build(deps): bump wasmi from 0.31.0 to 0.31.2

[dependabot]

Bumps wasmi from 0.31.0 to 0.31.2.

Release notes

Sourced from wasmi's releases.

v0.31.1 - 2023-12-01

Fixes

• Fixed a bug, in the wasmi engine executor, that causes an out of bounds buffer write when calling or resuming a Wasm function with a high number of parameters from the host side.

Changelog

Sourced from wasmi's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is loosely based on Keep a Changelog, and this project adheres to Semantic Versioning. Additionally we have an Internal section for changes that are of interest to developers.

Dates in this file are formattes as YYYY-MM-DD.

[0.32.0-beta.6] - 2024-02-07

Note:

• This is the beta of the upcoming v0.32.0 release. This version is not production ready yet and might contain serious bugs. Please use this only for experimentation or at your own risk.
• Performance tests indicated that the new register-machine bytecode based Wasmi engine performance is very sensitive to hardware or OS specifics which may lead to very different performance characteristics.
  • We are working on fixing this until the stable release.
  • Measurements concluded that execution performance can be equal or sometimes even surpass Wasm3 execution performance.

Added

• Added a new execution engine based on register-machine bytecode. (paritytech/wasmi#729)
  • The register-machine Wasmi Engine executes roughly 80-100% faster and compiles roughly 30% slower according to benchmarks conducted so far.
• Added Module::new_unchecked API. (paritytech/wasmi#829)
  • This allows to compile a Wasm module without Wasm validation which can be useful when users know that their inputs are valid Wasm binaries.
  • This improves Wasm compilation performance for faster startup times by roughly 10-20%.
• Added Wasm compilation modes. (paritytech/wasmi#844)
  • When using Module::new Wasmi eagerly compiles Wasm bytecode into Wasmi bytecode which is optimized for efficient execution. However, this compilation can become very costly especially for large Wasm binaries.
  • The solution to this problem is to introduce new compilation modes, namely:
    • CompilationMode::Eager: Eager compilation, what Wasmi did so far. (default)
    • CompilationMode::LazyTranslation: Eager Wasm validation and lazy Wasm translation.
    • CompilationMode::Lazy: Lazy Wasm validation and translation.
  • Benchmarks concluded that
    • CompilationMode::LazyTanslation: Usually improves startup performance by a factor of 2 to 3.
    • CompilationMode::Lazy: Usually improves startup performance by a factor of up to 27.
  • Note that CompilationMode::Lazy can lead to partially validated Wasm modules which can introduce non-determinism when using different Wasm implementations. Therefore users should know what they are doing when using CompilationMode::Lazy if this is a concern.
  • Enable lazy Wasm compilation with:

    let mut config = wasmi::Config::default();

... (truncated)

Commits

• 0218dfc Fix InstanceCache bug (#904)
• 3fd0cc2 Bump wasmi_arena version (#903)
• 86c8740 Fix Sync impl bug in wasmi_arena crate (#902)
• 27def28 Bump actions/cache from 3 to 4 (#900)
• 59f9acc Fix typos (#899)
• 4c06acd Update and improve Wasmi's readme (#898)
• 2354a20 Prepare release for Wasmi v0.32.0 beta.5 (#893)
• a4dc251 Fix heap buffer overflow due to Wasmi codegen bug (#892)
• e60da49 Add CI test job using LLVM's Address Sanitizer (#891)
• 28c770a Prepare release for Wasmi v0.32.0-beta.4 (#889)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.