This PR encompasses two complementing purposes:
A documentation on verifying an Intel SGX evidence as produced by WAMR,
including a guide for verification without an Intel SGX-enabled platform.
This also contains a small addition to the RA sample to extract specific
information, such as whether the enclave is running in debug mode.
A C# sample to verify evidence on trusted premises (and without Intel SGX).
Evidence is generated on untrusted environments, using Intel SGX.
The wasm_interp_call_func_bytecode is called for the first time with the empty
module/exec_env to generate a global_handle_table. Before that happens though,
the function checks if the module instance has bounds check enabled. Because
the module instance is null, the program crashes. This PR added an extra check to
prevent the crashes.
Implement the GC (Garbage Collection) feature for interpreter mode,
AOT mode and LLVM-JIT mode, and support most features of the latest
spec proposal, and also enable the stringref feature.
Use `cmake -DWAMR_BUILD_GC=1/0` to enable/disable the feature,
and `wamrc --enable-gc` to generate the AOT file with GC supported.
And update the AOT file version from 2 to 3 since there are many AOT
ABI breaks, including the changes of AOT file format, the changes of
AOT module/memory instance layouts, the AOT runtime APIs for the
AOT code to invoke and so on.
This increases the chance to use "short" calls.
Assumptions:
- LLVM preserves the order of functions in a module
- The wrapper function are smaller than the wrapped functions
- The target CPU has "short" PC-relative variation of call/jmp instructions
and they are preferrable over the "long" ones.
A motivation:
- To avoid some relocations for XIP, I want to use xtensa PC-relative
call instructions, which can only reach ~512KB.
Using `CHECK_BULK_MEMORY_OVERFLOW(addr + offset, n, maddr)` to do the
boundary check may encounter integer overflow in `addr + offset`, change to
use `CHECK_MEMORY_OVERFLOW(n)` instead, which converts `addr` and `offset`
to uint64 first and then add them to avoid integer overflow.
With this approach we can omit using memset() for the newly allocated memory
therefore the physical pages are not being used unless touched by the program.
This also simplifies the implementation.
This PR adds the initial support for WASM exception handling:
* Inside the classic interpreter only:
* Initial handling of Tags
* Initial handling of Exceptions based on W3C Exception Proposal
* Import and Export of Exceptions and Tags
* Add `cmake -DWAMR_BUILD_EXCE_HANDLING=1/0` option to enable/disable
the feature, and by default it is disabled
* Update the wamr-test-suites scripts to test the feature
* Additional CI/CD changes to validate the exception spec proposal cases
Refer to:
https://github.com/bytecodealliance/wasm-micro-runtime/issues/1884587513f3c68bebfe9ad759bccdfed8
Signed-off-by: Ricardo Aguilar <ricardoaguilar@siemens.com>
Co-authored-by: Chris Woods <chris.woods@siemens.com>
Co-authored-by: Rene Ermler <rene.ermler@siemens.com>
Co-authored-by: Trenner Thomas <trenner.thomas@siemens.com>
While we used a different approach for poll_oneoff [1],
the implementation works only when the poll list includes
an absolute clock event. That is, if we have a thread which is
polling on descriptors without a timeout, we fail to terminate
the thread.
This commit fixes it by applying wasm_runtime_begin_blocking_op
to poll as well.
[1] https://github.com/bytecodealliance/wasm-micro-runtime/pull/1951
Possible alternatives:
* Make wasm_cluster_destroy_spawned_exec_env take two exec_env.
One for wasm execution and another to specify the target to destroy.
* Make execute functions to switch exec_env as briefly discussed in
https://github.com/bytecodealliance/wasm-micro-runtime/pull/2047
Check whether the arguments are NULL before calling bh_hash_map_find,
or lots of "HashMap find elem failed: map or key is NULL" warnings may
be dumped. Reported in #3053.
Though SIMD isn't supported by interpreter, when JIT is enabled,
developer may run `iwasm --interp <wasm_file>` to trigger the SIMD
opcode in interpreter, which isn't handled before this PR.
It seems that some users want to wrap rather large chunk of code
with wasm_runtime_begin_blocking_op/wasm_runtime_end_blocking_op.
If the wrapped code happens to have a call to
e.g. wasm_runtime_spawn_exec_env, WASM_SUSPEND_FLAG_BLOCKING is
inherited to the child exec_env and it may cause unexpected behaviors.
- Enable quick aot entry when hw bound check is disabled
- Remove unnecessary ret_type argument in the quick aot entries
- Declare detailed prototype of aot function to call in each quick aot entry
Since there is no so rich api in freertos like embedded system, simply set
CONFIG_HAS_CAP_ENTER to 1 to support posix file api for freertos.
Test file api in wasm app pass.
Enhance the statistic of wasm function execution time, or the performance
profiling feature:
- Add os_time_thread_cputime_us() to get the cputime of a thread,
and use it to calculate the execution time of a wasm function
- Support the statistic of the children execution time of a function,
and dump it in wasm_runtime_dump_perf_profiling
- Expose two APIs:
wasm_runtime_sum_wasm_exec_time
wasm_runtime_get_wasm_func_exec_time
And rename os_time_get_boot_microsecond to os_time_get_boot_us.
For shared memory, the max memory size must be defined in advanced. Re-allocation
for growing memory can't be used as it might change the base address, therefore when
OS_ENABLE_HW_BOUND_CHECK is enabled the memory is mmaped, and if the flag is
disabled, the memory is allocated. This change introduces a flag that allows users to use
mmap for reserving memory address space even if the OS_ENABLE_HW_BOUND_CHECK
is disabled.
