githedgehog · daniel-noland · May 9, 2026 · May 9, 2026 · May 9, 2026 · May 9, 2026
@@ -14,5 +14,11 @@ CARGO_LLVM_COV_BUILD_DIR = { value = "target/llvm-cov/target", relative = true,
 [build]
 rustflags = ["--cfg=tokio_unstable"]
 
+[target.wasm32-wasip1]
+# Trailing `--` separates wasmtime's CLI from the module + module args
+# that cargo appends, so e.g. `--nocapture` from libtest reaches the
+# wasm module instead of being parsed as a wasmtime option.
+runner = "wasmtime run --dir . --"
+
 [alias]
 nt = "nextest"
@@ -143,3 +143,6 @@ test-group = 'vm'
 
 [test-groups]
 vm = { max-threads = 1 }
+
+[profile.miri]
+slow-timeout = { period = "500s" }
@@ -135,6 +135,7 @@ jobs:
         instrument=${{ matrix.build.instrument }}
         features=${{ matrix.features }}
         oci_repo=ghcr.io
+        jobs=${{ matrix.build.jobs || 8 }}
     strategy:
       fail-fast: false
       matrix:
@@ -271,7 +272,7 @@ jobs:
     runs-on: "lab"
     needs:
       - check_changes
-      - check
+      # - check
     permissions: *check-perms
     env: *check-env
     strategy:
@@ -280,9 +281,10 @@ jobs:
       matrix:
         build:
           - name: "address"
-            profile: "debug"
+            profile: "fuzz"
             sanitize: "address"
             instrument: "none"
+            jobs: 1
           - name: "thread"
             profile: "fuzz"
             sanitize: "thread"
@@ -325,6 +327,180 @@ jobs:
           recipe: "test-each"
       - *tmate
 
+  miri:
+    if: >-
+      ${{
+        needs.check_changes.outputs.devfiles == 'true'
+        || startsWith(github.event.ref, 'refs/tags/v')
+        || github.event_name == 'workflow_dispatch'
+      }}
+    name: "check/miri/${{ matrix.cpu }}"
+    runs-on: "lab"
+    needs:
+      - check_changes
+    permissions:
+      checks: "write"
+      pull-requests: "read"
+      contents: "read"
+      packages: "read"
+      id-token: "write"
+    env:
+      USER: "runner"
+    strategy:
+      fail-fast: false
+      max-parallel: 1
+      matrix:
+        include:
+          - cpu: "powerpc64" # ideal for testing concurrency due to very weak memory model (and is big endian)
+          # Disabled to save time in CI.  Enable if you are debugging memory issues and wish to bisect
+          # why something might pass on one CPU model but fail on another.
+          # Otherwise there is little benefit to enabling these CPUs in spite of their objectively more important
+          # support story.  They just don't really stress test endianness or memory model issues, and they don't
+          # meaningfully improve borrow check violation detection either.
+          # - cpu: "aarch64"
+          # - cpu: "x86_64"
+          # - cpu: "s390x" # this is miri's big endian CPU of choice, but it has a stronger memory model than powerpc64
+    steps:
+      - *checkout
+      - *nix-setup
+      - name: "all packages"
+        uses: *just
+        env:
+          JUST_VARS: >-
+            miri::cpu=${{ matrix.cpu }}
+        with:
+          recipe: "miri::test"
+      # quiescent is especially sensitive to concurrency violations and memory model issues so we run it
+      # again with and without strict provenance enabled and on many different random schedules
+      # The permissive provenance build runs with real arc-swap and could therefore catch issues which the strict can't.
+      # We run under extra schedules to make that effect stand out as much as possible (shuttle/loom can't test with the
+      # arc-swap in place either, so this is the closest we can get to fixing that coverage gap)
+      - name: "quiescent/permissive"
+        uses: *just
+        env:
+          JUST_VARS: >-
+            miri::seeds=8
+            miri::cpu=${{ matrix.cpu }}
+            miri::provenance=permissive
+        with:
+          recipe: "miri::test"
+          recipe_args: "--package=dataplane-quiescent"
+      - name: "quiescent/strict"
+        uses: *just
+        env:
+          JUST_VARS: >-
+            miri::cpu=${{ matrix.cpu }}
+            miri::provenance=strict
+        with:
+          recipe: "miri::test"
+          recipe_args: "--package=dataplane-quiescent --features=_strict_provenance"
+      - *tmate
+
+  wasm:
+    if: >-
+      ${{
+        needs.check_changes.outputs.devfiles == 'true'
+        || startsWith(github.event.ref, 'refs/tags/v')
+        || github.event_name == 'workflow_dispatch'
+      }}
+    name: "${{ matrix.platform }}/${{ matrix.libc }}/${{ matrix.profile }}"
+    runs-on: "lab"
+    needs:
+      - check_changes
+    permissions:
+      checks: "write"
+      pull-requests: "read"
+      contents: "read"
+      packages: "read"
+      id-token: "write"
+    env:
+      USER: "runner"
+    strategy:
+      fail-fast: false
+      max-parallel: 1
+      matrix:
+        include:
+          - platform: "wasm32-wasip1"
+            profile: "release"
+            libc: "none"
+            recipe:
+              name: "check"
+              args: ""
+    steps:
+      - *checkout
+      - *nix-setup
+      - name: "${{ matrix.platform }}/${{ matrix.libc }}/${{ matrix.profile }}"
+        uses: *just
+        env:
+          JUST_VARS: >-
+            platform=${{ matrix.platform }}
+            profile=${{ matrix.profile }}
+            libc=${{ matrix.libc }}
+        with:
+          recipe: "${{ matrix.recipe.name }}"
+          recipe_args: "${{ matrix.recipe.args }}"
+      - *tmate
+
+  cross:
+    if: >-
+      ${{
+        github.event_name == 'pull_request'
+        && (
+          contains(github.event.pull_request.labels.*.name, 'ci:+cross')
+        )
+        || (github.event_name == 'push' || github.event_name == 'merge_group')
+      }}
+    name: "${{ matrix.recipe.name }}/${{ matrix.recipe.args }}/${{ matrix.platform }}/${{ matrix.libc }}"
+    runs-on: "lab"
+    # Cross is advisory: leg failures show red on the job badge but the
+    # workflow run as a whole still passes.  `needs.cross.result` reports
+    # `success` to dependents regardless of outcome, so don't gate on it.
+    continue-on-error: true
+    needs:
+      - check_changes
+      - check
+      - miri
+      - wasm
+    permissions:
+      checks: "write"
+      pull-requests: "read"
+      contents: "read"
+      packages: "read"
+      id-token: "write"
+    env:
+      USER: "runner"
+    strategy:
+      fail-fast: false
+      max-parallel: 1
+      matrix:
+        platform:
+          - "aarch64"
+          - "bluefield3"
+        libc:
+          - "gnu"
+          - "musl"
+        profile:
+          - "debug"
+        recipe:
+          - name: "build-container"
+            args: "dataplane"
+          - name: "build-container"
+            args: "frr.dataplane"
+    steps:
+      - *checkout
+      - *nix-setup
+      - name: "${{ matrix.platform }}/${{ matrix.libc }}/${{ matrix.profile }}/${{ matrix.recipe.args }}"
+        uses: *just
+        env:
+          JUST_VARS: >-
+            platform=${{ matrix.platform }}
+            profile=${{ matrix.profile }}
+            libc=${{ matrix.libc }}
+        with:
+          recipe: "${{ matrix.recipe.name }}"
+          recipe_args: "${{ matrix.recipe.args }}"
+      - *tmate
+
   features:
     if: >-
       ${{
@@ -343,21 +519,18 @@ jobs:
       fail-fast: false
       max-parallel: 1
       matrix:
-        build:
-          - *release-build
-        features:
-          - "shuttle"
-          - "loom"
         include:
           # The `loom` feature flips `concurrency::sync` to loom's
           # primitives workspace-wide, which breaks crates that rely on
           # `Weak`, `Arc::downgrade`, etc. (those aren't in
           # `loom::sync`).  Scope the loom build to only the quiescent
           # package so workspace feature unification doesn't poison
           # unrelated crates.
-          - features: "loom"
+          - build: *release-build
+            features: "loom"
             test_package: "quiescent"
-          - features: "shuttle"
+          - build: *release-build
+            features: "shuttle"
             test_package: ""
     steps:
       - *checkout
@@ -463,6 +636,9 @@ jobs:
       - build
       - vlab
       - test_each
+      - miri
+      - wasm
+      - cross
     # Run always so this job can aggregate results even when one of its
     # dependencies failed or was skipped.
     #
@@ -491,11 +667,21 @@ jobs:
         run: |
           echo '::error:: Some sanitize job(s) failed'
           exit 1
+      - name: "Flag any miri matrix failures"
+        if: ${{ needs.miri.result != 'success' && needs.miri.result != 'skipped' }}
+        run: |
+          echo '::error:: Some miri job(s) failed'
+          exit 1
       - name: "Flag any build matrix failures"
         if: ${{ needs.build.result != 'success' && needs.build.result != 'skipped' }}
         run: |
           echo '::error:: Some build job(s) failed'
           exit 1
+      - name: "Flag any wasm failures"
+        if: ${{ needs.wasm.result != 'success' && needs.wasm.result != 'skipped' }}
+        run: |
+          echo '::error:: Some wasm job(s) failed'
+          exit 1
       - name: "Flag any vlab matrix failures"
         if: ${{ needs.vlab.result != 'success' && needs.vlab.result != 'skipped' }}
         run: |