Commit Graph

111 Commits

Author SHA1 Message Date
Sergey Pepyakin 331b730bac Replace unwrap with expect with a proof 2019-07-03 15:20:58 +02:00
Sergey Pepyakin 518da20b6b fmt 2019-07-03 15:01:12 +02:00
Sergey Pepyakin 9f4cc26c02 Results and polishing. 2019-07-03 14:00:02 +02:00
Sergey Pepyakin a0776876c1 Guard with feature. 2019-07-03 13:24:52 +02:00
Sergey Pepyakin 5b86cb5bca Provide proofs of safety. 2019-07-03 13:06:28 +02:00
Sergey Pepyakin 9614eb9508 fmt 2019-07-03 12:04:31 +02:00
Sergey Pepyakin af2788a06d Use mmap 2019-07-03 11:33:31 +02:00
Sergey Pepyakin b1be3f46c2 Implement a default vec backend 2019-07-02 21:09:35 +02:00
Sergey Pepyakin 68925b62a1 Refactor. 2019-07-02 20:34:29 +02:00
Sergey Pepyakin a5d5368c78 Use fast alloc 2019-07-02 17:53:13 +02:00
adam-rhebo f29f301e6e Make clearing value stack between export invocations optional (#188)
This avoids the main overhead of repeated export invocations by making
it optional to clear the value stack after each interpreter run.

This is especially useful if different exports of the same module are
invoked repeated so that no unintended information leaks are possible.
2019-06-21 11:03:58 +02:00
adam-rhebo 7fe6ef4e35 Add ARMv7 as CI test target (#186)
* Add ARMv7 as CI test target

* Avoid UB in conversions from floating point

When truncating floating point values to integer values, we need to
avoid undefined behavior if the argument does not fit into the target
type which is currently impossible using casts of primitive types.

Hence, this reimplements those conversions using arbitrary precision
integers and rationals from the num crate.
2019-06-18 15:06:16 +02:00
adam-rhebo 8dac328ea7 Remove hashbrown and use BTree{Map,Set} from the alloc crate (#187)
* Remove hashbrown and use BTree{Map,Set} from the alloc crate

wasmi-validation must handle untrusted input and hence we switch from
Hash{Set,Map} (whether std's or hashbrown's) to BTree{Set,Map} to avoid
algorithmic complexity attacks while retaining no_std support.

Closes #183

* Improve memory locality of checking for duplicate exports

Using a sorted slice gives us the same O(N log N) worst case execution
time as using a BTreeMap, but using a single allocation as with HashMap,
so that we should see better memory locality and hence better constant
factors when checking for duplicate exports.
2019-06-12 11:30:10 +02:00
adam-rhebo 284c907b29 Recycle value stacks to avoid allocation costs (#184) 2019-06-12 10:51:04 +02:00
Elichai Turkel 5be300c99f Replaced std with core in the TryInto import (#181)
* Replaced std with core

* Changed rust nightly to not allowed to fail in travis CI
2019-05-16 18:46:22 +02:00
Niklas Adolfsson 25429407fe fix(compile module): remove unused `mut` (#179) 2019-05-03 14:46:01 +01:00
Sergei Pepyakin a3aad8a549
Extract validation into a separate crate (#176)
* Add some docs.

* return_type isn't failable

* Add comment about safety of top_label

* Attempt number 10

* Rework.

Now we will a compiler which wraps and uses info from a evaluation simulator.

* Get rid of outcome

* Introduce StartedWith

* Actually use started_with.

* Mirror label_stack.

* Avoid using frame_type.

* Finally get rid from frame_type.

* Extract compilation

* Refactoring cleaning

* Validation separated from compilation.

* Move sink to FunctionReader

* Rename to compiler.

* fmt

* Move push_label under validation context.

* Add Validation traits

* Express the compiler using validation trait

* Move code under prepare

* Comments.

* WIP

* The great move of validation

* Make validation compile

* Make it compile.

* Format it.

* Fix warnings.

* Clean.

* Make it work under no_std

* Move deny_floating_point to wasmi

* Rename validate_module2 → validate_module

* Make validation tests work

* Make wasmi compilation tests work

* Renamings.

* Get rid of memory_units dependency in validation

* Rename.

* Clean.

* Estimate capacity.

* fmt.

* Clean and detail End opcode.

* Add comment about top_label safety

* Remove another TODO

* Comment access to require_target

* Remove redundant PartialEq

* Print value that can't be coerced to u32

* s/with_instruction_capacity/with_capacity

* fmt.

* fmt

* Proofs

* Add better proof

* Get rid of unreachable in StackValueType

* Propagate error if frame stack overflown on create

* use checked sub instead of -

* Keep::count
2019-04-19 16:05:09 +02:00
Elichai Turkel 8403cc3411 Add a check if NotStartedModuleRef has a start function (#173)
* Add a check if NotStartedModuleRef has a start function

* Removed redundant doc comment

Co-Authored-By: elichai <elichai.turkel@gmail.com>
2019-02-28 17:19:04 +01:00
Elichai Turkel e88d5d32e5 Removed Byteorder now that rust supports it natively (#171)
* Removed byteorder now that from_le_bytes is stabilized

* Rust fmt
2019-02-26 11:37:14 +01:00
Elichai Turkel 23b054c0e5 Replaced hashmap_core with hashbrown (#161) 2019-01-20 17:59:26 +01:00
Leonardo Yvens ad14d82bce Expose globals to host (#158)
* Make `global_by_index` pub, add `globals` getter

* simplify access to globals
2019-01-18 00:27:56 +01:00
Arkadiy Paronyan 073e4e7f1f Fixed documentation for used_size (#156) 2019-01-08 16:16:49 +01:00
Sergei Pepyakin d52ba8849a
Run rustfmt check on CI (#154)
* Run rustfmt check on CI

* Reformat.
2019-01-02 23:50:38 +01:00
Arkadiy Paronyan e047f508fa Track memory usage (#153)
* Track memory usage

* Track lowest_used in copy, etc.

* Extra comment for used_size
2019-01-02 22:13:21 +01:00
Jef 617be0198d Check type when resuming function (#152)
* Check type when resuming function

* Remove pub(crate)

* Update lib.rs
2019-01-02 12:18:24 +01:00
Jef 899cc32e45 rustfmt (#151) 2018-12-11 12:54:06 +01:00
Ivan Enderlin da558c7ce7 doc(host) Fix the `Externals` example (#149)
* doc(host) Fix the `Externals` example

The example is missing two things:

  * `index` is computed but not used,
  * `check_signature` is never used.

This patch tries to fix that.

* doc(host) Fix `check_signature` example
2018-11-28 14:03:03 +01:00
Jef c7f9196df6 Export LittleEndianConvert (#148) 2018-11-28 14:01:51 +01:00
Jef e11ba15373 Remove `Box<[Target]>` from `Instruction` (#141)
This also allows `Instruction` to be `Copy`, which massively speeds
up `<Instructions as Clone>::clone` since it can now just `memcpy`
the bytes using SIMD instead of having to switch on every single
element. I haven't looked at the disassembly of `InstructionIter::next`
yet, it could be that there are even more improvements yet to be gained
from either:

* Only doing work on `BrTable` (this might already be the case depending
  on the whims of the optimiser)
* Using `unsafe` to make it a noop (we really don't want to do this,
  obviously, since it means that `Instructions` has to be immovable)
2018-11-15 12:18:47 +01:00
Eric Findlay 7b4c648acb Minor edits to documentation. (#140) 2018-11-09 15:39:40 +01:00
Jef c877d64508 Remove tag from RuntimeValue (#133)
* Remove tag from runtime value

* Add explanation of `RuntimeValueInternal`, move it so I don't need to do `pub(crate)`
2018-10-31 16:01:20 +01:00
Wei Tang 1c04be64f8 Remove redundent check_function_args (#135)
* Remove redundent check_function_args

* Remove unused format convertion in check_function_args

* Remove unnecessary alloc
2018-10-29 18:29:46 +01:00
Julius Rakow 20154c5e24 Add no_std support (#122)
* add default-enabled std feature

* use parity-wasm/std feature only if std is enabled

* drop dependency on std::io

* use hashmap_core instead of std::collections::HashMap

* disable std::error in no_std

* core and alloc all the things

* mention no_std in readme

* add no_std feature and use hashmap_core only on no_std

* rename the no_std feature to core

* drop dependency on byteorder/std

* simplify float impl macro

* remove some trailing whitespace

* use libm for float math in no_std

* add note about no_std panics of libm to readme

* Embed nan-preserving-float crate.

* Add no_std check to the Travis CI config

* add missing dev-dependency
2018-10-29 11:16:55 +01:00
Jef 3854ecdad6 Remove some unsafety (#131)
* Remove unsafety

* Remove transmutes and pointer casts
2018-10-25 14:17:25 +02:00
Sergey Pepyakin ad4236263a
Don't update PC on every instruction (#130) 2018-10-19 16:55:07 +02:00
Will Glynn 7509477a61 Hide instruction storage details (#129)
* Hide Instructions implementation behind an iterator

* Hide instruction encoding behind isa::Instructions::push()

* Consistently use u32 for program counter storage

* Refer to instructions by position rather than index
2018-10-10 19:02:27 +02:00
Sergey Pepyakin 36582c32b6
Transfer function (#128) 2018-10-02 11:01:18 +01:00
Tobias Bucher 167e4845ef Proofread the library-level docs (#123)
* Proofread the library-level docs

* Fix extra word, remove mention of linear memory "space"
2018-08-27 11:10:45 +03:00
Guanqun Lu 0409913a26 Typo fixes (#119)
* typo fixes

* more typo fixes
2018-08-03 16:05:10 +03:00
Guanqun Lu 929ac564a5 we don't need this TODO anymore (#120) 2018-08-03 16:04:33 +03:00
Arkadiy Paronyan 118396851a Allocate memory on demand (#115)
* Allocate mem on demand

* More control in with_direct_access_mut
2018-07-31 16:25:46 +03:00
Guanqun Lu 43b8d52bca typo fixes in lib.rs (#113) 2018-07-30 15:16:17 +03:00
Arkadiy Paronyan 9ed95e49c1 Avoid allocations on memory operations (#112) 2018-07-26 14:50:05 +03:00
Wei Tang a605175abe Resumable function invocation (#110)
* Move call_stack to Interpreter struct

* Accept func and args when creating the Interpreter

* Create a RunState to indicate whether the current interpreter is recoverable

* Add functionality to resume execution in Interpreter level

* Implement resumable execution in func

* Expose FuncInvocation and ResumableError

* Fix missing docs for FuncInvocation

* Add test for resumable invoke and move external parameter passing to start/resume_invocation

* Add comments why assert is always true

* Add note why value stack is always empty after execution

* Use as_func

* Document `resume_execution` on conditions for `is_resumable` and `resumable_value_type`

* Document conditions where NotResumable and AlreadyStarted error is returned

* Warn user that invoke_resumable is experimental
2018-07-09 19:06:44 +03:00
Sergey Pepyakin dc5052aadb
Export nan_preserving_float (#109) 2018-07-04 12:13:57 +03:00
Sergey Pepyakin 5d99077e17
Bump limits arbitrary (#108) 2018-07-04 11:18:54 +03:00
Sergey Pepyakin f6657bace4
Flat Stack (#98)
* Define Instruction Set.

* WIP

* WIP 2

* Tests

* Working

* Bunch of other tests.

* WIP

* WIP

* Use Vec instead of VecDeque.

* Calibrate the limits.

* Clean

* Clean

* Another round of cleaning.

* Ignore traces.

* Optimize value stack

* Optimize a bit more.

* Cache memory index.

* Inline always instruction dispatch function.

* Comments.

* Clean

* Clean

* Use vector to keep unresolved references.

* Estimate resulting size.

* do refactoring

* Validate the locals count in the begging

* Introduce Keep and DropKeep structs in isa

* Rename/Split Validator into Reader

* Document stack layout

* Remove println!

* Fix typo.

* Use .last / .last_mut in stack

* Update docs for BrTable.

* Review fixes.

* Merge.

* Add an assert that stack is empty after the exec
2018-07-04 10:08:45 +03:00
Wei Tang f91dc92119 Update parity-wasm dependency to 0.31 (#105)
* Update parity-wasm dependency to 0.31
* Fix tests
2018-06-29 14:10:04 +03:00
Leonardo Yvens 9db7896e48 implement from and into RuntimeValue for i8, u8, i16 and u16 (#104)
This works under the assumption that these values
are represented as an `I32` in WASM, which seems
reasonable.
2018-06-25 16:59:30 +03:00
Leonardo Yvens 75406dd8ff Use transmute instead of casts In RuntimeValue conversion. (#102)
Casts have arithmetic semantics, and under some build configurations
Rust will panic when encountering an arithmetic overflow.
Use a transmute instead since it's what we mean.
The previous code worked, but still I added a test for good measure.
2018-06-21 15:47:49 +03:00