1 use crate::component::instance::Instance; 2 use crate::component::matching::InstanceType; 3 use crate::component::storage::storage_as_slice; 4 use crate::component::types::ComponentFunc; 5 use crate::component::values::Val; 6 use crate::prelude::*; 7 use crate::runtime::vm::component::{ComponentInstance, InstanceFlags, ResourceTables}; 8 use crate::runtime::vm::{Export, VMFuncRef}; 9 use crate::store::StoreOpaque; 10 use crate::{AsContext, AsContextMut, StoreContextMut, ValRaw}; 11 use anyhow::Context as _; 12 use core::mem::{self, MaybeUninit}; 13 use core::ptr::NonNull; 14 use wasmtime_environ::component::{ 15 CanonicalOptions, ExportIndex, InterfaceType, MAX_FLAT_PARAMS, MAX_FLAT_RESULTS, OptionsIndex, 16 TypeFuncIndex, TypeTuple, 17 }; 18 19 #[cfg(feature = "component-model-async")] 20 use crate::component::concurrent::{self, AsAccessor, PreparedCall}; 21 22 mod host; 23 mod options; 24 mod typed; 25 pub use self::host::*; 26 pub use self::options::*; 27 pub use self::typed::*; 28 29 /// A WebAssembly component function which can be called. 30 /// 31 /// This type is the dual of [`wasmtime::Func`](crate::Func) for component 32 /// functions. An instance of [`Func`] represents a component function from a 33 /// component [`Instance`](crate::component::Instance). Like with 34 /// [`wasmtime::Func`](crate::Func) it's possible to call functions either 35 /// synchronously or asynchronously and either typed or untyped. 36 #[derive(Copy, Clone, Debug)] 37 #[repr(C)] // here for the C API. 38 pub struct Func { 39 instance: Instance, 40 index: ExportIndex, 41 } 42 43 // Double-check that the C representation in `component/instance.h` matches our 44 // in-Rust representation here in terms of size/alignment/etc. 45 const _: () = { 46 #[repr(C)] 47 struct T(u64, u32); 48 #[repr(C)] 49 struct C(T, u32); 50 assert!(core::mem::size_of::<C>() == core::mem::size_of::<Func>()); 51 assert!(core::mem::align_of::<C>() == core::mem::align_of::<Func>()); 52 assert!(core::mem::offset_of!(Func, instance) == 0); 53 }; 54 55 impl Func { 56 pub(crate) fn from_lifted_func(instance: Instance, index: ExportIndex) -> Func { 57 Func { instance, index } 58 } 59 60 /// Attempt to cast this [`Func`] to a statically typed [`TypedFunc`] with 61 /// the provided `Params` and `Return`. 62 /// 63 /// This function will perform a type-check at runtime that the [`Func`] 64 /// takes `Params` as parameters and returns `Return`. If the type-check 65 /// passes then a [`TypedFunc`] will be returned which can be used to 66 /// invoke the function in an efficient, statically-typed, and ergonomic 67 /// manner. 68 /// 69 /// The `Params` type parameter here is a tuple of the parameters to the 70 /// function. A function which takes no arguments should use `()`, a 71 /// function with one argument should use `(T,)`, etc. Note that all 72 /// `Params` must also implement the [`Lower`] trait since they're going 73 /// into wasm. 74 /// 75 /// The `Return` type parameter is the return value of this function. A 76 /// return value of `()` means that there's no return (similar to a Rust 77 /// unit return) and otherwise a type `T` can be specified. Note that the 78 /// `Return` must also implement the [`Lift`] trait since it's coming from 79 /// wasm. 80 /// 81 /// Types specified here must implement the [`ComponentType`] trait. This 82 /// trait is implemented for built-in types to Rust such as integer 83 /// primitives, floats, `Option<T>`, `Result<T, E>`, strings, `Vec<T>`, and 84 /// more. As parameters you'll be passing native Rust types. 85 /// 86 /// See the documentation for [`ComponentType`] for more information about 87 /// supported types. 88 /// 89 /// # Errors 90 /// 91 /// If the function does not actually take `Params` as its parameters or 92 /// return `Return` then an error will be returned. 93 /// 94 /// # Panics 95 /// 96 /// This function will panic if `self` is not owned by the `store` 97 /// specified. 98 /// 99 /// # Examples 100 /// 101 /// Calling a function which takes no parameters and has no return value: 102 /// 103 /// ``` 104 /// # use wasmtime::component::Func; 105 /// # use wasmtime::Store; 106 /// # fn foo(func: &Func, store: &mut Store<()>) -> anyhow::Result<()> { 107 /// let typed = func.typed::<(), ()>(&store)?; 108 /// typed.call(store, ())?; 109 /// # Ok(()) 110 /// # } 111 /// ``` 112 /// 113 /// Calling a function which takes one string parameter and returns a 114 /// string: 115 /// 116 /// ``` 117 /// # use wasmtime::component::Func; 118 /// # use wasmtime::Store; 119 /// # fn foo(func: &Func, mut store: Store<()>) -> anyhow::Result<()> { 120 /// let typed = func.typed::<(&str,), (String,)>(&store)?; 121 /// let ret = typed.call(&mut store, ("Hello, ",))?.0; 122 /// println!("returned string was: {}", ret); 123 /// # Ok(()) 124 /// # } 125 /// ``` 126 /// 127 /// Calling a function which takes multiple parameters and returns a boolean: 128 /// 129 /// ``` 130 /// # use wasmtime::component::Func; 131 /// # use wasmtime::Store; 132 /// # fn foo(func: &Func, mut store: Store<()>) -> anyhow::Result<()> { 133 /// let typed = func.typed::<(u32, Option<&str>, &[u8]), (bool,)>(&store)?; 134 /// let ok: bool = typed.call(&mut store, (1, Some("hello"), b"bytes!"))?.0; 135 /// println!("return value was: {ok}"); 136 /// # Ok(()) 137 /// # } 138 /// ``` 139 pub fn typed<Params, Return>(&self, store: impl AsContext) -> Result<TypedFunc<Params, Return>> 140 where 141 Params: ComponentNamedList + Lower, 142 Return: ComponentNamedList + Lift, 143 { 144 self._typed(store.as_context().0, None) 145 } 146 147 pub(crate) fn _typed<Params, Return>( 148 &self, 149 store: &StoreOpaque, 150 instance: Option<&ComponentInstance>, 151 ) -> Result<TypedFunc<Params, Return>> 152 where 153 Params: ComponentNamedList + Lower, 154 Return: ComponentNamedList + Lift, 155 { 156 self.typecheck::<Params, Return>(store, instance)?; 157 unsafe { Ok(TypedFunc::new_unchecked(*self)) } 158 } 159 160 fn typecheck<Params, Return>( 161 &self, 162 store: &StoreOpaque, 163 instance: Option<&ComponentInstance>, 164 ) -> Result<()> 165 where 166 Params: ComponentNamedList + Lower, 167 Return: ComponentNamedList + Lift, 168 { 169 let cx = InstanceType::new(instance.unwrap_or_else(|| self.instance.id().get(store))); 170 let ty = &cx.types[self.ty_index(store)]; 171 172 Params::typecheck(&InterfaceType::Tuple(ty.params), &cx) 173 .context("type mismatch with parameters")?; 174 Return::typecheck(&InterfaceType::Tuple(ty.results), &cx) 175 .context("type mismatch with results")?; 176 177 Ok(()) 178 } 179 180 /// Get the type of this function. 181 pub fn ty(&self, store: impl AsContext) -> ComponentFunc { 182 self.ty_(store.as_context().0) 183 } 184 185 fn ty_(&self, store: &StoreOpaque) -> ComponentFunc { 186 let cx = InstanceType::new(self.instance.id().get(store)); 187 let ty = self.ty_index(store); 188 ComponentFunc::from(ty, &cx) 189 } 190 191 fn ty_index(&self, store: &StoreOpaque) -> TypeFuncIndex { 192 let instance = self.instance.id().get(store); 193 let (ty, _, _) = instance.component().export_lifted_function(self.index); 194 ty 195 } 196 197 /// Invokes this function with the `params` given and returns the result. 198 /// 199 /// The `params` provided must match the parameters that this function takes 200 /// in terms of their types and the number of parameters. Results will be 201 /// written to the `results` slice provided if the call completes 202 /// successfully. The initial types of the values in `results` are ignored 203 /// and values are overwritten to write the result. It's required that the 204 /// size of `results` exactly matches the number of results that this 205 /// function produces. 206 /// 207 /// Note that after a function is invoked the embedder needs to invoke 208 /// [`Func::post_return`] to execute any final cleanup required by the 209 /// guest. This function call is required to either call the function again 210 /// or to call another function. 211 /// 212 /// For more detailed information see the documentation of 213 /// [`TypedFunc::call`]. 214 /// 215 /// # Errors 216 /// 217 /// Returns an error in situations including but not limited to: 218 /// 219 /// * `params` is not the right size or if the values have the wrong type 220 /// * `results` is not the right size 221 /// * A trap occurs while executing the function 222 /// * The function calls a host function which returns an error 223 /// 224 /// See [`TypedFunc::call`] for more information in addition to 225 /// [`wasmtime::Func::call`](crate::Func::call). 226 /// 227 /// # Panics 228 /// 229 /// Panics if this is called on a function in an asynchronous store. This 230 /// only works with functions defined within a synchronous store. Also 231 /// panics if `store` does not own this function. 232 pub fn call( 233 &self, 234 mut store: impl AsContextMut, 235 params: &[Val], 236 results: &mut [Val], 237 ) -> Result<()> { 238 let mut store = store.as_context_mut(); 239 assert!( 240 !store.0.async_support(), 241 "must use `call_async` when async support is enabled on the config" 242 ); 243 self.call_impl(&mut store.as_context_mut(), params, results) 244 } 245 246 /// Exactly like [`Self::call`] except for use on async stores. 247 /// 248 /// Note that after this [`Func::post_return_async`] will be used instead of 249 /// the synchronous version at [`Func::post_return`]. 250 /// 251 /// # Panics 252 /// 253 /// Panics if this is called on a function in a synchronous store. This 254 /// only works with functions defined within an asynchronous store. Also 255 /// panics if `store` does not own this function. 256 #[cfg(feature = "async")] 257 pub async fn call_async( 258 &self, 259 mut store: impl AsContextMut<Data: Send>, 260 params: &[Val], 261 results: &mut [Val], 262 ) -> Result<()> { 263 let store = store.as_context_mut(); 264 265 #[cfg(feature = "component-model-async")] 266 { 267 store 268 .run_concurrent_trap_on_idle(async |store| { 269 self.call_concurrent_dynamic(store, params, results, false) 270 .await 271 .map(drop) 272 }) 273 .await? 274 } 275 #[cfg(not(feature = "component-model-async"))] 276 { 277 assert!( 278 store.0.async_support(), 279 "cannot use `call_async` without enabling async support in the config" 280 ); 281 let mut store = store; 282 store 283 .on_fiber(|store| self.call_impl(store, params, results)) 284 .await? 285 } 286 } 287 288 fn check_params_results<T>( 289 &self, 290 store: StoreContextMut<T>, 291 params: &[Val], 292 results: &mut [Val], 293 ) -> Result<()> { 294 let ty = self.ty(&store); 295 if ty.params().len() != params.len() { 296 bail!( 297 "expected {} argument(s), got {}", 298 ty.params().len(), 299 params.len(), 300 ); 301 } 302 303 if ty.results().len() != results.len() { 304 bail!( 305 "expected {} result(s), got {}", 306 ty.results().len(), 307 results.len(), 308 ); 309 } 310 311 Ok(()) 312 } 313 314 /// Start a concurrent call to this function. 315 /// 316 /// Unlike [`Self::call`] and [`Self::call_async`] (both of which require 317 /// exclusive access to the store until the completion of the call), calls 318 /// made using this method may run concurrently with other calls to the same 319 /// instance. In addition, the runtime will call the `post-return` function 320 /// (if any) automatically when the guest task completes -- no need to 321 /// explicitly call `Func::post_return` afterward. 322 /// 323 /// This returns a [`TaskExit`] representing the completion of the guest 324 /// task and any transitive subtasks it might create. 325 /// 326 /// # Progress 327 /// 328 /// For the wasm task being created in `call_concurrent` to make progress it 329 /// must be run within the scope of [`run_concurrent`]. If there are no 330 /// active calls to [`run_concurrent`] then the wasm task will appear as 331 /// stalled. This is typically not a concern as an [`Accessor`] is bound 332 /// by default to a scope of [`run_concurrent`]. 333 /// 334 /// One situation in which this can arise, for example, is that if a 335 /// [`run_concurrent`] computation finishes its async closure before all 336 /// wasm tasks have completed, then there will be no scope of 337 /// [`run_concurrent`] anywhere. In this situation the wasm tasks that have 338 /// not yet completed will not make progress until [`run_concurrent`] is 339 /// called again. 340 /// 341 /// Embedders will need to ensure that this future is `await`'d within the 342 /// scope of [`run_concurrent`] to ensure that the value can be produced 343 /// during the `await` call. 344 /// 345 /// # Cancellation 346 /// 347 /// Cancelling an async task created via `call_concurrent`, at this time, is 348 /// only possible by dropping the store that the computation runs within. 349 /// With [#11833] implemented then it will be possible to request 350 /// cancellation of a task, but that is not yet implemented. Hard-cancelling 351 /// a task will only ever be possible by dropping the entire store and it is 352 /// not possible to remove just one task from a store. 353 /// 354 /// This async function behaves more like a "spawn" than a normal Rust async 355 /// function. When this function is invoked then metadata for the function 356 /// call is recorded in the store connected to the `accessor` argument and 357 /// the wasm invocation is from then on connected to the store. If the 358 /// future created by this function is dropped it does not cancel the 359 /// in-progress execution of the wasm task. Dropping the future 360 /// relinquishes the host's ability to learn about the result of the task 361 /// but the task will still progress and invoke callbacks and such until 362 /// completion. 363 /// 364 /// [`run_concurrent`]: crate::Store::run_concurrent 365 /// [#11833]: https://github.com/bytecodealliance/wasmtime/issues/11833 366 /// [`Accessor`]: crate::component::Accessor 367 /// 368 /// # Panics 369 /// 370 /// Panics if the store that the [`Accessor`] is derived from does not own 371 /// this function. 372 #[cfg(feature = "component-model-async")] 373 pub async fn call_concurrent( 374 self, 375 accessor: impl AsAccessor<Data: Send>, 376 params: &[Val], 377 results: &mut [Val], 378 ) -> Result<TaskExit> { 379 self.call_concurrent_dynamic(accessor, params, results, true) 380 .await 381 } 382 383 /// Internal helper function for `call_async` and `call_concurrent`. 384 #[cfg(feature = "component-model-async")] 385 async fn call_concurrent_dynamic( 386 self, 387 accessor: impl AsAccessor<Data: Send>, 388 params: &[Val], 389 results: &mut [Val], 390 call_post_return_automatically: bool, 391 ) -> Result<TaskExit> { 392 let result = accessor.as_accessor().with(|mut store| { 393 assert!( 394 store.as_context_mut().0.async_support(), 395 "cannot use `call_concurrent` when async support is not enabled on the config" 396 ); 397 self.check_params_results(store.as_context_mut(), params, results)?; 398 let prepared = self.prepare_call_dynamic( 399 store.as_context_mut(), 400 params.to_vec(), 401 call_post_return_automatically, 402 )?; 403 concurrent::queue_call(store.as_context_mut(), prepared) 404 })?; 405 406 let (run_results, rx) = result.await?; 407 assert_eq!(run_results.len(), results.len()); 408 for (result, slot) in run_results.into_iter().zip(results) { 409 *slot = result; 410 } 411 Ok(TaskExit(rx)) 412 } 413 414 /// Calls `concurrent::prepare_call` with monomorphized functions for 415 /// lowering the parameters and lifting the result. 416 #[cfg(feature = "component-model-async")] 417 fn prepare_call_dynamic<'a, T: Send + 'static>( 418 self, 419 mut store: StoreContextMut<'a, T>, 420 params: Vec<Val>, 421 call_post_return_automatically: bool, 422 ) -> Result<PreparedCall<Vec<Val>>> { 423 let store = store.as_context_mut(); 424 425 concurrent::prepare_call( 426 store, 427 self, 428 MAX_FLAT_PARAMS, 429 false, 430 call_post_return_automatically, 431 move |func, store, params_out| { 432 func.with_lower_context(store, call_post_return_automatically, |cx, ty| { 433 Self::lower_args(cx, ¶ms, ty, params_out) 434 }) 435 }, 436 move |func, store, results| { 437 let max_flat = if func.abi_async(store) { 438 MAX_FLAT_PARAMS 439 } else { 440 MAX_FLAT_RESULTS 441 }; 442 let results = func.with_lift_context(store, |cx, ty| { 443 Self::lift_results(cx, ty, results, max_flat)?.collect::<Result<Vec<_>>>() 444 })?; 445 Ok(Box::new(results)) 446 }, 447 ) 448 } 449 450 fn call_impl( 451 &self, 452 mut store: impl AsContextMut, 453 params: &[Val], 454 results: &mut [Val], 455 ) -> Result<()> { 456 let mut store = store.as_context_mut(); 457 458 self.check_params_results(store.as_context_mut(), params, results)?; 459 460 if self.abi_async(store.0) { 461 unreachable!( 462 "async-lifted exports should have failed validation \ 463 when `component-model-async` feature disabled" 464 ); 465 } 466 467 // SAFETY: the chosen representations of type parameters to `call_raw` 468 // here should be generally safe to work with: 469 // 470 // * parameters use `MaybeUninit<[MaybeUninit<ValRaw>; MAX_FLAT_PARAMS]>` 471 // which represents the maximal possible number of parameters that can 472 // be passed to lifted component functions. This is modeled with 473 // `MaybeUninit` to represent how it all starts as uninitialized and 474 // thus can't be safely read during lowering. 475 // 476 // * results are modeled as `[ValRaw; MAX_FLAT_RESULTS]` which 477 // represents the maximal size of values that can be returned. Note 478 // that if the function doesn't actually have a return value then the 479 // `ValRaw` inside the array will have undefined contents. That is 480 // safe in Rust, however, due to `ValRaw` being a `union`. The 481 // contents should dynamically not be read due to the type of the 482 // function used here matching the actual lift. 483 unsafe { 484 self.call_raw( 485 store, 486 |cx, ty, dst: &mut MaybeUninit<[MaybeUninit<ValRaw>; MAX_FLAT_PARAMS]>| { 487 // SAFETY: it's safe to assume that 488 // `MaybeUninit<array-of-maybe-uninit>` is initialized because 489 // each individual element is still considered uninitialized. 490 let dst: &mut [MaybeUninit<ValRaw>] = dst.assume_init_mut(); 491 Self::lower_args(cx, params, ty, dst) 492 }, 493 |cx, results_ty, src: &[ValRaw; MAX_FLAT_RESULTS]| { 494 let max_flat = MAX_FLAT_RESULTS; 495 for (result, slot) in 496 Self::lift_results(cx, results_ty, src, max_flat)?.zip(results) 497 { 498 *slot = result?; 499 } 500 Ok(()) 501 }, 502 ) 503 } 504 } 505 506 pub(crate) fn lifted_core_func(&self, store: &mut StoreOpaque) -> NonNull<VMFuncRef> { 507 let def = { 508 let instance = self.instance.id().get(store); 509 let (_ty, def, _options) = instance.component().export_lifted_function(self.index); 510 def.clone() 511 }; 512 match self.instance.lookup_vmdef(store, &def) { 513 Export::Function(f) => f.vm_func_ref(store), 514 _ => unreachable!(), 515 } 516 } 517 518 pub(crate) fn post_return_core_func(&self, store: &StoreOpaque) -> Option<NonNull<VMFuncRef>> { 519 let instance = self.instance.id().get(store); 520 let component = instance.component(); 521 let (_ty, _def, options) = component.export_lifted_function(self.index); 522 let post_return = component.env_component().options[options].post_return; 523 post_return.map(|i| instance.runtime_post_return(i)) 524 } 525 526 pub(crate) fn abi_async(&self, store: &StoreOpaque) -> bool { 527 let instance = self.instance.id().get(store); 528 let component = instance.component(); 529 let (_ty, _def, options) = component.export_lifted_function(self.index); 530 component.env_component().options[options].async_ 531 } 532 533 pub(crate) fn abi_info<'a>( 534 &self, 535 store: &'a StoreOpaque, 536 ) -> ( 537 OptionsIndex, 538 InstanceFlags, 539 TypeFuncIndex, 540 &'a CanonicalOptions, 541 ) { 542 let vminstance = self.instance.id().get(store); 543 let component = vminstance.component(); 544 let (ty, _def, options_index) = component.export_lifted_function(self.index); 545 let raw_options = &component.env_component().options[options_index]; 546 ( 547 options_index, 548 vminstance.instance_flags(raw_options.instance), 549 ty, 550 raw_options, 551 ) 552 } 553 554 /// Invokes the underlying wasm function, lowering arguments and lifting the 555 /// result. 556 /// 557 /// The `lower` function and `lift` function provided here are what actually 558 /// do the lowering and lifting. The `LowerParams` and `LowerReturn` types 559 /// are what will be allocated on the stack for this function call. They 560 /// should be appropriately sized for the lowering/lifting operation 561 /// happening. 562 /// 563 /// # Safety 564 /// 565 /// The safety of this function relies on the correct definitions of the 566 /// `LowerParams` and `LowerReturn` type. They must match the type of `self` 567 /// for the params/results that are going to be produced. Additionally 568 /// these types must be representable with a sequence of `ValRaw` values. 569 unsafe fn call_raw<T, Return, LowerParams, LowerReturn>( 570 &self, 571 mut store: StoreContextMut<'_, T>, 572 lower: impl FnOnce( 573 &mut LowerContext<'_, T>, 574 InterfaceType, 575 &mut MaybeUninit<LowerParams>, 576 ) -> Result<()>, 577 lift: impl FnOnce(&mut LiftContext<'_>, InterfaceType, &LowerReturn) -> Result<Return>, 578 ) -> Result<Return> 579 where 580 LowerParams: Copy, 581 LowerReturn: Copy, 582 { 583 let export = self.lifted_core_func(store.0); 584 585 #[repr(C)] 586 union Union<Params: Copy, Return: Copy> { 587 params: Params, 588 ret: Return, 589 } 590 591 let space = &mut MaybeUninit::<Union<LowerParams, LowerReturn>>::uninit(); 592 593 // Double-check the size/alignment of `space`, just in case. 594 // 595 // Note that this alone is not enough to guarantee the validity of the 596 // `unsafe` block below, but it's definitely required. In any case LLVM 597 // should be able to trivially see through these assertions and remove 598 // them in release mode. 599 let val_size = mem::size_of::<ValRaw>(); 600 let val_align = mem::align_of::<ValRaw>(); 601 assert!(mem::size_of_val(space) % val_size == 0); 602 assert!(mem::size_of_val(map_maybe_uninit!(space.params)) % val_size == 0); 603 assert!(mem::size_of_val(map_maybe_uninit!(space.ret)) % val_size == 0); 604 assert!(mem::align_of_val(space) == val_align); 605 assert!(mem::align_of_val(map_maybe_uninit!(space.params)) == val_align); 606 assert!(mem::align_of_val(map_maybe_uninit!(space.ret)) == val_align); 607 608 self.with_lower_context(store.as_context_mut(), false, |cx, ty| { 609 cx.enter_call(); 610 lower(cx, ty, map_maybe_uninit!(space.params)) 611 })?; 612 613 // SAFETY: We are providing the guarantee that all the inputs are valid. 614 // The various pointers passed in for the function are all valid since 615 // they're coming from our store, and the `params_and_results` should 616 // have the correct layout for the core wasm function we're calling. 617 // Note that this latter point relies on the correctness of this module 618 // and `ComponentType` implementations, hence `ComponentType` being an 619 // `unsafe` trait. 620 unsafe { 621 crate::Func::call_unchecked_raw( 622 &mut store, 623 export, 624 NonNull::new(core::ptr::slice_from_raw_parts_mut( 625 space.as_mut_ptr().cast(), 626 mem::size_of_val(space) / mem::size_of::<ValRaw>(), 627 )) 628 .unwrap(), 629 )?; 630 } 631 632 // SAFETY: We're relying on the correctness of the structure of 633 // `LowerReturn` and the type-checking performed to acquire the 634 // `TypedFunc` to make this safe. It should be the case that 635 // `LowerReturn` is the exact representation of the return value when 636 // interpreted as `[ValRaw]`, and additionally they should have the 637 // correct types for the function we just called (which filled in the 638 // return values). 639 let ret: &LowerReturn = unsafe { map_maybe_uninit!(space.ret).assume_init_ref() }; 640 641 // Lift the result into the host while managing post-return state 642 // here as well. 643 // 644 // After a successful lift the return value of the function, which 645 // is currently required to be 0 or 1 values according to the 646 // canonical ABI, is saved within the `Store`'s `FuncData`. This'll 647 // later get used in post-return. 648 // flags.set_needs_post_return(true); 649 let val = self.with_lift_context(store.0, |cx, ty| lift(cx, ty, ret))?; 650 651 // SAFETY: it's a contract of this function that `LowerReturn` is an 652 // appropriate representation of the result of this function. 653 let ret_slice = unsafe { storage_as_slice(ret) }; 654 655 self.instance.id().get_mut(store.0).post_return_arg_set( 656 self.index, 657 match ret_slice.len() { 658 0 => ValRaw::i32(0), 659 1 => ret_slice[0], 660 _ => unreachable!(), 661 }, 662 ); 663 return Ok(val); 664 } 665 666 /// Invokes the `post-return` canonical ABI option, if specified, after a 667 /// [`Func::call`] has finished. 668 /// 669 /// This function is a required method call after a [`Func::call`] completes 670 /// successfully. After the embedder has finished processing the return 671 /// value then this function must be invoked. 672 /// 673 /// # Errors 674 /// 675 /// This function will return an error in the case of a WebAssembly trap 676 /// happening during the execution of the `post-return` function, if 677 /// specified. 678 /// 679 /// # Panics 680 /// 681 /// This function will panic if it's not called under the correct 682 /// conditions. This can only be called after a previous invocation of 683 /// [`Func::call`] completes successfully, and this function can only 684 /// be called for the same [`Func`] that was `call`'d. 685 /// 686 /// If this function is called when [`Func::call`] was not previously 687 /// called, then it will panic. If a different [`Func`] for the same 688 /// component instance was invoked then this function will also panic 689 /// because the `post-return` needs to happen for the other function. 690 /// 691 /// Panics if this is called on a function in an asynchronous store. 692 /// This only works with functions defined within a synchronous store. 693 #[inline] 694 pub fn post_return(&self, mut store: impl AsContextMut) -> Result<()> { 695 let store = store.as_context_mut(); 696 assert!( 697 !store.0.async_support(), 698 "must use `post_return_async` when async support is enabled on the config" 699 ); 700 self.post_return_impl(store) 701 } 702 703 /// Exactly like [`Self::post_return`] except for use on async stores. 704 /// 705 /// # Panics 706 /// 707 /// Panics if this is called on a function in a synchronous store. This 708 /// only works with functions defined within an asynchronous store. 709 #[cfg(feature = "async")] 710 pub async fn post_return_async(&self, mut store: impl AsContextMut<Data: Send>) -> Result<()> { 711 let mut store = store.as_context_mut(); 712 assert!( 713 store.0.async_support(), 714 "cannot use `post_return_async` without enabling async support in the config" 715 ); 716 // Future optimization opportunity: conditionally use a fiber here since 717 // some func's post_return will not need the async context (i.e. end up 718 // calling async host functionality) 719 store.on_fiber(|store| self.post_return_impl(store)).await? 720 } 721 722 fn post_return_impl(&self, mut store: impl AsContextMut) -> Result<()> { 723 let mut store = store.as_context_mut(); 724 725 let index = self.index; 726 let vminstance = self.instance.id().get(store.0); 727 let component = vminstance.component(); 728 let (_ty, _def, options) = component.export_lifted_function(index); 729 let post_return = self.post_return_core_func(store.0); 730 let mut flags = 731 vminstance.instance_flags(component.env_component().options[options].instance); 732 let mut instance = self.instance.id().get_mut(store.0); 733 let post_return_arg = instance.as_mut().post_return_arg_take(index); 734 735 unsafe { 736 // First assert that the instance is in a "needs post return" state. 737 // This will ensure that the previous action on the instance was a 738 // function call above. This flag is only set after a component 739 // function returns so this also can't be called (as expected) 740 // during a host import for example. 741 // 742 // Note, though, that this assert is not sufficient because it just 743 // means some function on this instance needs its post-return 744 // called. We need a precise post-return for a particular function 745 // which is the second assert here (the `.expect`). That will assert 746 // that this function itself needs to have its post-return called. 747 // 748 // The theory at least is that these two asserts ensure component 749 // model semantics are upheld where the host properly calls 750 // `post_return` on the right function despite the call being a 751 // separate step in the API. 752 assert!( 753 flags.needs_post_return(), 754 "post_return can only be called after a function has previously been called", 755 ); 756 let post_return_arg = post_return_arg.expect("calling post_return on wrong function"); 757 758 // This is a sanity-check assert which shouldn't ever trip. 759 assert!(!flags.may_enter()); 760 761 // Unset the "needs post return" flag now that post-return is being 762 // processed. This will cause future invocations of this method to 763 // panic, even if the function call below traps. 764 flags.set_needs_post_return(false); 765 766 // Post return functions are forbidden from calling imports or 767 // intrinsics. 768 flags.set_may_leave(false); 769 770 // If the function actually had a `post-return` configured in its 771 // canonical options that's executed here. 772 // 773 // Note that if this traps (returns an error) this function 774 // intentionally leaves the instance in a "poisoned" state where it 775 // can no longer be entered because `may_enter` is `false`. 776 if let Some(func) = post_return { 777 crate::Func::call_unchecked_raw( 778 &mut store, 779 func, 780 NonNull::new(core::ptr::slice_from_raw_parts(&post_return_arg, 1).cast_mut()) 781 .unwrap(), 782 )?; 783 } 784 785 // And finally if everything completed successfully then the "may 786 // enter" and "may leave" flags are set to `true` again here which 787 // enables further use of the component. 788 flags.set_may_enter(true); 789 flags.set_may_leave(true); 790 791 let (calls, host_table, _, instance) = store 792 .0 793 .component_resource_state_with_instance(self.instance); 794 ResourceTables { 795 host_table: Some(host_table), 796 calls, 797 guest: Some(instance.guest_tables()), 798 } 799 .exit_call()?; 800 } 801 Ok(()) 802 } 803 804 fn lower_args<T>( 805 cx: &mut LowerContext<'_, T>, 806 params: &[Val], 807 params_ty: InterfaceType, 808 dst: &mut [MaybeUninit<ValRaw>], 809 ) -> Result<()> { 810 let params_ty = match params_ty { 811 InterfaceType::Tuple(i) => &cx.types[i], 812 _ => unreachable!(), 813 }; 814 if params_ty.abi.flat_count(MAX_FLAT_PARAMS).is_some() { 815 let dst = &mut dst.iter_mut(); 816 817 params 818 .iter() 819 .zip(params_ty.types.iter()) 820 .try_for_each(|(param, ty)| param.lower(cx, *ty, dst)) 821 } else { 822 Self::store_args(cx, ¶ms_ty, params, dst) 823 } 824 } 825 826 fn store_args<T>( 827 cx: &mut LowerContext<'_, T>, 828 params_ty: &TypeTuple, 829 args: &[Val], 830 dst: &mut [MaybeUninit<ValRaw>], 831 ) -> Result<()> { 832 let size = usize::try_from(params_ty.abi.size32).unwrap(); 833 let ptr = cx.realloc(0, 0, params_ty.abi.align32, size)?; 834 let mut offset = ptr; 835 for (ty, arg) in params_ty.types.iter().zip(args) { 836 let abi = cx.types.canonical_abi(ty); 837 arg.store(cx, *ty, abi.next_field32_size(&mut offset))?; 838 } 839 840 dst[0].write(ValRaw::i64(ptr as i64)); 841 842 Ok(()) 843 } 844 845 fn lift_results<'a, 'b>( 846 cx: &'a mut LiftContext<'b>, 847 results_ty: InterfaceType, 848 src: &'a [ValRaw], 849 max_flat: usize, 850 ) -> Result<Box<dyn Iterator<Item = Result<Val>> + 'a>> { 851 let results_ty = match results_ty { 852 InterfaceType::Tuple(i) => &cx.types[i], 853 _ => unreachable!(), 854 }; 855 if results_ty.abi.flat_count(max_flat).is_some() { 856 let mut flat = src.iter(); 857 Ok(Box::new( 858 results_ty 859 .types 860 .iter() 861 .map(move |ty| Val::lift(cx, *ty, &mut flat)), 862 )) 863 } else { 864 let iter = Self::load_results(cx, results_ty, &mut src.iter())?; 865 Ok(Box::new(iter)) 866 } 867 } 868 869 fn load_results<'a, 'b>( 870 cx: &'a mut LiftContext<'b>, 871 results_ty: &'a TypeTuple, 872 src: &mut core::slice::Iter<'_, ValRaw>, 873 ) -> Result<impl Iterator<Item = Result<Val>> + use<'a, 'b>> { 874 // FIXME(#4311): needs to read an i64 for memory64 875 let ptr = usize::try_from(src.next().unwrap().get_u32())?; 876 if ptr % usize::try_from(results_ty.abi.align32)? != 0 { 877 bail!("return pointer not aligned"); 878 } 879 880 let bytes = cx 881 .memory() 882 .get(ptr..) 883 .and_then(|b| b.get(..usize::try_from(results_ty.abi.size32).unwrap())) 884 .ok_or_else(|| anyhow::anyhow!("pointer out of bounds of memory"))?; 885 886 let mut offset = 0; 887 Ok(results_ty.types.iter().map(move |ty| { 888 let abi = cx.types.canonical_abi(ty); 889 let offset = abi.next_field32_size(&mut offset); 890 Val::load(cx, *ty, &bytes[offset..][..abi.size32 as usize]) 891 })) 892 } 893 894 #[cfg(feature = "component-model-async")] 895 pub(crate) fn instance(self) -> Instance { 896 self.instance 897 } 898 899 #[cfg(feature = "component-model-async")] 900 pub(crate) fn index(self) -> ExportIndex { 901 self.index 902 } 903 904 /// Creates a `LowerContext` using the configuration values of this lifted 905 /// function. 906 /// 907 /// The `lower` closure provided should perform the actual lowering and 908 /// return the result of the lowering operation which is then returned from 909 /// this function as well. 910 fn with_lower_context<T>( 911 self, 912 mut store: StoreContextMut<T>, 913 may_enter: bool, 914 lower: impl FnOnce(&mut LowerContext<T>, InterfaceType) -> Result<()>, 915 ) -> Result<()> { 916 let (options_idx, mut flags, ty, options) = self.abi_info(store.0); 917 let async_ = options.async_; 918 919 // Test the "may enter" flag which is a "lock" on this instance. 920 // This is immediately set to `false` afterwards and note that 921 // there's no on-cleanup setting this flag back to true. That's an 922 // intentional design aspect where if anything goes wrong internally 923 // from this point on the instance is considered "poisoned" and can 924 // never be entered again. The only time this flag is set to `true` 925 // again is after post-return logic has completed successfully. 926 unsafe { 927 if !flags.may_enter() { 928 bail!(crate::Trap::CannotEnterComponent); 929 } 930 flags.set_may_enter(false); 931 } 932 933 // Perform the actual lowering, where while this is running the 934 // component is forbidden from calling imports. 935 unsafe { 936 debug_assert!(flags.may_leave()); 937 flags.set_may_leave(false); 938 } 939 let mut cx = LowerContext::new(store.as_context_mut(), options_idx, self.instance); 940 let param_ty = InterfaceType::Tuple(cx.types[ty].params); 941 let result = lower(&mut cx, param_ty); 942 unsafe { flags.set_may_leave(true) }; 943 result?; 944 945 // If this is an async function and `may_enter == true` then we're 946 // allowed to reenter the component at this point, and otherwise flag a 947 // post-return call being required as we're about to enter wasm and 948 // afterwards need a post-return. 949 unsafe { 950 if may_enter && async_ { 951 flags.set_may_enter(true); 952 } else { 953 flags.set_needs_post_return(true); 954 } 955 } 956 957 Ok(()) 958 } 959 960 /// Creates a `LiftContext` using the configuration values with this lifted 961 /// function. 962 /// 963 /// The closure `lift` provided should actually perform the lift itself and 964 /// the result of that closure is returned from this function call as well. 965 fn with_lift_context<R>( 966 self, 967 store: &mut StoreOpaque, 968 lift: impl FnOnce(&mut LiftContext, InterfaceType) -> Result<R>, 969 ) -> Result<R> { 970 let (options, _flags, ty, _) = self.abi_info(store); 971 let mut cx = LiftContext::new(store, options, self.instance); 972 let ty = InterfaceType::Tuple(cx.types[ty].results); 973 lift(&mut cx, ty) 974 } 975 } 976 977 /// Represents the completion of a task created using 978 /// `[Typed]Func::call_concurrent`. 979 /// 980 /// In general, a guest task may continue running after returning a value. 981 /// Moreover, any given guest task may create its own subtasks before or after 982 /// returning and may exit before some or all of those subtasks have finished 983 /// running. In that case, the still-running subtasks will be "reparented" to 984 /// the nearest surviving caller, which may be the original host call. The 985 /// future returned by `TaskExit::block` will resolve once all transitive 986 /// subtasks created directly or indirectly by the original call to 987 /// `Instance::call_concurrent` have exited. 988 #[cfg(feature = "component-model-async")] 989 pub struct TaskExit(futures::channel::oneshot::Receiver<()>); 990 991 #[cfg(feature = "component-model-async")] 992 impl TaskExit { 993 /// Returns a future which will resolve once all transitive subtasks created 994 /// directly or indirectly by the original call to 995 /// `Instance::call_concurrent` have exited. 996 pub async fn block(self, accessor: impl AsAccessor<Data: Send>) { 997 // The current implementation makes no use of `accessor`, but future 998 // implementations might (e.g. by using a more efficient mechanism than 999 // a oneshot channel). 1000 _ = accessor; 1001 1002 // We don't care whether the sender sent us a value or was dropped 1003 // first; either one counts as a notification, so we ignore the result 1004 // once the future resolves: 1005 _ = self.0.await; 1006 } 1007 } 1008