github.com/WebAssembly/memory64/blob/master/proposals/memory64/Overview.md * Fix some tests * More test fixes * Fix wasmtime tests * Fix doctests * Revert to 32-bit immediate offsets in `heap_addr` This commit updates the generation of addresses in wasm code to always use 32-bit offsets for `heap_addr`, and if the calculated offset is bigger than 32-bits we emit a manual add with an overflow check. * Disable memory64 for spectest fuzzing * Fix wrong offset being added to heap addr * More comments! * Clarify bytes/pages
427 lines
12 KiB
Rust
427 lines
12 KiB
Rust
use super::ref_types_module;
|
|
use super::skip_pooling_allocator_tests;
|
|
use std::sync::atomic::{AtomicBool, AtomicUsize, Ordering::SeqCst};
|
|
use std::sync::Arc;
|
|
use wasmtime::*;
|
|
|
|
struct SetFlagOnDrop(Arc<AtomicBool>);
|
|
|
|
impl Drop for SetFlagOnDrop {
|
|
fn drop(&mut self) {
|
|
self.0.store(true, SeqCst);
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn smoke_test_gc() -> anyhow::Result<()> {
|
|
let (mut store, module) = ref_types_module(
|
|
r#"
|
|
(module
|
|
(import "" "" (func $do_gc))
|
|
(func $recursive (export "func") (param i32 externref) (result externref)
|
|
local.get 0
|
|
i32.eqz
|
|
if (result externref)
|
|
call $do_gc
|
|
local.get 1
|
|
else
|
|
local.get 0
|
|
i32.const 1
|
|
i32.sub
|
|
local.get 1
|
|
call $recursive
|
|
end
|
|
)
|
|
)
|
|
"#,
|
|
)?;
|
|
|
|
let do_gc = Func::wrap(&mut store, |mut caller: Caller<'_, _>| {
|
|
// Do a GC with `externref`s on the stack in Wasm frames.
|
|
caller.gc();
|
|
});
|
|
let instance = Instance::new(&mut store, &module, &[do_gc.into()])?;
|
|
let func = instance.get_func(&mut store, "func").unwrap();
|
|
|
|
let inner_dropped = Arc::new(AtomicBool::new(false));
|
|
let r = ExternRef::new(SetFlagOnDrop(inner_dropped.clone()));
|
|
{
|
|
let args = [Val::I32(5), Val::ExternRef(Some(r.clone()))];
|
|
func.call(&mut store, &args)?;
|
|
}
|
|
|
|
// Still held alive by the `VMExternRefActivationsTable` (potentially in
|
|
// multiple slots within the table) and by this `r` local.
|
|
assert!(r.strong_count() >= 2);
|
|
|
|
// Doing a GC should see that there aren't any `externref`s on the stack in
|
|
// Wasm frames anymore.
|
|
store.gc();
|
|
assert_eq!(r.strong_count(), 1);
|
|
|
|
// Dropping `r` should drop the inner `SetFlagOnDrop` value.
|
|
drop(r);
|
|
assert!(inner_dropped.load(SeqCst));
|
|
|
|
Ok(())
|
|
}
|
|
|
|
#[test]
|
|
fn wasm_dropping_refs() -> anyhow::Result<()> {
|
|
let (mut store, module) = ref_types_module(
|
|
r#"
|
|
(module
|
|
(func (export "drop_ref") (param externref)
|
|
nop
|
|
)
|
|
)
|
|
"#,
|
|
)?;
|
|
|
|
let instance = Instance::new(&mut store, &module, &[])?;
|
|
let drop_ref = instance.get_func(&mut store, "drop_ref").unwrap();
|
|
|
|
let num_refs_dropped = Arc::new(AtomicUsize::new(0));
|
|
|
|
// NB: 4096 is greater than the initial `VMExternRefActivationsTable`
|
|
// capacity, so this will trigger at least one GC.
|
|
for _ in 0..4096 {
|
|
let r = ExternRef::new(CountDrops(num_refs_dropped.clone()));
|
|
let args = [Val::ExternRef(Some(r))];
|
|
drop_ref.call(&mut store, &args)?;
|
|
}
|
|
|
|
assert!(num_refs_dropped.load(SeqCst) > 0);
|
|
|
|
// And after doing a final GC, all the refs should have been dropped.
|
|
store.gc();
|
|
assert_eq!(num_refs_dropped.load(SeqCst), 4096);
|
|
|
|
return Ok(());
|
|
|
|
struct CountDrops(Arc<AtomicUsize>);
|
|
|
|
impl Drop for CountDrops {
|
|
fn drop(&mut self) {
|
|
self.0.fetch_add(1, SeqCst);
|
|
}
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn many_live_refs() -> anyhow::Result<()> {
|
|
let mut wat = r#"
|
|
(module
|
|
;; Make new `externref`s.
|
|
(import "" "make_ref" (func $make_ref (result externref)))
|
|
|
|
;; Observe an `externref` so it is kept live.
|
|
(import "" "observe_ref" (func $observe_ref (param externref)))
|
|
|
|
(func (export "many_live_refs")
|
|
"#
|
|
.to_string();
|
|
|
|
// This is more than the initial `VMExternRefActivationsTable` capacity, so
|
|
// it will need to allocate additional bump chunks.
|
|
const NUM_LIVE_REFS: usize = 1024;
|
|
|
|
// Push `externref`s onto the stack.
|
|
for _ in 0..NUM_LIVE_REFS {
|
|
wat.push_str("(call $make_ref)\n");
|
|
}
|
|
|
|
// Pop `externref`s from the stack. Because we pass each of them to a
|
|
// function call here, they are all live references for the duration of
|
|
// their lifetimes.
|
|
for _ in 0..NUM_LIVE_REFS {
|
|
wat.push_str("(call $observe_ref)\n");
|
|
}
|
|
|
|
wat.push_str(
|
|
"
|
|
) ;; func
|
|
) ;; module
|
|
",
|
|
);
|
|
|
|
let (mut store, module) = ref_types_module(&wat)?;
|
|
|
|
let live_refs = Arc::new(AtomicUsize::new(0));
|
|
|
|
let make_ref = Func::wrap(&mut store, {
|
|
let live_refs = live_refs.clone();
|
|
move || Some(ExternRef::new(CountLiveRefs::new(live_refs.clone())))
|
|
});
|
|
|
|
let observe_ref = Func::wrap(&mut store, |r: Option<ExternRef>| {
|
|
let r = r.unwrap();
|
|
let r = r.data().downcast_ref::<CountLiveRefs>().unwrap();
|
|
assert!(r.live_refs.load(SeqCst) > 0);
|
|
});
|
|
|
|
let instance = Instance::new(&mut store, &module, &[make_ref.into(), observe_ref.into()])?;
|
|
let many_live_refs = instance.get_func(&mut store, "many_live_refs").unwrap();
|
|
|
|
many_live_refs.call(&mut store, &[])?;
|
|
|
|
store.gc();
|
|
assert_eq!(live_refs.load(SeqCst), 0);
|
|
|
|
return Ok(());
|
|
|
|
struct CountLiveRefs {
|
|
live_refs: Arc<AtomicUsize>,
|
|
}
|
|
|
|
impl CountLiveRefs {
|
|
fn new(live_refs: Arc<AtomicUsize>) -> Self {
|
|
live_refs.fetch_add(1, SeqCst);
|
|
Self { live_refs }
|
|
}
|
|
}
|
|
|
|
impl Drop for CountLiveRefs {
|
|
fn drop(&mut self) {
|
|
self.live_refs.fetch_sub(1, SeqCst);
|
|
}
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
#[cfg(not(feature = "old-x86-backend"))] // uses atomic instrs not implemented here
|
|
fn drop_externref_via_table_set() -> anyhow::Result<()> {
|
|
let (mut store, module) = ref_types_module(
|
|
r#"
|
|
(module
|
|
(table $t 1 externref)
|
|
|
|
(func (export "table-set") (param externref)
|
|
(table.set $t (i32.const 0) (local.get 0))
|
|
)
|
|
)
|
|
"#,
|
|
)?;
|
|
|
|
let instance = Instance::new(&mut store, &module, &[])?;
|
|
let table_set = instance.get_func(&mut store, "table-set").unwrap();
|
|
|
|
let foo_is_dropped = Arc::new(AtomicBool::new(false));
|
|
let bar_is_dropped = Arc::new(AtomicBool::new(false));
|
|
|
|
let foo = ExternRef::new(SetFlagOnDrop(foo_is_dropped.clone()));
|
|
let bar = ExternRef::new(SetFlagOnDrop(bar_is_dropped.clone()));
|
|
|
|
{
|
|
let args = vec![Val::ExternRef(Some(foo))];
|
|
table_set.call(&mut store, &args)?;
|
|
}
|
|
store.gc();
|
|
assert!(!foo_is_dropped.load(SeqCst));
|
|
assert!(!bar_is_dropped.load(SeqCst));
|
|
|
|
{
|
|
let args = vec![Val::ExternRef(Some(bar))];
|
|
table_set.call(&mut store, &args)?;
|
|
}
|
|
store.gc();
|
|
assert!(foo_is_dropped.load(SeqCst));
|
|
assert!(!bar_is_dropped.load(SeqCst));
|
|
|
|
table_set.call(&mut store, &[Val::ExternRef(None)])?;
|
|
assert!(foo_is_dropped.load(SeqCst));
|
|
assert!(bar_is_dropped.load(SeqCst));
|
|
|
|
Ok(())
|
|
}
|
|
|
|
#[test]
|
|
fn global_drops_externref() -> anyhow::Result<()> {
|
|
test_engine(&Engine::default())?;
|
|
|
|
if !skip_pooling_allocator_tests() {
|
|
test_engine(&Engine::new(
|
|
Config::new().allocation_strategy(InstanceAllocationStrategy::pooling()),
|
|
)?)?;
|
|
}
|
|
|
|
return Ok(());
|
|
|
|
fn test_engine(engine: &Engine) -> anyhow::Result<()> {
|
|
let mut store = Store::new(&engine, ());
|
|
let flag = Arc::new(AtomicBool::new(false));
|
|
let externref = ExternRef::new(SetFlagOnDrop(flag.clone()));
|
|
Global::new(
|
|
&mut store,
|
|
GlobalType::new(ValType::ExternRef, Mutability::Const),
|
|
externref.into(),
|
|
)?;
|
|
drop(store);
|
|
assert!(flag.load(SeqCst));
|
|
|
|
let mut store = Store::new(&engine, ());
|
|
let module = Module::new(
|
|
&engine,
|
|
r#"
|
|
(module
|
|
(global (mut externref) (ref.null extern))
|
|
|
|
(func (export "run") (param externref)
|
|
local.get 0
|
|
global.set 0
|
|
)
|
|
)
|
|
"#,
|
|
)?;
|
|
let instance = Instance::new(&mut store, &module, &[])?;
|
|
let run = instance.get_typed_func::<Option<ExternRef>, (), _>(&mut store, "run")?;
|
|
let flag = Arc::new(AtomicBool::new(false));
|
|
let externref = ExternRef::new(SetFlagOnDrop(flag.clone()));
|
|
run.call(&mut store, Some(externref))?;
|
|
drop(store);
|
|
assert!(flag.load(SeqCst));
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
#[cfg(not(feature = "old-x86-backend"))] // uses atomic instrs not implemented here
|
|
fn table_drops_externref() -> anyhow::Result<()> {
|
|
test_engine(&Engine::default())?;
|
|
|
|
if !skip_pooling_allocator_tests() {
|
|
test_engine(&Engine::new(
|
|
Config::new().allocation_strategy(InstanceAllocationStrategy::pooling()),
|
|
)?)?;
|
|
}
|
|
|
|
return Ok(());
|
|
|
|
fn test_engine(engine: &Engine) -> anyhow::Result<()> {
|
|
let mut store = Store::new(&engine, ());
|
|
let flag = Arc::new(AtomicBool::new(false));
|
|
let externref = ExternRef::new(SetFlagOnDrop(flag.clone()));
|
|
Table::new(
|
|
&mut store,
|
|
TableType::new(ValType::ExternRef, 1, None),
|
|
externref.into(),
|
|
)?;
|
|
drop(store);
|
|
assert!(flag.load(SeqCst));
|
|
|
|
let mut store = Store::new(&engine, ());
|
|
let module = Module::new(
|
|
&engine,
|
|
r#"
|
|
(module
|
|
(table 1 externref)
|
|
|
|
(func (export "run") (param externref)
|
|
i32.const 0
|
|
local.get 0
|
|
table.set 0
|
|
)
|
|
)
|
|
"#,
|
|
)?;
|
|
let instance = Instance::new(&mut store, &module, &[])?;
|
|
let run = instance.get_typed_func::<Option<ExternRef>, (), _>(&mut store, "run")?;
|
|
let flag = Arc::new(AtomicBool::new(false));
|
|
let externref = ExternRef::new(SetFlagOnDrop(flag.clone()));
|
|
run.call(&mut store, Some(externref))?;
|
|
drop(store);
|
|
assert!(flag.load(SeqCst));
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
#[cfg(not(feature = "old-x86-backend"))] // uses atomic instrs not implemented here
|
|
fn gee_i_sure_hope_refcounting_is_atomic() -> anyhow::Result<()> {
|
|
let mut config = Config::new();
|
|
config.wasm_reference_types(true);
|
|
config.interruptable(true);
|
|
let engine = Engine::new(&config)?;
|
|
let mut store = Store::new(&engine, ());
|
|
let module = Module::new(
|
|
&engine,
|
|
r#"
|
|
(module
|
|
(global (mut externref) (ref.null extern))
|
|
(table 1 externref)
|
|
|
|
(func (export "run") (param externref)
|
|
local.get 0
|
|
global.set 0
|
|
i32.const 0
|
|
local.get 0
|
|
table.set 0
|
|
loop
|
|
global.get 0
|
|
global.set 0
|
|
|
|
i32.const 0
|
|
i32.const 0
|
|
table.get
|
|
table.set
|
|
|
|
local.get 0
|
|
call $f
|
|
|
|
br 0
|
|
end
|
|
)
|
|
|
|
(func $f (param externref))
|
|
)
|
|
"#,
|
|
)?;
|
|
|
|
let instance = Instance::new(&mut store, &module, &[])?;
|
|
let run = instance.get_typed_func::<Option<ExternRef>, (), _>(&mut store, "run")?;
|
|
|
|
let flag = Arc::new(AtomicBool::new(false));
|
|
let externref = ExternRef::new(SetFlagOnDrop(flag.clone()));
|
|
let externref2 = externref.clone();
|
|
let handle = store.interrupt_handle()?;
|
|
|
|
let child = std::thread::spawn(move || run.call(&mut store, Some(externref2)));
|
|
|
|
for _ in 0..10000 {
|
|
drop(externref.clone());
|
|
}
|
|
handle.interrupt();
|
|
|
|
assert!(child.join().unwrap().is_err());
|
|
assert!(!flag.load(SeqCst));
|
|
assert_eq!(externref.strong_count(), 1);
|
|
drop(externref);
|
|
assert!(flag.load(SeqCst));
|
|
|
|
Ok(())
|
|
}
|
|
|
|
#[test]
|
|
fn global_init_no_leak() -> anyhow::Result<()> {
|
|
let (mut store, module) = ref_types_module(
|
|
r#"
|
|
(module
|
|
(import "" "" (global externref))
|
|
(global externref (global.get 0))
|
|
)
|
|
"#,
|
|
)?;
|
|
|
|
let externref = ExternRef::new(());
|
|
let global = Global::new(
|
|
&mut store,
|
|
GlobalType::new(ValType::ExternRef, Mutability::Const),
|
|
externref.clone().into(),
|
|
)?;
|
|
Instance::new(&mut store, &module, &[global.into()])?;
|
|
drop(store);
|
|
assert_eq!(externref.strong_count(), 1);
|
|
|
|
Ok(())
|
|
}
|