Merge pull request from GHSA-hpqh-2wqx-7qp5

Fix spillslot reload of narrow values: zero-extend, don't sign-extend. Release v0.74.0 as security-patch release.

Author: cfallin

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "wasmtime-cli"
-version = "0.26.0"
+version = "0.27.0"
 authors = ["The Wasmtime Project Developers"]
 description = "Command-line interface for Wasmtime"
 license = "Apache-2.0 WITH LLVM-exception"
@@ -22,16 +22,16 @@ doc = false
 
 [dependencies]
 # Enable all supported architectures by default.
-wasmtime = { path = "crates/wasmtime", version = "0.26.0", default-features = false, features = ['cache'] }
-wasmtime-cache = { path = "crates/cache", version = "0.26.0" }
-wasmtime-debug = { path = "crates/debug", version = "0.26.0" }
-wasmtime-environ = { path = "crates/environ", version = "0.26.0" }
-wasmtime-jit = { path = "crates/jit", version = "0.26.0" }
-wasmtime-obj = { path = "crates/obj", version = "0.26.0" }
-wasmtime-wast = { path = "crates/wast", version = "0.26.0" }
-wasmtime-wasi = { path = "crates/wasi", version = "0.26.0" }
-wasmtime-wasi-crypto = { path = "crates/wasi-crypto", version = "0.26.0", optional = true }
-wasmtime-wasi-nn = { path = "crates/wasi-nn", version = "0.26.0", optional = true }
+wasmtime = { path = "crates/wasmtime", version = "0.27.0", default-features = false, features = ['cache'] }
+wasmtime-cache = { path = "crates/cache", version = "0.27.0" }
+wasmtime-debug = { path = "crates/debug", version = "0.27.0" }
+wasmtime-environ = { path = "crates/environ", version = "0.27.0" }
+wasmtime-jit = { path = "crates/jit", version = "0.27.0" }
+wasmtime-obj = { path = "crates/obj", version = "0.27.0" }
+wasmtime-wast = { path = "crates/wast", version = "0.27.0" }
+wasmtime-wasi = { path = "crates/wasi", version = "0.27.0" }
+wasmtime-wasi-crypto = { path = "crates/wasi-crypto", version = "0.27.0", optional = true }
+wasmtime-wasi-nn = { path = "crates/wasi-nn", version = "0.27.0", optional = true }
 structopt = { version = "0.3.5", features = ["color", "suggestions"] }
 object = { version = "0.24.0", default-features = false, features = ["write"] }
 anyhow = "1.0.19"

Cargo.toml

@@ -4,19 +4,88 @@
 
 ## Unreleased
 
+## 0.27.0
+
+Released 2021-05-21.
+
+### Security Fixes
+
+* Fixed a security issue in Cranelift's x64 backend that could result in a heap
+  sandbox escape due to an incorrect sign-extension:
+  [#2913](https://github.com/bytecodealliance/wasmtime/issues/2913).
+
 ### Added
 
+* Support for IBM z/Archiecture (`s390x`) machines in Cranelift and Wasmtime:
+  [#2836](https://github.com/bytecodealliance/wasmtime/pull/2836),
+  [#2837](https://github.com/bytecodealliance/wasmtime/pull/2837),
+  [#2838](https://github.com/bytecodealliance/wasmtime/pull/2838),
+  [#2843](https://github.com/bytecodealliance/wasmtime/pull/2843),
+  [#2854](https://github.com/bytecodealliance/wasmtime/pull/2854),
+  [#2870](https://github.com/bytecodealliance/wasmtime/pull/2870),
+  [#2871](https://github.com/bytecodealliance/wasmtime/pull/2871),
+  [#2872](https://github.com/bytecodealliance/wasmtime/pull/2872),
+  [#2874](https://github.com/bytecodealliance/wasmtime/pull/2874).
+
+* Improved async support in wasi-common runtime:
+  [#2832](https://github.com/bytecodealliance/wasmtime/pull/2832).
+
 * Added `Store::with_limits`, `StoreLimits`, and `ResourceLimiter` to the
   Wasmtime API to help with enforcing resource limits at runtime. The
   `ResourceLimiter` trait can be implemented by custom resource limiters to
   decide if linear memories or tables can be grown.
 
+* Added `allow-unknown-exports` option for the run command:
+  [#2879](https://github.com/bytecodealliance/wasmtime/pull/2879).
+
+* Added API to notify that a `Store` has moved to a new thread:
+  [#2822](https://github.com/bytecodealliance/wasmtime/pull/2822).
+
+* Documented guidance around using Wasmtime in multithreaded contexts:
+  [#2812](https://github.com/bytecodealliance/wasmtime/pull/2812).
+  In the future, the Wasmtime API will change to allow some of its core types
+  to be Send/Sync; see the in-progress
+  [#2897](https://github.com/bytecodealliance/wasmtime/pull/2897) for details.
+
+* Support calls from native code to multiple-return-value functions:
+  [#2806](https://github.com/bytecodealliance/wasmtime/pull/2806).
+
 ### Changed
 
 * Breaking: `Memory::new` has been changed to return `Result` as creating a
   host memory object is now a fallible operation when the initial size of
   the memory exceeds the store limits.
 
+### Fixed
+
+* Many instruction selection improvements on x64 and aarch64:
+  [#2819](https://github.com/bytecodealliance/wasmtime/pull/2819),
+  [#2828](https://github.com/bytecodealliance/wasmtime/pull/2828),
+  [#2823](https://github.com/bytecodealliance/wasmtime/pull/2823),
+  [#2862](https://github.com/bytecodealliance/wasmtime/pull/2862),
+  [#2886](https://github.com/bytecodealliance/wasmtime/pull/2886),
+  [#2889](https://github.com/bytecodealliance/wasmtime/pull/2889),
+  [#2905](https://github.com/bytecodealliance/wasmtime/pull/2905).
+
+* Improved performance of Wasmtime runtime substantially:
+  [#2811](https://github.com/bytecodealliance/wasmtime/pull/2811),
+  [#2818](https://github.com/bytecodealliance/wasmtime/pull/2818),
+  [#2821](https://github.com/bytecodealliance/wasmtime/pull/2821),
+  [#2847](https://github.com/bytecodealliance/wasmtime/pull/2847),
+  [#2900](https://github.com/bytecodealliance/wasmtime/pull/2900).
+
+* Fixed WASI issue with file metadata on Windows:
+  [#2884](https://github.com/bytecodealliance/wasmtime/pull/2884).
+
+* Fixed an issue with debug info and an underflowing (trapping) offset:
+  [#2866](https://github.com/bytecodealliance/wasmtime/pull/2866).
+
+* Fixed an issue with unwind information in the old x86 backend:
+  [#2845](https://github.com/bytecodealliance/wasmtime/pull/2845).
+
+* Fixed i32 spilling in x64 backend:
+  [#2840](https://github.com/bytecodealliance/wasmtime/pull/2840).
+
 ## 0.26.0
 
 Released 2021-04-05.

RELEASES.md

@@ -15,27 +15,27 @@ path = "src/clif-util.rs"
 
 [dependencies]
 cfg-if = "1.0"
-cranelift-codegen = { path = "codegen", version = "0.73.0" }
-cranelift-entity = { path = "entity", version = "0.73.0" }
-cranelift-interpreter = { path = "interpreter", version = "0.73.0" }
-cranelift-reader = { path = "reader", version = "0.73.0" }
-cranelift-frontend = { path = "frontend", version = "0.73.0" }
-cranelift-serde = { path = "serde", version = "0.73.0", optional = true }
-cranelift-wasm = { path = "wasm", version = "0.73.0", optional = true }
-cranelift-native = { path = "native", version = "0.73.0" }
+cranelift-codegen = { path = "codegen", version = "0.74.0" }
+cranelift-entity = { path = "entity", version = "0.74.0" }
+cranelift-interpreter = { path = "interpreter", version = "0.74.0" }
+cranelift-reader = { path = "reader", version = "0.74.0" }
+cranelift-frontend = { path = "frontend", version = "0.74.0" }
+cranelift-serde = { path = "serde", version = "0.74.0", optional = true }
+cranelift-wasm = { path = "wasm", version = "0.74.0", optional = true }
+cranelift-native = { path = "native", version = "0.74.0" }
 cranelift-filetests = { path = "filetests", version = "0.73.0" }
-cranelift-module = { path = "module", version = "0.73.0" }
-cranelift-object = { path = "object", version = "0.73.0" }
-cranelift-jit = { path = "jit", version = "0.73.0" }
-cranelift-preopt = { path = "preopt", version = "0.73.0" }
-cranelift = { path = "umbrella", version = "0.73.0" }
+cranelift-module = { path = "module", version = "0.74.0" }
+cranelift-object = { path = "object", version = "0.74.0" }
+cranelift-jit = { path = "jit", version = "0.74.0" }
+cranelift-preopt = { path = "preopt", version = "0.74.0" }
+cranelift = { path = "umbrella", version = "0.74.0" }
 filecheck = "0.5.0"
 log = "0.4.8"
 termcolor = "1.1.2"
 capstone = { version = "0.7.0", optional = true }
 wat = { version = "1.0.36", optional = true }
 target-lexicon = { version = "0.12", features = ["std"] }
-peepmatic-souper = { path = "./peepmatic/crates/souper", version = "0.73.0", optional = true }
+peepmatic-souper = { path = "./peepmatic/crates/souper", version = "0.74.0", optional = true }
 pretty_env_logger = "0.4.0"
 rayon = { version = "1", optional = true }
 file-per-thread-logger = "0.1.2"

cranelift/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 authors = ["The Cranelift Project Developers"]
 name = "cranelift-bforest"
-version = "0.73.0"
+version = "0.74.0"
 description = "A forest of B+-trees"
 license = "Apache-2.0 WITH LLVM-exception"
 documentation = "https://docs.rs/cranelift-bforest"
@@ -12,7 +12,7 @@ keywords = ["btree", "forest", "set", "map"]
 edition = "2018"
 
 [dependencies]
-cranelift-entity = { path = "../entity", version = "0.73.0", default-features = false }
+cranelift-entity = { path = "../entity", version = "0.74.0", default-features = false }
 
 [badges]
 maintenance = { status = "experimental" }

cranelift/bforest/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 authors = ["The Cranelift Project Developers"]
 name = "cranelift-codegen"
-version = "0.73.0"
+version = "0.74.0"
 description = "Low-level code generator library"
 license = "Apache-2.0 WITH LLVM-exception"
 documentation = "https://docs.rs/cranelift-codegen"
@@ -13,19 +13,19 @@ build = "build.rs"
 edition = "2018"
 
 [dependencies]
-cranelift-codegen-shared = { path = "./shared", version = "0.73.0" }
-cranelift-entity = { path = "../entity", version = "0.73.0" }
-cranelift-bforest = { path = "../bforest", version = "0.73.0" }
+cranelift-codegen-shared = { path = "./shared", version = "0.74.0" }
+cranelift-entity = { path = "../entity", version = "0.74.0" }
+cranelift-bforest = { path = "../bforest", version = "0.74.0" }
 hashbrown = { version = "0.9.1", optional = true }
 target-lexicon = "0.12"
 log = { version = "0.4.6", default-features = false }
 serde = { version = "1.0.94", features = ["derive"], optional = true }
 bincode = { version = "1.2.1", optional = true }
 gimli = { version = "0.24.0", default-features = false, features = ["write"], optional = true }
 smallvec = { version = "1.6.1" }
-peepmatic = { path = "../peepmatic", optional = true, version = "0.73.0" }
-peepmatic-traits = { path = "../peepmatic/crates/traits", optional = true, version = "0.73.0" }
-peepmatic-runtime = { path = "../peepmatic/crates/runtime", optional = true, version = "0.73.0" }
+peepmatic = { path = "../peepmatic", optional = true, version = "0.74.0" }
+peepmatic-traits = { path = "../peepmatic/crates/traits", optional = true, version = "0.74.0" }
+peepmatic-runtime = { path = "../peepmatic/crates/runtime", optional = true, version = "0.74.0" }
 regalloc = { version = "0.0.31" }
 souper-ir = { version = "2.1.0", optional = true }
 wast = { version = "35.0.0", optional = true }
@@ -38,7 +38,7 @@ wast = { version = "35.0.0", optional = true }
 criterion = "0.3"
 
 [build-dependencies]
-cranelift-codegen-meta = { path = "meta", version = "0.73.0" }
+cranelift-codegen-meta = { path = "meta", version = "0.74.0" }
 
 [features]
 default = ["std", "unwind"]

cranelift/codegen/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "cranelift-codegen-meta"
 authors = ["The Cranelift Project Developers"]
-version = "0.73.0"
+version = "0.74.0"
 description = "Metaprogram for cranelift-codegen code generator library"
 license = "Apache-2.0 WITH LLVM-exception"
 repository = "https://github.com/bytecodealliance/wasmtime"
@@ -13,8 +13,8 @@ edition = "2018"
 # rustdoc-args = [ "--document-private-items" ]
 
 [dependencies]
-cranelift-codegen-shared = { path = "../shared", version = "0.73.0" }
-cranelift-entity = { path = "../../entity", version = "0.73.0" }
+cranelift-codegen-shared = { path = "../shared", version = "0.74.0" }
+cranelift-entity = { path = "../../entity", version = "0.74.0" }
 
 [badges]
 maintenance = { status = "experimental" }

cranelift/codegen/meta/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 authors = ["The Cranelift Project Developers"]
 name = "cranelift-codegen-shared"
-version = "0.73.0"
+version = "0.74.0"
 description = "For code shared between cranelift-codegen-meta and cranelift-codegen"
 license = "Apache-2.0 WITH LLVM-exception"
 repository = "https://github.com/bytecodealliance/wasmtime"

cranelift/codegen/shared/Cargo.toml

@@ -317,19 +317,19 @@ impl ABIMachineSpec for X64ABIMachineSpec {
     }
 
     fn gen_load_stack(mem: StackAMode, into_reg: Writable<Reg>, ty: Type) -> Self::I {
-        let ext_kind = match ty {
+        // For integer-typed values, we always load a full 64 bits (and we always spill a full 64
+        // bits as well -- see `Inst::store()`).
+        let ty = match ty {
             types::B1
             | types::B8
             | types::I8
             | types::B16
             | types::I16
             | types::B32
-            | types::I32 => ExtKind::SignExtend,
-            types::B64 | types::I64 | types::R64 | types::F32 | types::F64 => ExtKind::None,
-            _ if ty.bytes() == 16 => ExtKind::None,
-            _ => panic!("load_stack({})", ty),
+            | types::I32 => types::I64,
+            _ => ty,
         };
-        Inst::load(ty, mem, into_reg, ext_kind)
+        Inst::load(ty, mem, into_reg, ExtKind::None)
     }
 
     fn gen_store_stack(mem: StackAMode, from_reg: Reg, ty: Type) -> Self::I {

cranelift/codegen/src/isa/x64/abi.rs

@@ -1038,6 +1038,7 @@ impl fmt::Display for Avx512Opcode {
 /// This defines the ways a value can be extended: either signed- or zero-extension, or none for
 /// types that are not extended. Contrast with [ExtMode], which defines the widths from and to which
 /// values can be extended.
+#[allow(dead_code)]
 #[derive(Clone, PartialEq)]
 pub enum ExtKind {
     None,