1 use crate::error::OutOfMemory;
2 use crate::prelude::*;
3 use crate::runtime::vm::{
4 self, InterpreterRef, SendSyncPtr, StoreBox, VMArrayCallHostFuncContext,
5 VMCommonStackInformation, VMContext, VMFuncRef, VMFunctionImport, VMOpaqueContext,
6 VMStoreContext,
7 };
8 use crate::store::{Asyncness, AutoAssertNoGc, InstanceId, StoreId, StoreOpaque};
9 use crate::type_registry::RegisteredType;
10 use crate::{
11 AsContext, AsContextMut, CallHook, Engine, Extern, FuncType, Instance, ModuleExport, Ref,
12 StoreContext, StoreContextMut, Val, ValRaw, ValType,
13 };
14 use alloc::sync::Arc;
15 use core::convert::Infallible;
16 use core::ffi::c_void;
17 #[cfg(feature = "async")]
18 use core::future::Future;
19 use core::mem::{self, MaybeUninit};
20 use core::ptr::NonNull;
21 use wasmtime_environ::{PanicOnOom as _, VMSharedTypeIndex};
22
23 /// A reference to the abstract `nofunc` heap value.
24 ///
25 /// The are no instances of `(ref nofunc)`: it is an uninhabited type.
26 ///
27 /// There is precisely one instance of `(ref null nofunc)`, aka `nullfuncref`:
28 /// the null reference.
29 ///
30 /// This `NoFunc` Rust type's sole purpose is for use with [`Func::wrap`]- and
31 /// [`Func::typed`]-style APIs for statically typing a function as taking or
32 /// returning a `(ref null nofunc)` (aka `Option<NoFunc>`) which is always
33 /// `None`.
34 ///
35 /// # Example
36 ///
37 /// ```
38 /// # use wasmtime::*;
39 /// # fn _foo() -> Result<()> {
40 /// let mut config = Config::new();
41 /// config.wasm_function_references(true);
42 /// let engine = Engine::new(&config)?;
43 ///
44 /// let module = Module::new(
45 /// &engine,
46 /// r#"
47 /// (module
48 /// (func (export "f") (param (ref null nofunc))
49 /// ;; If the reference is null, return.
50 /// local.get 0
51 /// ref.is_null nofunc
52 /// br_if 0
53 ///
54 /// ;; If the reference was not null (which is impossible)
55 /// ;; then raise a trap.
56 /// unreachable
57 /// )
58 /// )
59 /// "#,
60 /// )?;
61 ///
62 /// let mut store = Store::new(&engine, ());
63 /// let instance = Instance::new(&mut store, &module, &[])?;
64 /// let f = instance.get_func(&mut store, "f").unwrap();
65 ///
66 /// // We can cast a `(ref null nofunc)`-taking function into a typed function that
67 /// // takes an `Option<NoFunc>` via the `Func::typed` method.
68 /// let f = f.typed::<Option<NoFunc>, ()>(&store)?;
69 ///
70 /// // We can call the typed function, passing the null `nofunc` reference.
71 /// let result = f.call(&mut store, NoFunc::null());
72 ///
73 /// // The function should not have trapped, because the reference we gave it was
74 /// // null (as it had to be, since `NoFunc` is uninhabited).
75 /// assert!(result.is_ok());
76 /// # Ok(())
77 /// # }
78 /// ```
79 #[derive(Copy, Clone, Debug, PartialEq, Eq)]
80 pub struct NoFunc {
81 _inner: Infallible,
82 }
83
84 impl NoFunc {
85 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference.
86 #[inline]
null() -> Option<NoFunc>87 pub fn null() -> Option<NoFunc> {
88 None
89 }
90
91 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
92 /// [`Ref`].
93 #[inline]
null_ref() -> Ref94 pub fn null_ref() -> Ref {
95 Ref::Func(None)
96 }
97
98 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
99 /// [`Val`].
100 #[inline]
null_val() -> Val101 pub fn null_val() -> Val {
102 Val::FuncRef(None)
103 }
104 }
105
106 /// A WebAssembly function which can be called.
107 ///
108 /// This type typically represents an exported function from a WebAssembly
109 /// module instance. In this case a [`Func`] belongs to an [`Instance`] and is
110 /// loaded from there. A [`Func`] may also represent a host function as well in
111 /// some cases, too.
112 ///
113 /// Functions can be called in a few different ways, either synchronous or async
114 /// and either typed or untyped (more on this below). Note that host functions
115 /// are normally inserted directly into a [`Linker`](crate::Linker) rather than
116 /// using this directly, but both options are available.
117 ///
118 /// # `Func` and `async`
119 ///
120 /// Functions from the perspective of WebAssembly are always synchronous. You
121 /// might have an `async` function in Rust, however, which you'd like to make
122 /// available from WebAssembly. Wasmtime supports asynchronously calling
123 /// WebAssembly through native stack switching. You can get some more
124 /// information about [asynchronous configs](crate#async), but
125 /// from the perspective of `Func` it's important to know that whether or not
126 /// your [`Store`](crate::Store) is asynchronous will dictate whether you call
127 /// functions through [`Func::call`] or [`Func::call_async`] (or the typed
128 /// wrappers such as [`TypedFunc::call`] vs [`TypedFunc::call_async`]).
129 ///
130 /// # To `Func::call` or to `Func::typed().call()`
131 ///
132 /// There's a 2x2 matrix of methods to call [`Func`]. Invocations can either be
133 /// asynchronous or synchronous. They can also be statically typed or not.
134 /// Whether or not an invocation is asynchronous is indicated via the method
135 /// being `async` and [`call_async`](Func::call_async) being the entry point.
136 /// Otherwise for statically typed or not your options are:
137 ///
138 /// * Dynamically typed - if you don't statically know the signature of the
139 /// function that you're calling you'll be using [`Func::call`] or
140 /// [`Func::call_async`]. These functions take a variable-length slice of
141 /// "boxed" arguments in their [`Val`] representation. Additionally the
142 /// results are returned as an owned slice of [`Val`]. These methods are not
143 /// optimized due to the dynamic type checks that must occur, in addition to
144 /// some dynamic allocations for where to put all the arguments. While this
145 /// allows you to call all possible wasm function signatures, if you're
146 /// looking for a speedier alternative you can also use...
147 ///
148 /// * Statically typed - if you statically know the type signature of the wasm
149 /// function you're calling, then you'll want to use the [`Func::typed`]
150 /// method to acquire an instance of [`TypedFunc`]. This structure is static proof
151 /// that the underlying wasm function has the ascripted type, and type
152 /// validation is only done once up-front. The [`TypedFunc::call`] and
153 /// [`TypedFunc::call_async`] methods are much more efficient than [`Func::call`]
154 /// and [`Func::call_async`] because the type signature is statically known.
155 /// This eschews runtime checks as much as possible to get into wasm as fast
156 /// as possible.
157 ///
158 /// # Examples
159 ///
160 /// One way to get a `Func` is from an [`Instance`] after you've instantiated
161 /// it:
162 ///
163 /// ```
164 /// # use wasmtime::*;
165 /// # fn main() -> Result<()> {
166 /// let engine = Engine::default();
167 /// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
168 /// let mut store = Store::new(&engine, ());
169 /// let instance = Instance::new(&mut store, &module, &[])?;
170 /// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
171 ///
172 /// // Work with `foo` as a `Func` at this point, such as calling it
173 /// // dynamically...
174 /// match foo.call(&mut store, &[], &mut []) {
175 /// Ok(()) => { /* ... */ }
176 /// Err(trap) => {
177 /// panic!("execution of `foo` resulted in a wasm trap: {}", trap);
178 /// }
179 /// }
180 /// foo.call(&mut store, &[], &mut [])?;
181 ///
182 /// // ... or we can make a static assertion about its signature and call it.
183 /// // Our first call here can fail if the signatures don't match, and then the
184 /// // second call can fail if the function traps (like the `match` above).
185 /// let foo = foo.typed::<(), ()>(&store)?;
186 /// foo.call(&mut store, ())?;
187 /// # Ok(())
188 /// # }
189 /// ```
190 ///
191 /// You can also use the [`wrap` function](Func::wrap) to create a
192 /// `Func`
193 ///
194 /// ```
195 /// # use wasmtime::*;
196 /// # fn main() -> Result<()> {
197 /// let mut store = Store::<()>::default();
198 ///
199 /// // Create a custom `Func` which can execute arbitrary code inside of the
200 /// // closure.
201 /// let add = Func::wrap(&mut store, |a: i32, b: i32| -> i32 { a + b });
202 ///
203 /// // Next we can hook that up to a wasm module which uses it.
204 /// let module = Module::new(
205 /// store.engine(),
206 /// r#"
207 /// (module
208 /// (import "" "" (func $add (param i32 i32) (result i32)))
209 /// (func (export "call_add_twice") (result i32)
210 /// i32.const 1
211 /// i32.const 2
212 /// call $add
213 /// i32.const 3
214 /// i32.const 4
215 /// call $add
216 /// i32.add))
217 /// "#,
218 /// )?;
219 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
220 /// let call_add_twice = instance.get_typed_func::<(), i32>(&mut store, "call_add_twice")?;
221 ///
222 /// assert_eq!(call_add_twice.call(&mut store, ())?, 10);
223 /// # Ok(())
224 /// # }
225 /// ```
226 ///
227 /// Or you could also create an entirely dynamic `Func`!
228 ///
229 /// ```
230 /// # use wasmtime::*;
231 /// # fn main() -> Result<()> {
232 /// let mut store = Store::<()>::default();
233 ///
234 /// // Here we need to define the type signature of our `Double` function and
235 /// // then wrap it up in a `Func`
236 /// let double_type = wasmtime::FuncType::new(
237 /// store.engine(),
238 /// [wasmtime::ValType::I32].iter().cloned(),
239 /// [wasmtime::ValType::I32].iter().cloned(),
240 /// );
241 /// let double = Func::new(&mut store, double_type, |_, params, results| {
242 /// let mut value = params[0].unwrap_i32();
243 /// value *= 2;
244 /// results[0] = value.into();
245 /// Ok(())
246 /// });
247 ///
248 /// let module = Module::new(
249 /// store.engine(),
250 /// r#"
251 /// (module
252 /// (import "" "" (func $double (param i32) (result i32)))
253 /// (func $start
254 /// i32.const 1
255 /// call $double
256 /// drop)
257 /// (start $start))
258 /// "#,
259 /// )?;
260 /// let instance = Instance::new(&mut store, &module, &[double.into()])?;
261 /// // .. work with `instance` if necessary
262 /// # Ok(())
263 /// # }
264 /// ```
265 #[derive(Copy, Clone, Debug)]
266 #[repr(C)] // here for the C API
267 pub struct Func {
268 /// The store that the below pointer belongs to.
269 ///
270 /// It's only safe to look at the contents of the pointer below when the
271 /// `StoreOpaque` matching this id is in-scope.
272 store: StoreId,
273
274 /// The raw `VMFuncRef`, whose lifetime is bound to the store this func
275 /// belongs to.
276 ///
277 /// Note that this field has an `unsafe_*` prefix to discourage use of it.
278 /// This is only safe to read/use if `self.store` is validated to belong to
279 /// an ambiently provided `StoreOpaque` or similar. Use the
280 /// `self.func_ref()` method instead of this field to perform this check.
281 unsafe_func_ref: SendSyncPtr<VMFuncRef>,
282 }
283
284 // Double-check that the C representation in `extern.h` matches our in-Rust
285 // representation here in terms of size/alignment/etc.
286 const _: () = {
287 #[repr(C)]
288 struct C(u64, *mut u8);
289 assert!(core::mem::size_of::<C>() == core::mem::size_of::<Func>());
290 assert!(core::mem::align_of::<C>() == core::mem::align_of::<Func>());
291 assert!(core::mem::offset_of!(Func, store) == 0);
292 };
293
294 macro_rules! for_each_function_signature {
295 ($mac:ident) => {
296 $mac!(0);
297 $mac!(1 A1);
298 $mac!(2 A1 A2);
299 $mac!(3 A1 A2 A3);
300 $mac!(4 A1 A2 A3 A4);
301 $mac!(5 A1 A2 A3 A4 A5);
302 $mac!(6 A1 A2 A3 A4 A5 A6);
303 $mac!(7 A1 A2 A3 A4 A5 A6 A7);
304 $mac!(8 A1 A2 A3 A4 A5 A6 A7 A8);
305 $mac!(9 A1 A2 A3 A4 A5 A6 A7 A8 A9);
306 $mac!(10 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10);
307 $mac!(11 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11);
308 $mac!(12 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12);
309 $mac!(13 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13);
310 $mac!(14 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14);
311 $mac!(15 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15);
312 $mac!(16 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16);
313 $mac!(17 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16 A17);
314 };
315 }
316
317 mod typed;
318 use crate::runtime::vm::VMStackChain;
319 pub use typed::*;
320
321 impl Func {
322 /// Creates a new `Func` with the given arguments, typically to create a
323 /// host-defined function to pass as an import to a module.
324 ///
325 /// * `store` - the store in which to create this [`Func`], which will own
326 /// the return value.
327 ///
328 /// * `ty` - the signature of this function, used to indicate what the
329 /// inputs and outputs are.
330 ///
331 /// * `func` - the native code invoked whenever this `Func` will be called.
332 /// This closure is provided a [`Caller`] as its first argument to learn
333 /// information about the caller, and then it's passed a list of
334 /// parameters as a slice along with a mutable slice of where to write
335 /// results.
336 ///
337 /// Note that the implementation of `func` must adhere to the `ty` signature
338 /// given, error or traps may occur if it does not respect the `ty`
339 /// signature. For example if the function type declares that it returns one
340 /// i32 but the `func` closures does not write anything into the results
341 /// slice then a trap may be generated.
342 ///
343 /// Additionally note that this is quite a dynamic function since signatures
344 /// are not statically known. For a more performant and ergonomic `Func`
345 /// it's recommended to use [`Func::wrap`] if you can because with
346 /// statically known signatures Wasmtime can optimize the implementation
347 /// much more.
348 ///
349 /// For more information about `Send + Sync + 'static` requirements on the
350 /// `func`, see [`Func::wrap`](#why-send--sync--static).
351 ///
352 /// # Errors
353 ///
354 /// The host-provided function here returns a
355 /// [`Result<()>`](crate::Result). If the function returns `Ok(())` then
356 /// that indicates that the host function completed successfully and wrote
357 /// the result into the `&mut [Val]` argument.
358 ///
359 /// If the function returns `Err(e)`, however, then this is equivalent to
360 /// the host function triggering a trap for wasm. WebAssembly execution is
361 /// immediately halted and the original caller of [`Func::call`], for
362 /// example, will receive the error returned here (possibly with
363 /// [`WasmBacktrace`](crate::WasmBacktrace) context information attached).
364 ///
365 /// For more information about errors in Wasmtime see the [`Trap`]
366 /// documentation.
367 ///
368 /// [`Trap`]: crate::Trap
369 ///
370 /// # Panics
371 ///
372 /// Panics if the given function type is not associated with this store's
373 /// engine.
new<T: 'static>( store: impl AsContextMut<Data = T>, ty: FuncType, func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static, ) -> Self374 pub fn new<T: 'static>(
375 store: impl AsContextMut<Data = T>,
376 ty: FuncType,
377 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
378 ) -> Self {
379 Self::try_new_(store, ty, func).panic_on_oom()
380 }
381
382 /// Same as [`Func::new`] but returns an error instead of panicking on
383 /// allocation failure.
try_new<T: 'static>( store: impl AsContextMut<Data = T>, ty: FuncType, func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static, ) -> Result<Self>384 pub fn try_new<T: 'static>(
385 store: impl AsContextMut<Data = T>,
386 ty: FuncType,
387 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
388 ) -> Result<Self> {
389 Ok(Self::try_new_(store, ty, func)?)
390 }
391
try_new_<T: 'static>( mut store: impl AsContextMut<Data = T>, ty: FuncType, func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static, ) -> Result<Self, OutOfMemory>392 fn try_new_<T: 'static>(
393 mut store: impl AsContextMut<Data = T>,
394 ty: FuncType,
395 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
396 ) -> Result<Self, OutOfMemory> {
397 let store = store.as_context_mut().0;
398 let host = HostFunc::new(store.engine(), ty, func)?;
399
400 // SAFETY: the `T` used by `func` matches the `T` of the store we're
401 // inserting into via this function's type signature.
402 unsafe { host.into_func(store) }
403 }
404
405 /// Creates a new [`Func`] with the given arguments, although has fewer
406 /// runtime checks than [`Func::new`].
407 ///
408 /// This function takes a callback of a different signature than
409 /// [`Func::new`], instead receiving a raw pointer with a list of [`ValRaw`]
410 /// structures. These values have no type information associated with them
411 /// so it's up to the caller to provide a function that will correctly
412 /// interpret the list of values as those coming from the `ty` specified.
413 ///
414 /// If you're calling this from Rust it's recommended to either instead use
415 /// [`Func::new`] or [`Func::wrap`]. The [`Func::wrap`] API, in particular,
416 /// is both safer and faster than this API.
417 ///
418 /// # Errors
419 ///
420 /// See [`Func::new`] for the behavior of returning an error from the host
421 /// function provided here.
422 ///
423 /// # Unsafety
424 ///
425 /// This function is not safe because it's not known at compile time that
426 /// the `func` provided correctly interprets the argument types provided to
427 /// it, or that the results it produces will be of the correct type.
428 ///
429 /// # Panics
430 ///
431 /// Panics if the given function type is not associated with this store's
432 /// engine.
new_unchecked<T: 'static>( mut store: impl AsContextMut<Data = T>, ty: FuncType, func: impl Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static, ) -> Self433 pub unsafe fn new_unchecked<T: 'static>(
434 mut store: impl AsContextMut<Data = T>,
435 ty: FuncType,
436 func: impl Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static,
437 ) -> Self {
438 let store = store.as_context_mut().0;
439
440 // SAFETY: the contract required by `new_unchecked` is the same as the
441 // contract required by this function itself.
442 let host = unsafe { HostFunc::new_unchecked(store.engine(), ty, func).panic_on_oom() };
443
444 // SAFETY: the `T` used by `func` matches the `T` of the store we're
445 // inserting into via this function's type signature.
446 unsafe { host.into_func(store).panic_on_oom() }
447 }
448
449 /// Creates a new host-defined WebAssembly function which, when called,
450 /// will run the asynchronous computation defined by `func` to completion
451 /// and then return the result to WebAssembly.
452 ///
453 /// This function is the asynchronous analogue of [`Func::new`] and much of
454 /// that documentation applies to this as well. The key difference is that
455 /// `func` returns a future instead of simply a `Result`. Note that the
456 /// returned future can close over any of the arguments, but it cannot close
457 /// over the state of the closure itself. It's recommended to store any
458 /// necessary async state in the `T` of the [`Store<T>`](crate::Store) which
459 /// can be accessed through [`Caller::data`] or [`Caller::data_mut`].
460 ///
461 /// For more information on `Send + Sync + 'static`, see
462 /// [`Func::wrap`](#why-send--sync--static).
463 ///
464 /// # Panics
465 ///
466 /// Panics if the given function type is not associated with this store's
467 /// engine.
468 ///
469 /// # Errors
470 ///
471 /// See [`Func::new`] for the behavior of returning an error from the host
472 /// function provided here.
473 ///
474 /// # Examples
475 ///
476 /// ```
477 /// # use wasmtime::*;
478 /// # fn main() -> Result<()> {
479 /// // Simulate some application-specific state as well as asynchronous
480 /// // functions to query that state.
481 /// struct MyDatabase {
482 /// // ...
483 /// }
484 ///
485 /// impl MyDatabase {
486 /// async fn get_row_count(&self) -> u32 {
487 /// // ...
488 /// # 100
489 /// }
490 /// }
491 ///
492 /// let my_database = MyDatabase {
493 /// // ...
494 /// };
495 ///
496 /// // Using `new_async` we can hook up into calling our async
497 /// // `get_row_count` function.
498 /// let engine = Engine::default();
499 /// let mut store = Store::new(&engine, MyDatabase {
500 /// // ...
501 /// });
502 /// let get_row_count_type = wasmtime::FuncType::new(
503 /// &engine,
504 /// None,
505 /// Some(wasmtime::ValType::I32),
506 /// );
507 /// let get = Func::new_async(&mut store, get_row_count_type, |caller, _params, results| {
508 /// Box::new(async move {
509 /// let count = caller.data().get_row_count().await;
510 /// results[0] = Val::I32(count as i32);
511 /// Ok(())
512 /// })
513 /// });
514 /// // ...
515 /// # Ok(())
516 /// # }
517 /// ```
518 #[cfg(feature = "async")]
new_async<T, F>(mut store: impl AsContextMut<Data = T>, ty: FuncType, func: F) -> Func where F: for<'a> Fn( Caller<'a, T>, &'a [Val], &'a mut [Val], ) -> Box<dyn Future<Output = Result<()>> + Send + 'a> + Send + Sync + 'static, T: Send + 'static,519 pub fn new_async<T, F>(mut store: impl AsContextMut<Data = T>, ty: FuncType, func: F) -> Func
520 where
521 F: for<'a> Fn(
522 Caller<'a, T>,
523 &'a [Val],
524 &'a mut [Val],
525 ) -> Box<dyn Future<Output = Result<()>> + Send + 'a>
526 + Send
527 + Sync
528 + 'static,
529 T: Send + 'static,
530 {
531 let store = store.as_context_mut().0;
532
533 let host = HostFunc::new_async(store.engine(), ty, func).panic_on_oom();
534
535 // SAFETY: the `T` used by `func` matches the `T` of the store we're
536 // inserting into via this function's type signature.
537 unsafe { host.into_func(store).panic_on_oom() }
538 }
539
540 /// Creates a new `Func` from a store and a funcref within that store.
541 ///
542 /// # Safety
543 ///
544 /// The safety of this function requires that `func_ref` is a valid function
545 /// pointer owned by `store`.
from_vm_func_ref(store: StoreId, func_ref: NonNull<VMFuncRef>) -> Func546 pub(crate) unsafe fn from_vm_func_ref(store: StoreId, func_ref: NonNull<VMFuncRef>) -> Func {
547 // SAFETY: given the contract of this function it's safe to read the
548 // `type_index` field.
549 unsafe {
550 debug_assert!(func_ref.as_ref().type_index != VMSharedTypeIndex::default());
551 }
552 Func {
553 store,
554 unsafe_func_ref: func_ref.into(),
555 }
556 }
557
558 /// Creates a new `Func` from the given Rust closure.
559 ///
560 /// This function will create a new `Func` which, when called, will
561 /// execute the given Rust closure. Unlike [`Func::new`] the target
562 /// function being called is known statically so the type signature can
563 /// be inferred. Rust types will map to WebAssembly types as follows:
564 ///
565 /// | Rust Argument Type | WebAssembly Type |
566 /// |-----------------------------------|-------------------------------------------|
567 /// | `i32` | `i32` |
568 /// | `u32` | `i32` |
569 /// | `i64` | `i64` |
570 /// | `u64` | `i64` |
571 /// | `f32` | `f32` |
572 /// | `f64` | `f64` |
573 /// | `V128` on x86-64 and aarch64 only | `v128` |
574 /// | `Option<Func>` | `funcref` aka `(ref null func)` |
575 /// | `Func` | `(ref func)` |
576 /// | `Option<Nofunc>` | `nullfuncref` aka `(ref null nofunc)` |
577 /// | `NoFunc` | `(ref nofunc)` |
578 /// | `Option<Rooted<ExternRef>>` | `externref` aka `(ref null extern)` |
579 /// | `Rooted<ExternRef>` | `(ref extern)` |
580 /// | `Option<NoExtern>` | `nullexternref` aka `(ref null noextern)` |
581 /// | `NoExtern` | `(ref noextern)` |
582 /// | `Option<Rooted<AnyRef>>` | `anyref` aka `(ref null any)` |
583 /// | `Rooted<AnyRef>` | `(ref any)` |
584 /// | `Option<Rooted<EqRef>>` | `eqref` aka `(ref null eq)` |
585 /// | `Rooted<EqRef>` | `(ref eq)` |
586 /// | `Option<I31>` | `i31ref` aka `(ref null i31)` |
587 /// | `I31` | `(ref i31)` |
588 /// | `Option<Rooted<StructRef>>` | `(ref null struct)` |
589 /// | `Rooted<StructRef>` | `(ref struct)` |
590 /// | `Option<Rooted<ArrayRef>>` | `(ref null array)` |
591 /// | `Rooted<ArrayRef>` | `(ref array)` |
592 /// | `Option<NoneRef>` | `nullref` aka `(ref null none)` |
593 /// | `NoneRef` | `(ref none)` |
594 ///
595 /// Note that anywhere a `Rooted<T>` appears, a `OwnedRooted<T>` may also
596 /// be used.
597 ///
598 /// Any of the Rust types can be returned from the closure as well, in
599 /// addition to some extra types
600 ///
601 /// | Rust Return Type | WebAssembly Return Type | Meaning |
602 /// |-------------------|-------------------------|-----------------------|
603 /// | `()` | nothing | no return value |
604 /// | `T` | `T` | a single return value |
605 /// | `(T1, T2, ...)` | `T1 T2 ...` | multiple returns |
606 ///
607 /// Note that all return types can also be wrapped in `Result<_>` to
608 /// indicate that the host function can generate a trap as well as possibly
609 /// returning a value.
610 ///
611 /// Finally you can also optionally take [`Caller`] as the first argument of
612 /// your closure. If inserted then you're able to inspect the caller's
613 /// state, for example the [`Memory`](crate::Memory) it has exported so you
614 /// can read what pointers point to.
615 ///
616 /// Note that when using this API, the intention is to create as thin of a
617 /// layer as possible for when WebAssembly calls the function provided. With
618 /// sufficient inlining and optimization the WebAssembly will call straight
619 /// into `func` provided, with no extra fluff entailed.
620 ///
621 /// # Why `Send + Sync + 'static`?
622 ///
623 /// All host functions defined in a [`Store`](crate::Store) (including
624 /// those from [`Func::new`] and other constructors) require that the
625 /// `func` provided is `Send + Sync + 'static`. Additionally host functions
626 /// always are `Fn` as opposed to `FnMut` or `FnOnce`. This can at-a-glance
627 /// feel restrictive since the closure cannot close over as many types as
628 /// before. The reason for this, though, is to ensure that
629 /// [`Store<T>`](crate::Store) can implement both the `Send` and `Sync`
630 /// traits.
631 ///
632 /// Fear not, however, because this isn't as restrictive as it seems! Host
633 /// functions are provided a [`Caller<'_, T>`](crate::Caller) argument which
634 /// allows access to the host-defined data within the
635 /// [`Store`](crate::Store). The `T` type is not required to be any of
636 /// `Send`, `Sync`, or `'static`! This means that you can store whatever
637 /// you'd like in `T` and have it accessible by all host functions.
638 /// Additionally mutable access to `T` is allowed through
639 /// [`Caller::data_mut`].
640 ///
641 /// Most host-defined [`Func`] values provide closures that end up not
642 /// actually closing over any values. These zero-sized types will use the
643 /// context from [`Caller`] for host-defined information.
644 ///
645 /// # Errors
646 ///
647 /// The closure provided here to `wrap` can optionally return a
648 /// [`Result<T>`](crate::Result). Returning `Ok(t)` represents the host
649 /// function successfully completing with the `t` result. Returning
650 /// `Err(e)`, however, is equivalent to raising a custom wasm trap.
651 /// Execution of WebAssembly does not resume and the stack is unwound to the
652 /// original caller of the function where the error is returned.
653 ///
654 /// For more information about errors in Wasmtime see the [`Trap`]
655 /// documentation.
656 ///
657 /// [`Trap`]: crate::Trap
658 ///
659 /// # Examples
660 ///
661 /// First up we can see how simple wasm imports can be implemented, such
662 /// as a function that adds its two arguments and returns the result.
663 ///
664 /// ```
665 /// # use wasmtime::*;
666 /// # fn main() -> Result<()> {
667 /// # let mut store = Store::<()>::default();
668 /// let add = Func::wrap(&mut store, |a: i32, b: i32| a + b);
669 /// let module = Module::new(
670 /// store.engine(),
671 /// r#"
672 /// (module
673 /// (import "" "" (func $add (param i32 i32) (result i32)))
674 /// (func (export "foo") (param i32 i32) (result i32)
675 /// local.get 0
676 /// local.get 1
677 /// call $add))
678 /// "#,
679 /// )?;
680 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
681 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
682 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
683 /// # Ok(())
684 /// # }
685 /// ```
686 ///
687 /// We can also do the same thing, but generate a trap if the addition
688 /// overflows:
689 ///
690 /// ```
691 /// # use wasmtime::*;
692 /// # fn main() -> Result<()> {
693 /// # let mut store = Store::<()>::default();
694 /// let add = Func::wrap(&mut store, |a: i32, b: i32| {
695 /// match a.checked_add(b) {
696 /// Some(i) => Ok(i),
697 /// None => bail!("overflow"),
698 /// }
699 /// });
700 /// let module = Module::new(
701 /// store.engine(),
702 /// r#"
703 /// (module
704 /// (import "" "" (func $add (param i32 i32) (result i32)))
705 /// (func (export "foo") (param i32 i32) (result i32)
706 /// local.get 0
707 /// local.get 1
708 /// call $add))
709 /// "#,
710 /// )?;
711 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
712 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
713 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
714 /// assert!(foo.call(&mut store, (i32::max_value(), 1)).is_err());
715 /// # Ok(())
716 /// # }
717 /// ```
718 ///
719 /// And don't forget all the wasm types are supported!
720 ///
721 /// ```
722 /// # use wasmtime::*;
723 /// # fn main() -> Result<()> {
724 /// # let mut store = Store::<()>::default();
725 /// let debug = Func::wrap(&mut store, |a: i32, b: u32, c: f32, d: i64, e: u64, f: f64| {
726 ///
727 /// println!("a={}", a);
728 /// println!("b={}", b);
729 /// println!("c={}", c);
730 /// println!("d={}", d);
731 /// println!("e={}", e);
732 /// println!("f={}", f);
733 /// });
734 /// let module = Module::new(
735 /// store.engine(),
736 /// r#"
737 /// (module
738 /// (import "" "" (func $debug (param i32 i32 f32 i64 i64 f64)))
739 /// (func (export "foo")
740 /// i32.const -1
741 /// i32.const 1
742 /// f32.const 2
743 /// i64.const -3
744 /// i64.const 3
745 /// f64.const 4
746 /// call $debug))
747 /// "#,
748 /// )?;
749 /// let instance = Instance::new(&mut store, &module, &[debug.into()])?;
750 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
751 /// foo.call(&mut store, ())?;
752 /// # Ok(())
753 /// # }
754 /// ```
755 ///
756 /// Finally if you want to get really fancy you can also implement
757 /// imports that read/write wasm module's memory
758 ///
759 /// ```
760 /// use std::str;
761 ///
762 /// # use wasmtime::*;
763 /// # fn main() -> Result<()> {
764 /// # let mut store = Store::default();
765 /// let log_str = Func::wrap(&mut store, |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
766 /// let mem = match caller.get_export("memory") {
767 /// Some(Extern::Memory(mem)) => mem,
768 /// _ => bail!("failed to find host memory"),
769 /// };
770 /// let data = mem.data(&caller)
771 /// .get(ptr as u32 as usize..)
772 /// .and_then(|arr| arr.get(..len as u32 as usize));
773 /// let string = match data {
774 /// Some(data) => match str::from_utf8(data) {
775 /// Ok(s) => s,
776 /// Err(_) => bail!("invalid utf-8"),
777 /// },
778 /// None => bail!("pointer/length out of bounds"),
779 /// };
780 /// assert_eq!(string, "Hello, world!");
781 /// println!("{}", string);
782 /// Ok(())
783 /// });
784 /// let module = Module::new(
785 /// store.engine(),
786 /// r#"
787 /// (module
788 /// (import "" "" (func $log_str (param i32 i32)))
789 /// (func (export "foo")
790 /// i32.const 4 ;; ptr
791 /// i32.const 13 ;; len
792 /// call $log_str)
793 /// (memory (export "memory") 1)
794 /// (data (i32.const 4) "Hello, world!"))
795 /// "#,
796 /// )?;
797 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
798 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
799 /// foo.call(&mut store, ())?;
800 /// # Ok(())
801 /// # }
802 /// ```
wrap<T, Params, Results>( store: impl AsContextMut<Data = T>, func: impl IntoFunc<T, Params, Results>, ) -> Func where T: 'static,803 pub fn wrap<T, Params, Results>(
804 store: impl AsContextMut<Data = T>,
805 func: impl IntoFunc<T, Params, Results>,
806 ) -> Func
807 where
808 T: 'static,
809 {
810 Self::try_wrap(store, func).expect(
811 "allocation failure during `Func::wrap` (use `Func::try_wrap` to handle such errors)",
812 )
813 }
814
815 /// Fallible version of [`Func::wrap`] that returns an error on
816 /// out-of-memory instead of panicking.
try_wrap<T, Params, Results>( mut store: impl AsContextMut<Data = T>, func: impl IntoFunc<T, Params, Results>, ) -> Result<Func> where T: 'static,817 pub fn try_wrap<T, Params, Results>(
818 mut store: impl AsContextMut<Data = T>,
819 func: impl IntoFunc<T, Params, Results>,
820 ) -> Result<Func>
821 where
822 T: 'static,
823 {
824 let store = store.as_context_mut().0;
825 let engine = store.engine();
826 let host = func.into_func(engine)?;
827
828 // SAFETY: The `T` the closure takes is the same as the `T` of the store
829 // we're inserting into via the type signature above.
830 Ok(unsafe { host.into_func(store)? })
831 }
832
833 /// Same as [`Func::wrap`], except the closure asynchronously produces the
834 /// result and the arguments are passed within a tuple. For more information
835 /// see the [`Func`] documentation.
836 #[cfg(feature = "async")]
wrap_async<T, F, P, R>(mut store: impl AsContextMut<Data = T>, func: F) -> Func where F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a> + Send + Sync + 'static, P: WasmTyList, R: WasmRet, T: Send + 'static,837 pub fn wrap_async<T, F, P, R>(mut store: impl AsContextMut<Data = T>, func: F) -> Func
838 where
839 F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a>
840 + Send
841 + Sync
842 + 'static,
843 P: WasmTyList,
844 R: WasmRet,
845 T: Send + 'static,
846 {
847 let store = store.as_context_mut().0;
848 let host = HostFunc::wrap_async(store.engine(), func).panic_on_oom();
849
850 // SAFETY: The `T` the closure takes is the same as the `T` of the store
851 // we're inserting into via the type signature above.
852 unsafe { host.into_func(store).panic_on_oom() }
853 }
854
855 /// Returns the underlying wasm type that this `Func` has.
856 ///
857 /// # Panics
858 ///
859 /// Panics if `store` does not own this function.
ty(&self, store: impl AsContext) -> FuncType860 pub fn ty(&self, store: impl AsContext) -> FuncType {
861 self.load_ty(&store.as_context().0)
862 }
863
864 /// Forcibly loads the type of this function from the `Engine`.
865 ///
866 /// Note that this is a somewhat expensive method since it requires taking a
867 /// lock as well as cloning a type.
load_ty(&self, store: &StoreOpaque) -> FuncType868 pub(crate) fn load_ty(&self, store: &StoreOpaque) -> FuncType {
869 FuncType::from_shared_type_index(store.engine(), self.type_index(store))
870 }
871
872 /// Does this function match the given type?
873 ///
874 /// That is, is this function's type a subtype of the given type?
875 ///
876 /// # Panics
877 ///
878 /// Panics if this function is not associated with the given store or if the
879 /// function type is not associated with the store's engine.
matches_ty(&self, store: impl AsContext, func_ty: &FuncType) -> bool880 pub fn matches_ty(&self, store: impl AsContext, func_ty: &FuncType) -> bool {
881 self._matches_ty(store.as_context().0, func_ty)
882 }
883
_matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> bool884 pub(crate) fn _matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> bool {
885 let actual_ty = self.load_ty(store);
886 actual_ty.matches(func_ty)
887 }
888
ensure_matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> Result<()>889 pub(crate) fn ensure_matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> Result<()> {
890 if !self.comes_from_same_store(store) {
891 bail!("function used with wrong store");
892 }
893 if self._matches_ty(store, func_ty) {
894 Ok(())
895 } else {
896 let actual_ty = self.load_ty(store);
897 bail!("type mismatch: expected {func_ty}, found {actual_ty}")
898 }
899 }
900
type_index(&self, data: &StoreOpaque) -> VMSharedTypeIndex901 pub(crate) fn type_index(&self, data: &StoreOpaque) -> VMSharedTypeIndex {
902 unsafe { self.vm_func_ref(data).as_ref().type_index }
903 }
904
905 /// Invokes this function with the `params` given and writes returned values
906 /// to `results`.
907 ///
908 /// The `params` here must match the type signature of this `Func`, or an
909 /// error will occur. Additionally `results` must have the same
910 /// length as the number of results for this function. Calling this function
911 /// will synchronously execute the WebAssembly function referenced to get
912 /// the results.
913 ///
914 /// This function will return `Ok(())` if execution completed without a trap
915 /// or error of any kind. In this situation the results will be written to
916 /// the provided `results` array.
917 ///
918 /// # Errors
919 ///
920 /// Any error which occurs throughout the execution of the function will be
921 /// returned as `Err(e)`. The [`Error`](crate::Error) type can be inspected
922 /// for the precise error cause such as:
923 ///
924 /// * [`Trap`] - indicates that a wasm trap happened and execution was
925 /// halted.
926 /// * [`WasmBacktrace`] - optionally included on errors for backtrace
927 /// information of the trap/error.
928 /// * Other string-based errors to indicate issues such as type errors with
929 /// `params`.
930 /// * Any host-originating error originally returned from a function defined
931 /// via [`Func::new`], for example.
932 /// * The `store` provided is configured to require `call_async` to be used
933 /// instead, such as with epochs or fuel.
934 ///
935 /// Errors typically indicate that execution of WebAssembly was halted
936 /// mid-way and did not complete after the error condition happened.
937 ///
938 /// [`Trap`]: crate::Trap
939 ///
940 /// # Panics
941 ///
942 /// Panics if `store` does not own this function.
943 ///
944 /// [`WasmBacktrace`]: crate::WasmBacktrace
call( &self, mut store: impl AsContextMut, params: &[Val], results: &mut [Val], ) -> Result<()>945 pub fn call(
946 &self,
947 mut store: impl AsContextMut,
948 params: &[Val],
949 results: &mut [Val],
950 ) -> Result<()> {
951 let mut store = store.as_context_mut();
952 store.0.validate_sync_call()?;
953
954 self.call_impl_check_args(&mut store, params, results)?;
955
956 unsafe { self.call_impl_do_call(&mut store, params, results) }
957 }
958
959 /// Invokes this function in an "unchecked" fashion, reading parameters and
960 /// writing results to `params_and_returns`.
961 ///
962 /// This function is the same as [`Func::call`] except that the arguments
963 /// and results both use a different representation. If possible it's
964 /// recommended to use [`Func::call`] if safety isn't necessary or to use
965 /// [`Func::typed`] in conjunction with [`TypedFunc::call`] since that's
966 /// both safer and faster than this method of invoking a function.
967 ///
968 /// Note that if this function takes `externref` arguments then it will
969 /// **not** automatically GC unlike the [`Func::call`] and
970 /// [`TypedFunc::call`] functions. This means that if this function is
971 /// invoked many times with new `ExternRef` values and no other GC happens
972 /// via any other means then no values will get collected.
973 ///
974 /// # Errors
975 ///
976 /// For more information about errors see the [`Func::call`] documentation.
977 ///
978 /// # Unsafety
979 ///
980 /// This function is unsafe because the `params_and_returns` argument is not
981 /// validated at all. It must uphold invariants such as:
982 ///
983 /// * It's a valid pointer to an array
984 /// * It has enough space to store all parameters
985 /// * It has enough space to store all results (not at the same time as
986 /// parameters)
987 /// * Parameters are initially written to the array and have the correct
988 /// types and such.
989 /// * Reference types like `externref` and `funcref` are valid at the
990 /// time of this call and for the `store` specified.
991 ///
992 /// These invariants are all upheld for you with [`Func::call`] and
993 /// [`TypedFunc::call`].
call_unchecked( &self, mut store: impl AsContextMut, params_and_returns: *mut [ValRaw], ) -> Result<()>994 pub unsafe fn call_unchecked(
995 &self,
996 mut store: impl AsContextMut,
997 params_and_returns: *mut [ValRaw],
998 ) -> Result<()> {
999 let mut store = store.as_context_mut();
1000 let func_ref = self.vm_func_ref(store.0);
1001 let params_and_returns = NonNull::new(params_and_returns).unwrap_or(NonNull::from(&mut []));
1002
1003 // SAFETY: the safety of this function call is the same as the contract
1004 // of this function.
1005 unsafe { Self::call_unchecked_raw(&mut store, func_ref, params_and_returns) }
1006 }
1007
call_unchecked_raw<T>( store: &mut StoreContextMut<'_, T>, func_ref: NonNull<VMFuncRef>, params_and_returns: NonNull<[ValRaw]>, ) -> Result<()>1008 pub(crate) unsafe fn call_unchecked_raw<T>(
1009 store: &mut StoreContextMut<'_, T>,
1010 func_ref: NonNull<VMFuncRef>,
1011 params_and_returns: NonNull<[ValRaw]>,
1012 ) -> Result<()> {
1013 // SAFETY: the safety of this function call is the same as the contract
1014 // of this function.
1015 invoke_wasm_and_catch_traps(store, |caller, vm| unsafe {
1016 VMFuncRef::array_call(func_ref, vm, caller, params_and_returns)
1017 })
1018 }
1019
1020 /// Converts the raw representation of a `funcref` into an `Option<Func>`
1021 ///
1022 /// This is intended to be used in conjunction with [`Func::new_unchecked`],
1023 /// [`Func::call_unchecked`], and [`ValRaw`] with its `funcref` field. This
1024 /// is the dual of [`Func::to_raw`].
1025 ///
1026 /// # Unsafety
1027 ///
1028 /// This function is not safe because `raw` is not validated at all. The
1029 /// caller must guarantee that `raw` is owned by the `store` provided and is
1030 /// valid within the `store`.
from_raw(mut store: impl AsContextMut, raw: *mut c_void) -> Option<Func>1031 pub unsafe fn from_raw(mut store: impl AsContextMut, raw: *mut c_void) -> Option<Func> {
1032 // SAFETY: this function's own contract is that `raw` is owned by store
1033 // to make this safe.
1034 unsafe { Self::_from_raw(store.as_context_mut().0, raw) }
1035 }
1036
1037 /// Same as `from_raw`, but with the internal `StoreOpaque` type.
_from_raw(store: &mut StoreOpaque, raw: *mut c_void) -> Option<Func>1038 pub(crate) unsafe fn _from_raw(store: &mut StoreOpaque, raw: *mut c_void) -> Option<Func> {
1039 // SAFETY: this function's own contract is that `raw` is owned by store
1040 // to make this safe.
1041 unsafe {
1042 Some(Func::from_vm_func_ref(
1043 store.id(),
1044 NonNull::new(raw.cast())?,
1045 ))
1046 }
1047 }
1048
1049 /// Extracts the raw value of this `Func`, which is owned by `store`.
1050 ///
1051 /// This function returns a value that's suitable for writing into the
1052 /// `funcref` field of the [`ValRaw`] structure.
1053 ///
1054 /// # Safety
1055 ///
1056 /// The returned value is only valid for as long as the store is alive.
1057 /// This value is safe to pass to [`Func::from_raw`] so long as the same
1058 /// `store` is provided.
to_raw(&self, mut store: impl AsContextMut) -> *mut c_void1059 pub fn to_raw(&self, mut store: impl AsContextMut) -> *mut c_void {
1060 self.vm_func_ref(store.as_context_mut().0).as_ptr().cast()
1061 }
1062
1063 /// Invokes this function with the `params` given, returning the results
1064 /// asynchronously.
1065 ///
1066 /// This function is the same as [`Func::call`] except that it is
1067 /// asynchronous.
1068 ///
1069 /// It's important to note that the execution of WebAssembly will happen
1070 /// synchronously in the `poll` method of the future returned from this
1071 /// function. Wasmtime does not manage its own thread pool or similar to
1072 /// execute WebAssembly in. Future `poll` methods are generally expected to
1073 /// resolve quickly, so it's recommended that you run or poll this future
1074 /// in a "blocking context".
1075 ///
1076 /// For more information see the documentation on [asynchronous
1077 /// configs](crate#async).
1078 ///
1079 /// # Errors
1080 ///
1081 /// For more information on errors see the [`Func::call`] documentation.
1082 ///
1083 /// # Panics
1084 ///
1085 /// Panics if this is called on a function in a synchronous store. This
1086 /// only works with functions defined within an asynchronous store. Also
1087 /// panics if `store` does not own this function.
1088 #[cfg(feature = "async")]
call_async( &self, mut store: impl AsContextMut<Data: Send>, params: &[Val], results: &mut [Val], ) -> Result<()>1089 pub async fn call_async(
1090 &self,
1091 mut store: impl AsContextMut<Data: Send>,
1092 params: &[Val],
1093 results: &mut [Val],
1094 ) -> Result<()> {
1095 let mut store = store.as_context_mut();
1096
1097 self.call_impl_check_args(&mut store, params, results)?;
1098
1099 let result = store
1100 .on_fiber(|store| unsafe { self.call_impl_do_call(store, params, results) })
1101 .await??;
1102 Ok(result)
1103 }
1104
1105 /// Perform dynamic checks that the arguments given to us match
1106 /// the signature of this function and are appropriate to pass to this
1107 /// function.
1108 ///
1109 /// This involves checking to make sure we have the right number and types
1110 /// of arguments as well as making sure everything is from the same `Store`.
1111 ///
1112 /// This must be called just before `call_impl_do_call`.
call_impl_check_args<T>( &self, store: &mut StoreContextMut<'_, T>, params: &[Val], results: &mut [Val], ) -> Result<()>1113 fn call_impl_check_args<T>(
1114 &self,
1115 store: &mut StoreContextMut<'_, T>,
1116 params: &[Val],
1117 results: &mut [Val],
1118 ) -> Result<()> {
1119 let ty = self.load_ty(store.0);
1120 if ty.params().len() != params.len() {
1121 bail!(
1122 "expected {} arguments, got {}",
1123 ty.params().len(),
1124 params.len()
1125 );
1126 }
1127 if ty.results().len() != results.len() {
1128 bail!(
1129 "expected {} results, got {}",
1130 ty.results().len(),
1131 results.len()
1132 );
1133 }
1134
1135 for (ty, arg) in ty.params().zip(params) {
1136 arg.ensure_matches_ty(store.0, &ty)
1137 .context("argument type mismatch")?;
1138 if !arg.comes_from_same_store(store.0) {
1139 bail!("cross-`Store` values are not currently supported");
1140 }
1141 }
1142
1143 Ok(())
1144 }
1145
1146 /// Do the actual call into Wasm.
1147 ///
1148 /// # Safety
1149 ///
1150 /// You must have type checked the arguments by calling
1151 /// `call_impl_check_args` immediately before calling this function. It is
1152 /// only safe to call this function if that one did not return an error.
call_impl_do_call<T>( &self, store: &mut StoreContextMut<'_, T>, params: &[Val], results: &mut [Val], ) -> Result<()>1153 unsafe fn call_impl_do_call<T>(
1154 &self,
1155 store: &mut StoreContextMut<'_, T>,
1156 params: &[Val],
1157 results: &mut [Val],
1158 ) -> Result<()> {
1159 // Store the argument values into `values_vec`.
1160 let ty = self.load_ty(store.0);
1161 let values_vec_size = params.len().max(ty.results().len());
1162 let mut values_vec = store.0.take_wasm_val_raw_storage();
1163 debug_assert!(values_vec.is_empty());
1164 values_vec.resize_with(values_vec_size, || ValRaw::v128(0))?;
1165 for (arg, slot) in params.iter().cloned().zip(&mut values_vec) {
1166 *slot = arg.to_raw(&mut *store)?;
1167 }
1168
1169 unsafe {
1170 self.call_unchecked(
1171 &mut *store,
1172 core::ptr::slice_from_raw_parts_mut(values_vec.as_mut_ptr(), values_vec_size),
1173 )?;
1174 }
1175
1176 for ((i, slot), val) in results.iter_mut().enumerate().zip(&values_vec) {
1177 let ty = ty.results().nth(i).unwrap();
1178 *slot = unsafe { Val::from_raw(&mut *store, *val, ty) };
1179 }
1180 values_vec.truncate(0);
1181 store.0.save_wasm_val_raw_storage(values_vec);
1182 Ok(())
1183 }
1184
1185 #[inline]
vm_func_ref(&self, store: &StoreOpaque) -> NonNull<VMFuncRef>1186 pub(crate) fn vm_func_ref(&self, store: &StoreOpaque) -> NonNull<VMFuncRef> {
1187 self.store.assert_belongs_to(store.id());
1188 self.unsafe_func_ref.as_non_null()
1189 }
1190
vmimport(&self, store: &StoreOpaque) -> VMFunctionImport1191 pub(crate) fn vmimport(&self, store: &StoreOpaque) -> VMFunctionImport {
1192 unsafe {
1193 let f = self.vm_func_ref(store);
1194 VMFunctionImport {
1195 // Note that this is a load-bearing `unwrap` here, but is
1196 // never expected to trip at runtime. The general problem is
1197 // that host functions do not have a `wasm_call` function so
1198 // the `VMFuncRef` type has an optional pointer there. This is
1199 // only able to be filled out when a function is "paired" with
1200 // a module where trampolines are present to fill out
1201 // `wasm_call` pointers.
1202 //
1203 // This pairing of modules doesn't happen explicitly but is
1204 // instead managed lazily throughout Wasmtime. Specifically the
1205 // way this works is one of:
1206 //
1207 // * When a host function is created the store's list of
1208 // modules are searched for a wasm trampoline. If not found
1209 // the `wasm_call` field is left blank.
1210 //
1211 // * When a module instantiation happens, which uses this
1212 // function, the module will be used to fill any outstanding
1213 // holes that it has trampolines for.
1214 //
1215 // This means that by the time we get to this point any
1216 // relevant holes should be filled out. Thus if this panic
1217 // actually triggers then it's indicative of a missing `fill`
1218 // call somewhere else.
1219 wasm_call: f.as_ref().wasm_call.unwrap(),
1220 array_call: f.as_ref().array_call,
1221 vmctx: f.as_ref().vmctx,
1222 }
1223 }
1224 }
1225
comes_from_same_store(&self, store: &StoreOpaque) -> bool1226 pub(crate) fn comes_from_same_store(&self, store: &StoreOpaque) -> bool {
1227 self.store == store.id()
1228 }
1229
1230 /// Attempts to extract a typed object from this `Func` through which the
1231 /// function can be called.
1232 ///
1233 /// This function serves as an alternative to [`Func::call`] and
1234 /// [`Func::call_async`]. This method performs a static type check (using
1235 /// the `Params` and `Results` type parameters on the underlying wasm
1236 /// function. If the type check passes then a `TypedFunc` object is returned,
1237 /// otherwise an error is returned describing the typecheck failure.
1238 ///
1239 /// The purpose of this relative to [`Func::call`] is that it's much more
1240 /// efficient when used to invoke WebAssembly functions. With the types
1241 /// statically known far less setup/teardown is required when invoking
1242 /// WebAssembly. If speed is desired then this function is recommended to be
1243 /// used instead of [`Func::call`] (which is more general, hence its
1244 /// slowdown).
1245 ///
1246 /// The `Params` type parameter is used to describe the parameters of the
1247 /// WebAssembly function. This can either be a single type (like `i32`), or
1248 /// a tuple of types representing the list of parameters (like `(i32, f32,
1249 /// f64)`). Additionally you can use `()` to represent that the function has
1250 /// no parameters.
1251 ///
1252 /// The `Results` type parameter is used to describe the results of the
1253 /// function. This behaves the same way as `Params`, but just for the
1254 /// results of the function.
1255 ///
1256 /// # Translating Between WebAssembly and Rust Types
1257 ///
1258 /// Translation between Rust types and WebAssembly types looks like:
1259 ///
1260 /// | WebAssembly | Rust |
1261 /// |-------------------------------------------|---------------------------------------|
1262 /// | `i32` | `i32` or `u32` |
1263 /// | `i64` | `i64` or `u64` |
1264 /// | `f32` | `f32` |
1265 /// | `f64` | `f64` |
1266 /// | `externref` aka `(ref null extern)` | `Option<Rooted<ExternRef>>` |
1267 /// | `(ref extern)` | `Rooted<ExternRef>` |
1268 /// | `nullexternref` aka `(ref null noextern)` | `Option<NoExtern>` |
1269 /// | `(ref noextern)` | `NoExtern` |
1270 /// | `anyref` aka `(ref null any)` | `Option<Rooted<AnyRef>>` |
1271 /// | `(ref any)` | `Rooted<AnyRef>` |
1272 /// | `eqref` aka `(ref null eq)` | `Option<Rooted<EqRef>>` |
1273 /// | `(ref eq)` | `Rooted<EqRef>` |
1274 /// | `i31ref` aka `(ref null i31)` | `Option<I31>` |
1275 /// | `(ref i31)` | `I31` |
1276 /// | `structref` aka `(ref null struct)` | `Option<Rooted<StructRef>>` |
1277 /// | `(ref struct)` | `Rooted<StructRef>` |
1278 /// | `arrayref` aka `(ref null array)` | `Option<Rooted<ArrayRef>>` |
1279 /// | `(ref array)` | `Rooted<ArrayRef>` |
1280 /// | `nullref` aka `(ref null none)` | `Option<NoneRef>` |
1281 /// | `(ref none)` | `NoneRef` |
1282 /// | `funcref` aka `(ref null func)` | `Option<Func>` |
1283 /// | `(ref func)` | `Func` |
1284 /// | `(ref null <func type index>)` | `Option<Func>` |
1285 /// | `(ref <func type index>)` | `Func` |
1286 /// | `nullfuncref` aka `(ref null nofunc)` | `Option<NoFunc>` |
1287 /// | `(ref nofunc)` | `NoFunc` |
1288 /// | `v128` | `V128` on `x86-64` and `aarch64` only |
1289 ///
1290 /// (Note that this mapping is the same as that of [`Func::wrap`], and that
1291 /// anywhere a `Rooted<T>` appears, a `OwnedRooted<T>` may also appear).
1292 ///
1293 /// Note that once the [`TypedFunc`] return value is acquired you'll use either
1294 /// [`TypedFunc::call`] or [`TypedFunc::call_async`] as necessary to actually invoke
1295 /// the function. This method does not invoke any WebAssembly code, it
1296 /// simply performs a typecheck before returning the [`TypedFunc`] value.
1297 ///
1298 /// This method also has a convenience wrapper as
1299 /// [`Instance::get_typed_func`](crate::Instance::get_typed_func) to
1300 /// directly get a typed function value from an
1301 /// [`Instance`](crate::Instance).
1302 ///
1303 /// ## Subtyping
1304 ///
1305 /// For result types, you can always use a supertype of the WebAssembly
1306 /// function's actual declared result type. For example, if the WebAssembly
1307 /// function was declared with type `(func (result nullfuncref))` you could
1308 /// successfully call `f.typed::<(), Option<Func>>()` because `Option<Func>`
1309 /// corresponds to `funcref`, which is a supertype of `nullfuncref`.
1310 ///
1311 /// For parameter types, you can always use a subtype of the WebAssembly
1312 /// function's actual declared parameter type. For example, if the
1313 /// WebAssembly function was declared with type `(func (param (ref null
1314 /// func)))` you could successfully call `f.typed::<Func, ()>()` because
1315 /// `Func` corresponds to `(ref func)`, which is a subtype of `(ref null
1316 /// func)`.
1317 ///
1318 /// Additionally, for functions which take a reference to a concrete type as
1319 /// a parameter, you can also use the concrete type's supertype. Consider a
1320 /// WebAssembly function that takes a reference to a function with a
1321 /// concrete type: `(ref null <func type index>)`. In this scenario, there
1322 /// is no static `wasmtime::Foo` Rust type that corresponds to that
1323 /// particular Wasm-defined concrete reference type because Wasm modules are
1324 /// loaded dynamically at runtime. You *could* do `f.typed::<Option<NoFunc>,
1325 /// ()>()`, and while that is correctly typed and valid, it is often overly
1326 /// restrictive. The only value you could call the resulting typed function
1327 /// with is the null function reference, but we'd like to call it with
1328 /// non-null function references that happen to be of the correct
1329 /// type. Therefore, `f.typed<Option<Func>, ()>()` is also allowed in this
1330 /// case, even though `Option<Func>` represents `(ref null func)` which is
1331 /// the supertype, not subtype, of `(ref null <func type index>)`. This does
1332 /// imply some minimal dynamic type checks in this case, but it is supported
1333 /// for better ergonomics, to enable passing non-null references into the
1334 /// function.
1335 ///
1336 /// # Errors
1337 ///
1338 /// This function will return an error if `Params` or `Results` does not
1339 /// match the native type of this WebAssembly function.
1340 ///
1341 /// # Panics
1342 ///
1343 /// This method will panic if `store` does not own this function.
1344 ///
1345 /// # Examples
1346 ///
1347 /// An end-to-end example of calling a function which takes no parameters
1348 /// and has no results:
1349 ///
1350 /// ```
1351 /// # use wasmtime::*;
1352 /// # fn main() -> Result<()> {
1353 /// let engine = Engine::default();
1354 /// let mut store = Store::new(&engine, ());
1355 /// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
1356 /// let instance = Instance::new(&mut store, &module, &[])?;
1357 /// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
1358 ///
1359 /// // Note that this call can fail due to the typecheck not passing, but
1360 /// // in our case we statically know the module so we know this should
1361 /// // pass.
1362 /// let typed = foo.typed::<(), ()>(&store)?;
1363 ///
1364 /// // Note that this can fail if the wasm traps at runtime.
1365 /// typed.call(&mut store, ())?;
1366 /// # Ok(())
1367 /// # }
1368 /// ```
1369 ///
1370 /// You can also pass in multiple parameters and get a result back
1371 ///
1372 /// ```
1373 /// # use wasmtime::*;
1374 /// # fn foo(add: &Func, mut store: Store<()>) -> Result<()> {
1375 /// let typed = add.typed::<(i32, i64), f32>(&store)?;
1376 /// assert_eq!(typed.call(&mut store, (1, 2))?, 3.0);
1377 /// # Ok(())
1378 /// # }
1379 /// ```
1380 ///
1381 /// and similarly if a function has multiple results you can bind that too
1382 ///
1383 /// ```
1384 /// # use wasmtime::*;
1385 /// # fn foo(add_with_overflow: &Func, mut store: Store<()>) -> Result<()> {
1386 /// let typed = add_with_overflow.typed::<(u32, u32), (u32, i32)>(&store)?;
1387 /// let (result, overflow) = typed.call(&mut store, (u32::max_value(), 2))?;
1388 /// assert_eq!(result, 1);
1389 /// assert_eq!(overflow, 1);
1390 /// # Ok(())
1391 /// # }
1392 /// ```
typed<Params, Results>( &self, store: impl AsContext, ) -> Result<TypedFunc<Params, Results>> where Params: WasmParams, Results: WasmResults,1393 pub fn typed<Params, Results>(
1394 &self,
1395 store: impl AsContext,
1396 ) -> Result<TypedFunc<Params, Results>>
1397 where
1398 Params: WasmParams,
1399 Results: WasmResults,
1400 {
1401 // Type-check that the params/results are all valid
1402 let store = store.as_context().0;
1403 let ty = self.load_ty(store);
1404 Params::typecheck(store.engine(), ty.params(), TypeCheckPosition::Param)
1405 .context("type mismatch with parameters")?;
1406 Results::typecheck(store.engine(), ty.results(), TypeCheckPosition::Result)
1407 .context("type mismatch with results")?;
1408
1409 // and then we can construct the typed version of this function
1410 // (unsafely), which should be safe since we just did the type check above.
1411 unsafe { Ok(TypedFunc::_new_unchecked(store, *self)) }
1412 }
1413
1414 /// Get a stable hash key for this function.
1415 ///
1416 /// Even if the same underlying function is added to the `StoreData`
1417 /// multiple times and becomes multiple `wasmtime::Func`s, this hash key
1418 /// will be consistent across all of these functions.
1419 #[cfg_attr(
1420 not(test),
1421 expect(dead_code, reason = "Not used yet, but added for consistency")
1422 )]
hash_key(&self, store: &mut StoreOpaque) -> impl core::hash::Hash + Eq + use<>1423 pub(crate) fn hash_key(&self, store: &mut StoreOpaque) -> impl core::hash::Hash + Eq + use<> {
1424 self.vm_func_ref(store).as_ptr().addr()
1425 }
1426 }
1427
1428 /// Prepares for entrance into WebAssembly.
1429 ///
1430 /// This function will set up context such that `closure` is allowed to call a
1431 /// raw trampoline or a raw WebAssembly function. This *must* be called to do
1432 /// things like catch traps and set up GC properly.
1433 ///
1434 /// The `closure` provided receives a default "caller" `VMContext` parameter it
1435 /// can pass to the called wasm function, if desired.
invoke_wasm_and_catch_traps<T>( store: &mut StoreContextMut<'_, T>, closure: impl FnMut(NonNull<VMContext>, Option<InterpreterRef<'_>>) -> bool, ) -> Result<()>1436 pub(crate) fn invoke_wasm_and_catch_traps<T>(
1437 store: &mut StoreContextMut<'_, T>,
1438 closure: impl FnMut(NonNull<VMContext>, Option<InterpreterRef<'_>>) -> bool,
1439 ) -> Result<()> {
1440 // The `enter_wasm` call below will reset the store context's
1441 // `stack_chain` to a new `InitialStack`, pointing to the
1442 // stack-allocated `initial_stack_csi`.
1443 let mut initial_stack_csi = VMCommonStackInformation::running_default();
1444 // Stores some state of the runtime just before entering Wasm. Will be
1445 // restored upon exiting Wasm. Note that the `CallThreadState` that is
1446 // created by the `catch_traps` call below will store a pointer to this
1447 // stack-allocated `previous_runtime_state`.
1448 let mut previous_runtime_state = EntryStoreContext::enter_wasm(store, &mut initial_stack_csi);
1449
1450 if let Err(trap) = store.0.call_hook(CallHook::CallingWasm) {
1451 // `previous_runtime_state` implicitly dropped here
1452 return Err(trap);
1453 }
1454 let result = crate::runtime::vm::catch_traps(store, &mut previous_runtime_state, closure);
1455 #[cfg(feature = "component-model")]
1456 if result.is_err() {
1457 store.0.set_trapped();
1458 }
1459 core::mem::drop(previous_runtime_state);
1460 store.0.call_hook(CallHook::ReturningFromWasm)?;
1461 result
1462 }
1463
1464 /// This type helps managing the state of the runtime when entering and exiting
1465 /// Wasm. To this end, it contains a subset of the data in `VMStoreContext`.
1466 /// Upon entering Wasm, it updates various runtime fields and their
1467 /// original values saved in this struct. Upon exiting Wasm, the previous values
1468 /// are restored.
1469 pub(crate) struct EntryStoreContext {
1470 /// If set, contains value of `stack_limit` field to restore in
1471 /// `VMStoreContext` when exiting Wasm.
1472 pub stack_limit: Option<usize>,
1473 pub last_wasm_exit_pc: usize,
1474 pub last_wasm_exit_trampoline_fp: usize,
1475 pub last_wasm_entry_fp: usize,
1476 pub last_wasm_entry_sp: usize,
1477 pub last_wasm_entry_trap_handler: usize,
1478 pub stack_chain: VMStackChain,
1479
1480 /// We need a pointer to the runtime limits, so we can update them from
1481 /// `drop`/`exit_wasm`.
1482 vm_store_context: *const VMStoreContext,
1483 }
1484
1485 impl EntryStoreContext {
1486 /// This function is called to update and save state when
1487 /// WebAssembly is entered within the `Store`.
1488 ///
1489 /// This updates various fields such as:
1490 ///
1491 /// * The stack limit. This is what ensures that we limit the stack space
1492 /// allocated by WebAssembly code and it's relative to the initial stack
1493 /// pointer that called into wasm.
1494 ///
1495 /// It also saves the different last_wasm_* values in the `VMStoreContext`.
enter_wasm<T>( store: &mut StoreContextMut<'_, T>, initial_stack_information: *mut VMCommonStackInformation, ) -> Self1496 pub fn enter_wasm<T>(
1497 store: &mut StoreContextMut<'_, T>,
1498 initial_stack_information: *mut VMCommonStackInformation,
1499 ) -> Self {
1500 let stack_limit;
1501
1502 // If this is a recursive call, e.g. our stack limit is already set, then
1503 // we may be able to skip this function.
1504 //
1505 // For synchronous stores there's nothing else to do because all wasm calls
1506 // happen synchronously and on the same stack. This means that the previous
1507 // stack limit will suffice for the next recursive call.
1508 //
1509 // For asynchronous stores then each call happens on a separate native
1510 // stack. This means that the previous stack limit is no longer relevant
1511 // because we're on a separate stack.
1512 if unsafe { *store.0.vm_store_context().stack_limit.get() } != usize::MAX
1513 && !store.0.can_block()
1514 {
1515 stack_limit = None;
1516 }
1517 // Ignore this stack pointer business on miri since we can't execute wasm
1518 // anyway and the concept of a stack pointer on miri is a bit nebulous
1519 // regardless.
1520 else if cfg!(miri) {
1521 stack_limit = None;
1522 } else {
1523 // When Cranelift has support for the host then we might be running native
1524 // compiled code meaning we need to read the actual stack pointer. If
1525 // Cranelift can't be used though then we're guaranteed to be running pulley
1526 // in which case this stack pointer isn't actually used as Pulley has custom
1527 // mechanisms for stack overflow.
1528 #[cfg(has_host_compiler_backend)]
1529 let stack_pointer = crate::runtime::vm::get_stack_pointer();
1530 #[cfg(not(has_host_compiler_backend))]
1531 let stack_pointer = {
1532 use wasmtime_environ::TripleExt;
1533 debug_assert!(store.engine().target().is_pulley());
1534 usize::MAX
1535 };
1536
1537 // Determine the stack pointer where, after which, any wasm code will
1538 // immediately trap. This is checked on the entry to all wasm functions.
1539 //
1540 // Note that this isn't 100% precise. We are requested to give wasm
1541 // `max_wasm_stack` bytes, but what we're actually doing is giving wasm
1542 // probably a little less than `max_wasm_stack` because we're
1543 // calculating the limit relative to this function's approximate stack
1544 // pointer. Wasm will be executed on a frame beneath this one (or next
1545 // to it). In any case it's expected to be at most a few hundred bytes
1546 // of slop one way or another. When wasm is typically given a MB or so
1547 // (a million bytes) the slop shouldn't matter too much.
1548 //
1549 // After we've got the stack limit then we store it into the `stack_limit`
1550 // variable.
1551 //
1552 // Also note that `saturating_sub` is used here since if the user
1553 // said that the function gets nigh-infinite stack well then by
1554 // golly it'll get nigh-infinite stack in which case the limit is 0.
1555 let wasm_stack_limit =
1556 stack_pointer.saturating_sub(store.engine().config().max_wasm_stack);
1557 let prev_stack = unsafe {
1558 mem::replace(
1559 &mut *store.0.vm_store_context().stack_limit.get(),
1560 wasm_stack_limit,
1561 )
1562 };
1563 stack_limit = Some(prev_stack);
1564 }
1565
1566 unsafe {
1567 let vm_store_context = store.0.vm_store_context();
1568 let new_stack_chain = VMStackChain::InitialStack(initial_stack_information);
1569 *vm_store_context.stack_chain.get() = new_stack_chain;
1570
1571 Self {
1572 stack_limit,
1573 last_wasm_exit_pc: *(*vm_store_context).last_wasm_exit_pc.get(),
1574 last_wasm_exit_trampoline_fp: *(*vm_store_context)
1575 .last_wasm_exit_trampoline_fp
1576 .get(),
1577 last_wasm_entry_fp: *(*vm_store_context).last_wasm_entry_fp.get(),
1578 last_wasm_entry_sp: *(*vm_store_context).last_wasm_entry_sp.get(),
1579 last_wasm_entry_trap_handler: *(*vm_store_context)
1580 .last_wasm_entry_trap_handler
1581 .get(),
1582 stack_chain: (*(*vm_store_context).stack_chain.get()).clone(),
1583 vm_store_context,
1584 }
1585 }
1586 }
1587
1588 /// This function restores the values stored in this struct. We invoke this
1589 /// function through this type's `Drop` implementation. This ensures that we
1590 /// even restore the values if we unwind the stack (e.g., because we are
1591 /// panicking out of a Wasm execution).
1592 #[inline]
exit_wasm(&mut self)1593 fn exit_wasm(&mut self) {
1594 unsafe {
1595 if let Some(limit) = self.stack_limit {
1596 *(&*self.vm_store_context).stack_limit.get() = limit;
1597 }
1598
1599 *(*self.vm_store_context).last_wasm_exit_trampoline_fp.get() =
1600 self.last_wasm_exit_trampoline_fp;
1601 *(*self.vm_store_context).last_wasm_exit_pc.get() = self.last_wasm_exit_pc;
1602 *(*self.vm_store_context).last_wasm_entry_fp.get() = self.last_wasm_entry_fp;
1603 *(*self.vm_store_context).last_wasm_entry_sp.get() = self.last_wasm_entry_sp;
1604 *(*self.vm_store_context).last_wasm_entry_trap_handler.get() =
1605 self.last_wasm_entry_trap_handler;
1606 *(*self.vm_store_context).stack_chain.get() = self.stack_chain.clone();
1607 }
1608 }
1609 }
1610
1611 impl Drop for EntryStoreContext {
1612 #[inline]
drop(&mut self)1613 fn drop(&mut self) {
1614 self.exit_wasm();
1615 }
1616 }
1617
1618 /// A trait implemented for types which can be returned from closures passed to
1619 /// [`Func::wrap`] and friends.
1620 ///
1621 /// This trait should not be implemented by user types. This trait may change at
1622 /// any time internally. The types which implement this trait, however, are
1623 /// stable over time.
1624 ///
1625 /// For more information see [`Func::wrap`]
1626 pub unsafe trait WasmRet {
1627 // Same as `WasmTy::compatible_with_store`.
1628 #[doc(hidden)]
compatible_with_store(&self, store: &StoreOpaque) -> bool1629 fn compatible_with_store(&self, store: &StoreOpaque) -> bool;
1630
1631 /// Stores this return value into the `ptr` specified using the rooted
1632 /// `store`.
1633 ///
1634 /// Traps are communicated through the `Result<_>` return value.
1635 ///
1636 /// # Unsafety
1637 ///
1638 /// This method is unsafe as `ptr` must have the correct length to store
1639 /// this result. This property is only checked in debug mode, not in release
1640 /// mode.
1641 #[doc(hidden)]
store( self, store: &mut AutoAssertNoGc<'_>, ptr: &mut [MaybeUninit<ValRaw>], ) -> Result<()>1642 unsafe fn store(
1643 self,
1644 store: &mut AutoAssertNoGc<'_>,
1645 ptr: &mut [MaybeUninit<ValRaw>],
1646 ) -> Result<()>;
1647
1648 #[doc(hidden)]
func_type( engine: &Engine, params: impl Iterator<Item = ValType>, ) -> Result<FuncType, OutOfMemory>1649 fn func_type(
1650 engine: &Engine,
1651 params: impl Iterator<Item = ValType>,
1652 ) -> Result<FuncType, OutOfMemory>;
1653 #[doc(hidden)]
may_gc() -> bool1654 fn may_gc() -> bool;
1655
1656 // Utilities used to convert an instance of this type to a `Result`
1657 // explicitly, used when wrapping async functions which always bottom-out
1658 // in a function that returns a trap because futures can be cancelled.
1659 #[doc(hidden)]
1660 type Fallible: WasmRet;
1661 #[doc(hidden)]
into_fallible(self) -> Self::Fallible1662 fn into_fallible(self) -> Self::Fallible;
1663 #[doc(hidden)]
fallible_from_error(error: Error) -> Self::Fallible1664 fn fallible_from_error(error: Error) -> Self::Fallible;
1665 }
1666
1667 unsafe impl<T> WasmRet for T
1668 where
1669 T: WasmTy,
1670 {
1671 type Fallible = Result<T>;
1672
compatible_with_store(&self, store: &StoreOpaque) -> bool1673 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1674 <Self as WasmTy>::compatible_with_store(self, store)
1675 }
1676
store( self, store: &mut AutoAssertNoGc<'_>, ptr: &mut [MaybeUninit<ValRaw>], ) -> Result<()>1677 unsafe fn store(
1678 self,
1679 store: &mut AutoAssertNoGc<'_>,
1680 ptr: &mut [MaybeUninit<ValRaw>],
1681 ) -> Result<()> {
1682 debug_assert!(ptr.len() > 0);
1683 // SAFETY: the contract of this function/trait combo is such that `ptr`
1684 // is valid to store this type's value, thus this lookup should be safe.
1685 unsafe { <Self as WasmTy>::store(self, store, ptr.get_unchecked_mut(0)) }
1686 }
1687
may_gc() -> bool1688 fn may_gc() -> bool {
1689 T::may_gc()
1690 }
1691
func_type( engine: &Engine, params: impl Iterator<Item = ValType>, ) -> Result<FuncType, OutOfMemory>1692 fn func_type(
1693 engine: &Engine,
1694 params: impl Iterator<Item = ValType>,
1695 ) -> Result<FuncType, OutOfMemory> {
1696 FuncType::try_new(engine, params, Some(<Self as WasmTy>::valtype()))
1697 }
1698
into_fallible(self) -> Result<T>1699 fn into_fallible(self) -> Result<T> {
1700 Ok(self)
1701 }
1702
fallible_from_error(error: Error) -> Result<T>1703 fn fallible_from_error(error: Error) -> Result<T> {
1704 Err(error)
1705 }
1706 }
1707
1708 unsafe impl<T> WasmRet for Result<T>
1709 where
1710 T: WasmRet,
1711 {
1712 type Fallible = Self;
1713
compatible_with_store(&self, store: &StoreOpaque) -> bool1714 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1715 match self {
1716 Ok(x) => <T as WasmRet>::compatible_with_store(x, store),
1717 Err(_) => true,
1718 }
1719 }
1720
store( self, store: &mut AutoAssertNoGc<'_>, ptr: &mut [MaybeUninit<ValRaw>], ) -> Result<()>1721 unsafe fn store(
1722 self,
1723 store: &mut AutoAssertNoGc<'_>,
1724 ptr: &mut [MaybeUninit<ValRaw>],
1725 ) -> Result<()> {
1726 // SAFETY: the safety of calling this function is the same as calling
1727 // the inner `store`.
1728 unsafe { self.and_then(|val| val.store(store, ptr)) }
1729 }
1730
may_gc() -> bool1731 fn may_gc() -> bool {
1732 T::may_gc()
1733 }
1734
func_type( engine: &Engine, params: impl Iterator<Item = ValType>, ) -> Result<FuncType, OutOfMemory>1735 fn func_type(
1736 engine: &Engine,
1737 params: impl Iterator<Item = ValType>,
1738 ) -> Result<FuncType, OutOfMemory> {
1739 T::func_type(engine, params)
1740 }
1741
into_fallible(self) -> Result<T>1742 fn into_fallible(self) -> Result<T> {
1743 self
1744 }
1745
fallible_from_error(error: Error) -> Result<T>1746 fn fallible_from_error(error: Error) -> Result<T> {
1747 Err(error)
1748 }
1749 }
1750
1751 macro_rules! impl_wasm_host_results {
1752 ($n:tt $($t:ident)*) => (
1753 #[allow(non_snake_case, reason = "macro-generated code")]
1754 unsafe impl<$($t),*> WasmRet for ($($t,)*)
1755 where
1756 $($t: WasmTy,)*
1757 {
1758 type Fallible = Result<Self>;
1759
1760 #[inline]
1761 fn compatible_with_store(&self, _store: &StoreOpaque) -> bool {
1762 let ($($t,)*) = self;
1763 $( $t.compatible_with_store(_store) && )* true
1764 }
1765
1766 #[inline]
1767 unsafe fn store(
1768 self,
1769 _store: &mut AutoAssertNoGc<'_>,
1770 _ptr: &mut [MaybeUninit<ValRaw>],
1771 ) -> Result<()> {
1772 let ($($t,)*) = self;
1773 let mut _cur = 0;
1774 $(
1775 debug_assert!(_cur < _ptr.len());
1776 // SAFETY: `store`'s unsafe contract is that `_ptr` is
1777 // appropriately sized and additionally safe to call `store`
1778 // for sub-types.
1779 unsafe {
1780 let val = _ptr.get_unchecked_mut(_cur);
1781 _cur += 1;
1782 WasmTy::store($t, _store, val)?;
1783 }
1784 )*
1785 Ok(())
1786 }
1787
1788 #[doc(hidden)]
1789 fn may_gc() -> bool {
1790 $( $t::may_gc() || )* false
1791 }
1792
1793 fn func_type(
1794 engine: &Engine,
1795 params: impl Iterator<Item = ValType>,
1796 ) -> Result<FuncType, OutOfMemory> {
1797 FuncType::try_new(
1798 engine,
1799 params,
1800 IntoIterator::into_iter([$($t::valtype(),)*]),
1801 )
1802 }
1803
1804 #[inline]
1805 fn into_fallible(self) -> Result<Self> {
1806 Ok(self)
1807 }
1808
1809 #[inline]
1810 fn fallible_from_error(error: Error) -> Result<Self> {
1811 Err(error)
1812 }
1813 }
1814 )
1815 }
1816
1817 for_each_function_signature!(impl_wasm_host_results);
1818
1819 /// Internal trait implemented for all arguments that can be passed to
1820 /// [`Func::wrap`] and [`Linker::func_wrap`](crate::Linker::func_wrap).
1821 ///
1822 /// This trait should not be implemented by external users, it's only intended
1823 /// as an implementation detail of this crate.
1824 pub trait IntoFunc<T, Params, Results>: Send + Sync + 'static {
1825 /// Convert this function into a `VM{Array,Native}CallHostFuncContext` and
1826 /// internal `VMFuncRef`.
1827 #[doc(hidden)]
into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory>1828 fn into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory>;
1829 }
1830
1831 macro_rules! impl_into_func {
1832 ($num:tt $arg:ident) => {
1833 // Implement for functions without a leading `Caller` parameter,
1834 // delegating to the implementation below which does have the leading
1835 // `Caller` parameter.
1836 #[expect(non_snake_case, reason = "macro-generated code")]
1837 impl<T, F, $arg, R> IntoFunc<T, $arg, R> for F
1838 where
1839 F: Fn($arg) -> R + Send + Sync + 'static,
1840 $arg: WasmTy,
1841 R: WasmRet,
1842 T: 'static,
1843 {
1844 fn into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory> {
1845 let f = move |_: Caller<'_, T>, $arg: $arg| {
1846 self($arg)
1847 };
1848
1849 f.into_func(engine)
1850 }
1851 }
1852
1853 #[expect(non_snake_case, reason = "macro-generated code")]
1854 impl<T, F, $arg, R> IntoFunc<T, (Caller<'_, T>, $arg), R> for F
1855 where
1856 F: Fn(Caller<'_, T>, $arg) -> R + Send + Sync + 'static,
1857 $arg: WasmTy,
1858 R: WasmRet,
1859 T: 'static,
1860 {
1861 fn into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory> {
1862 HostFunc::wrap(engine, move |caller: Caller<'_, T>, ($arg,)| {
1863 self(caller, $arg)
1864 })
1865 }
1866 }
1867 };
1868 ($num:tt $($args:ident)*) => {
1869 // Implement for functions without a leading `Caller` parameter,
1870 // delegating to the implementation below which does have the leading
1871 // `Caller` parameter.
1872 #[allow(non_snake_case, reason = "macro-generated code")]
1873 impl<T, F, $($args,)* R> IntoFunc<T, ($($args,)*), R> for F
1874 where
1875 F: Fn($($args),*) -> R + Send + Sync + 'static,
1876 $($args: WasmTy,)*
1877 R: WasmRet,
1878 T: 'static,
1879 {
1880 fn into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory> {
1881 let f = move |_: Caller<'_, T>, $($args:$args),*| {
1882 self($($args),*)
1883 };
1884
1885 f.into_func(engine)
1886 }
1887 }
1888
1889 #[allow(non_snake_case, reason = "macro-generated code")]
1890 impl<T, F, $($args,)* R> IntoFunc<T, (Caller<'_, T>, $($args,)*), R> for F
1891 where
1892 F: Fn(Caller<'_, T>, $($args),*) -> R + Send + Sync + 'static,
1893 $($args: WasmTy,)*
1894 R: WasmRet,
1895 T: 'static,
1896 {
1897 fn into_func(self, engine: &Engine) -> Result<HostFunc, OutOfMemory> {
1898 HostFunc::wrap(engine, move |caller: Caller<'_, T>, ( $( $args ),* )| {
1899 self(caller, $( $args ),* )
1900 })
1901 }
1902 }
1903 }
1904 }
1905
1906 for_each_function_signature!(impl_into_func);
1907
1908 /// Trait implemented for various tuples made up of types which implement
1909 /// [`WasmTy`] that can be passed to [`Func::wrap_async`].
1910 pub unsafe trait WasmTyList {
1911 /// Get the value type that each Type in the list represents.
valtypes() -> impl Iterator<Item = ValType>1912 fn valtypes() -> impl Iterator<Item = ValType>;
1913
1914 // Load a version of `Self` from the `values` provided.
1915 //
1916 // # Safety
1917 //
1918 // This function is unsafe as it's up to the caller to ensure that `values` are
1919 // valid for this given type.
1920 #[doc(hidden)]
load(store: &mut AutoAssertNoGc<'_>, values: &mut [MaybeUninit<ValRaw>]) -> Self1921 unsafe fn load(store: &mut AutoAssertNoGc<'_>, values: &mut [MaybeUninit<ValRaw>]) -> Self;
1922
1923 #[doc(hidden)]
may_gc() -> bool1924 fn may_gc() -> bool;
1925 }
1926
1927 macro_rules! impl_wasm_ty_list {
1928 ($num:tt $($args:ident)*) => (
1929 #[allow(non_snake_case, reason = "macro-generated code")]
1930 unsafe impl<$($args),*> WasmTyList for ($($args,)*)
1931 where
1932 $($args: WasmTy,)*
1933 {
1934 fn valtypes() -> impl Iterator<Item = ValType> {
1935 IntoIterator::into_iter([$($args::valtype(),)*])
1936 }
1937
1938 unsafe fn load(_store: &mut AutoAssertNoGc<'_>, _values: &mut [MaybeUninit<ValRaw>]) -> Self {
1939 let mut _cur = 0;
1940 ($({
1941 debug_assert!(_cur < _values.len());
1942 // SAFETY: this function's own contract means that `_values`
1943 // is appropriately sized/typed for the internal loads.
1944 unsafe {
1945 let ptr = _values.get_unchecked(_cur).assume_init_ref();
1946 _cur += 1;
1947 $args::load(_store, ptr)
1948 }
1949 },)*)
1950 }
1951
1952 fn may_gc() -> bool {
1953 $( $args::may_gc() || )* false
1954 }
1955 }
1956 );
1957 }
1958
1959 for_each_function_signature!(impl_wasm_ty_list);
1960
1961 /// A structure representing the caller's context when creating a function
1962 /// via [`Func::wrap`].
1963 ///
1964 /// This structure can be taken as the first parameter of a closure passed to
1965 /// [`Func::wrap`] or other constructors, and serves two purposes:
1966 ///
1967 /// * First consumers can use [`Caller<'_, T>`](crate::Caller) to get access to
1968 /// [`StoreContextMut<'_, T>`](crate::StoreContextMut) and/or get access to
1969 /// `T` itself. This means that the [`Caller`] type can serve as a proxy to
1970 /// the original [`Store`](crate::Store) itself and is used to satisfy
1971 /// [`AsContext`] and [`AsContextMut`] bounds.
1972 ///
1973 /// * Second a [`Caller`] can be used as the name implies, learning about the
1974 /// caller's context, namely it's exported memory and exported functions. This
1975 /// allows functions which take pointers as arguments to easily read the
1976 /// memory the pointers point into, or if a function is expected to call
1977 /// malloc in the wasm module to reserve space for the output you can do that.
1978 ///
1979 /// Host functions which want access to [`Store`](crate::Store)-level state are
1980 /// recommended to use this type.
1981 pub struct Caller<'a, T: 'static> {
1982 pub(crate) store: StoreContextMut<'a, T>,
1983 caller: Instance,
1984 }
1985
1986 impl<T> Caller<'_, T> {
sub_caller(&mut self) -> Caller<'_, T>1987 fn sub_caller(&mut self) -> Caller<'_, T> {
1988 Caller {
1989 store: self.store.as_context_mut(),
1990 caller: self.caller,
1991 }
1992 }
1993
1994 /// Looks up an export from the caller's module by the `name` given.
1995 ///
1996 /// This is a low-level function that's typically used to implement passing
1997 /// of pointers or indices between core Wasm instances, where the callee
1998 /// needs to consult the caller's exports to perform memory management and
1999 /// resolve the references.
2000 ///
2001 /// For comparison, in components, the component model handles translating
2002 /// arguments from one component instance to another and managing memory, so
2003 /// that callees don't need to be aware of their callers, which promotes
2004 /// virtualizability of APIs.
2005 ///
2006 /// # Return
2007 ///
2008 /// If an export with the `name` provided was found, then it is returned as an
2009 /// `Extern`. There are a number of situations, however, where the export may not
2010 /// be available:
2011 ///
2012 /// * The caller instance may not have an export named `name`
2013 /// * There may not be a caller available, for example if `Func` was called
2014 /// directly from host code.
2015 ///
2016 /// It's recommended to take care when calling this API and gracefully
2017 /// handling a `None` return value.
get_export(&mut self, name: &str) -> Option<Extern>2018 pub fn get_export(&mut self, name: &str) -> Option<Extern> {
2019 // All instances created have a `host_state` with a pointer pointing
2020 // back to themselves. If this caller doesn't have that `host_state`
2021 // then it probably means it was a host-created object like `Func::new`
2022 // which doesn't have any exports we want to return anyway.
2023 self.caller.get_export(&mut self.store, name)
2024 }
2025
2026 /// Looks up an exported [`Extern`] value by a [`ModuleExport`] value.
2027 ///
2028 /// This is similar to [`Self::get_export`] but uses a [`ModuleExport`]
2029 /// value to avoid string lookups where possible. [`ModuleExport`]s can be
2030 /// obtained by calling [`Module::get_export_index`] on the [`Module`] that
2031 /// an instance was instantiated with.
2032 ///
2033 /// This method will search the module for an export with a matching entity index and return
2034 /// the value, if found.
2035 ///
2036 /// Returns `None` if there was no export with a matching entity index.
2037 ///
2038 /// [`Module::get_export_index`]: crate::Module::get_export_index
2039 /// [`Module`]: crate::Module
2040 ///
2041 /// # Panics
2042 ///
2043 /// Panics if `store` does not own this instance.
2044 ///
2045 /// # Usage
2046 /// ```
2047 /// use std::str;
2048 ///
2049 /// # use wasmtime::*;
2050 /// # fn main() -> Result<()> {
2051 /// # let mut store = Store::default();
2052 ///
2053 /// let module = Module::new(
2054 /// store.engine(),
2055 /// r#"
2056 /// (module
2057 /// (import "" "" (func $log_str (param i32 i32)))
2058 /// (func (export "foo")
2059 /// i32.const 4 ;; ptr
2060 /// i32.const 13 ;; len
2061 /// call $log_str)
2062 /// (memory (export "memory") 1)
2063 /// (data (i32.const 4) "Hello, world!"))
2064 /// "#,
2065 /// )?;
2066 ///
2067 /// let Some(module_export) = module.get_export_index("memory") else {
2068 /// bail!("failed to find `memory` export in module");
2069 /// };
2070 ///
2071 /// let log_str = Func::wrap(&mut store, move |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
2072 /// let mem = match caller.get_module_export(&module_export) {
2073 /// Some(Extern::Memory(mem)) => mem,
2074 /// _ => bail!("failed to find host memory"),
2075 /// };
2076 /// let data = mem.data(&caller)
2077 /// .get(ptr as u32 as usize..)
2078 /// .and_then(|arr| arr.get(..len as u32 as usize));
2079 /// let string = match data {
2080 /// Some(data) => match str::from_utf8(data) {
2081 /// Ok(s) => s,
2082 /// Err(_) => bail!("invalid utf-8"),
2083 /// },
2084 /// None => bail!("pointer/length out of bounds"),
2085 /// };
2086 /// assert_eq!(string, "Hello, world!");
2087 /// println!("{}", string);
2088 /// Ok(())
2089 /// });
2090 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
2091 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
2092 /// foo.call(&mut store, ())?;
2093 /// # Ok(())
2094 /// # }
2095 /// ```
get_module_export(&mut self, export: &ModuleExport) -> Option<Extern>2096 pub fn get_module_export(&mut self, export: &ModuleExport) -> Option<Extern> {
2097 self.caller.get_module_export(&mut self.store, export)
2098 }
2099
2100 /// Access the underlying data owned by this `Store`.
2101 ///
2102 /// Same as [`Store::data`](crate::Store::data)
data(&self) -> &T2103 pub fn data(&self) -> &T {
2104 self.store.data()
2105 }
2106
2107 /// Access the underlying data owned by this `Store`.
2108 ///
2109 /// Same as [`Store::data_mut`](crate::Store::data_mut)
data_mut(&mut self) -> &mut T2110 pub fn data_mut(&mut self) -> &mut T {
2111 self.store.data_mut()
2112 }
2113
2114 /// Returns the underlying [`Engine`] this store is connected to.
engine(&self) -> &Engine2115 pub fn engine(&self) -> &Engine {
2116 self.store.engine()
2117 }
2118
2119 /// Perform garbage collection.
2120 ///
2121 /// Same as [`Store::gc`](crate::Store::gc).
2122 #[cfg(feature = "gc")]
gc(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>) -> Result<()>2123 pub fn gc(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>) -> Result<()> {
2124 self.store.gc(why)
2125 }
2126
2127 /// Perform garbage collection asynchronously.
2128 ///
2129 /// Same as [`Store::gc_async`](crate::Store::gc_async).
2130 #[cfg(all(feature = "async", feature = "gc"))]
gc_async(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>) where T: Send + 'static,2131 pub async fn gc_async(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>)
2132 where
2133 T: Send + 'static,
2134 {
2135 self.store.gc_async(why).await;
2136 }
2137
2138 /// Returns the remaining fuel in the store.
2139 ///
2140 /// For more information see [`Store::get_fuel`](crate::Store::get_fuel)
get_fuel(&self) -> Result<u64>2141 pub fn get_fuel(&self) -> Result<u64> {
2142 self.store.get_fuel()
2143 }
2144
2145 /// Set the amount of fuel in this store to be consumed when executing wasm code.
2146 ///
2147 /// For more information see [`Store::set_fuel`](crate::Store::set_fuel)
set_fuel(&mut self, fuel: u64) -> Result<()>2148 pub fn set_fuel(&mut self, fuel: u64) -> Result<()> {
2149 self.store.set_fuel(fuel)
2150 }
2151
2152 /// Configures this `Store` to yield while executing futures every N units of fuel.
2153 ///
2154 /// For more information see
2155 /// [`Store::fuel_async_yield_interval`](crate::Store::fuel_async_yield_interval)
2156 #[cfg(feature = "async")]
fuel_async_yield_interval(&mut self, interval: Option<u64>) -> Result<()>2157 pub fn fuel_async_yield_interval(&mut self, interval: Option<u64>) -> Result<()> {
2158 self.store.fuel_async_yield_interval(interval)
2159 }
2160 }
2161
2162 impl<T: 'static> AsContext for Caller<'_, T> {
2163 type Data = T;
as_context(&self) -> StoreContext<'_, T>2164 fn as_context(&self) -> StoreContext<'_, T> {
2165 self.store.as_context()
2166 }
2167 }
2168
2169 impl<T: 'static> AsContextMut for Caller<'_, T> {
as_context_mut(&mut self) -> StoreContextMut<'_, T>2170 fn as_context_mut(&mut self) -> StoreContextMut<'_, T> {
2171 self.store.as_context_mut()
2172 }
2173 }
2174
2175 impl<'a, T: 'static> From<Caller<'a, T>> for StoreContextMut<'a, T> {
from(caller: Caller<'a, T>) -> Self2176 fn from(caller: Caller<'a, T>) -> Self {
2177 caller.store
2178 }
2179 }
2180
2181 /// Representation of a host-defined function.
2182 ///
2183 /// This is used for `Func::new` but also for `Linker`-defined functions. For
2184 /// `Func::new` this is stored within a `Store`, and for `Linker`-defined
2185 /// functions they wrap this up in `Arc` to enable shared ownership of this
2186 /// across many stores.
2187 ///
2188 /// Technically this structure needs a `<T>` type parameter to connect to the
2189 /// `Store<T>` itself, but that's an unsafe contract of using this for now
2190 /// rather than part of the struct type (to avoid `Func<T>` in the API).
2191 #[doc(hidden)]
2192 pub struct HostFunc {
2193 ctx: StoreBox<VMArrayCallHostFuncContext>,
2194
2195 /// Whether or not this function was defined with an `async` host function,
2196 /// meaning that it is only invocable when wasm is itself on a fiber to
2197 /// support suspension on `Poll::Pending`.
2198 ///
2199 /// This is used to propagate to an `InstancePre` and then eventually into a
2200 /// `Store` as to whether the store requires async entrypoints.
2201 asyncness: Asyncness,
2202
2203 // Stored to unregister this function's signature with the engine when this
2204 // is dropped.
2205 engine: Engine,
2206 }
2207
2208 // State stored inside a `VMArrayCallHostFuncContext`.
2209 struct HostFuncState<F> {
2210 // The actual host function.
2211 func: F,
2212
2213 // NB: We have to keep our `VMSharedTypeIndex` registered in the engine for
2214 // as long as this function exists.
2215 _ty: RegisteredType,
2216 }
2217
2218 impl core::fmt::Debug for HostFunc {
fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result2219 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
2220 f.debug_struct("HostFunc").finish_non_exhaustive()
2221 }
2222 }
2223
2224 impl HostFunc {
2225 /// Requires that the signature in `ctx` is already registered
2226 /// within `Engine`, which is done by [`Self::vmctx_sync`] and
2227 /// [`Self::vmctx_async`].
2228 ///
2229 /// This is an internal private constructor for this type intended to only
2230 /// be used by other constructors of this type below.
new_raw( engine: &Engine, ctx: StoreBox<VMArrayCallHostFuncContext>, asyncness: Asyncness, ) -> Self2231 fn new_raw(
2232 engine: &Engine,
2233 ctx: StoreBox<VMArrayCallHostFuncContext>,
2234 asyncness: Asyncness,
2235 ) -> Self {
2236 HostFunc {
2237 ctx,
2238 engine: engine.clone(),
2239 asyncness,
2240 }
2241 }
2242
2243 /// Constructor of a host function's `VMContext` for synchronous functions.
2244 ///
2245 /// This creates a `VMArrayCallHostFuncContext` which under the hood will
2246 /// be viewed as `VMContext` in the eventually created `VMFuncRef`.
vmctx_sync<F, T>( engine: &Engine, ty: FuncType, func: F, ) -> Result<StoreBox<VMArrayCallHostFuncContext>, OutOfMemory> where F: Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static, T: 'static,2247 fn vmctx_sync<F, T>(
2248 engine: &Engine,
2249 ty: FuncType,
2250 func: F,
2251 ) -> Result<StoreBox<VMArrayCallHostFuncContext>, OutOfMemory>
2252 where
2253 F: Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static,
2254 T: 'static,
2255 {
2256 assert!(ty.comes_from_same_engine(engine));
2257
2258 unsafe {
2259 VMArrayCallHostFuncContext::new(
2260 Self::array_call_trampoline::<T, F>,
2261 ty.type_index(),
2262 try_new::<Box<_>>(HostFuncState {
2263 func,
2264 _ty: ty.into_registered_type(),
2265 })?,
2266 )
2267 }
2268 }
2269
2270 /// Constructor of a host function's `VMContext` for asynchronous functions.
2271 ///
2272 /// This creates a `VMArrayCallHostFuncContext` which under the hood will
2273 /// be viewed as `VMContext` in the eventually created `VMFuncRef`.
2274 ///
2275 /// Note that `ctx: U` is forwarded directly to `func`. This is subtly
2276 /// different than closing over data in `F` because the future returned by
2277 /// `F` can't refer to any data it closes over. The purpose of `U` is to
2278 /// enable the returned future to be able to close over data generally
2279 /// captured in the closures generated here.
2280 #[cfg(feature = "async")]
vmctx_async<F, T, U>( engine: &Engine, ty: FuncType, ctx: U, func: F, ) -> Result<StoreBox<VMArrayCallHostFuncContext>, OutOfMemory> where F: for<'a> Fn( Caller<'a, T>, &'a mut [MaybeUninit<ValRaw>], &'a U, ) -> Box<dyn Future<Output = Result<()>> + Send + 'a> + Send + Sync + 'static, T: 'static, U: Send + Sync + 'static,2281 fn vmctx_async<F, T, U>(
2282 engine: &Engine,
2283 ty: FuncType,
2284 ctx: U,
2285 func: F,
2286 ) -> Result<StoreBox<VMArrayCallHostFuncContext>, OutOfMemory>
2287 where
2288 F: for<'a> Fn(
2289 Caller<'a, T>,
2290 &'a mut [MaybeUninit<ValRaw>],
2291 &'a U,
2292 ) -> Box<dyn Future<Output = Result<()>> + Send + 'a>
2293 + Send
2294 + Sync
2295 + 'static,
2296 T: 'static,
2297 U: Send + Sync + 'static,
2298 {
2299 // Eventually we want to remove `with_blocking` + `block_on` from
2300 // Wasmtime. For now this is the attempt to keep it as low-level as
2301 // possible.
2302 //
2303 // Generally it's a lie to run async things on top of sync things and
2304 // it's caused many headaches. For now it's the best that can be done.
2305 Self::vmctx_sync(engine, ty, move |Caller { store, caller }, args| {
2306 store.with_blocking(|store, cx| {
2307 cx.block_on(core::pin::Pin::from(func(
2308 Caller { store, caller },
2309 args,
2310 &ctx,
2311 )))
2312 })?
2313 })
2314 }
2315
2316 /// Entrypoint of WebAssembly back into the host.
2317 ///
2318 /// This is the standard wasmtime "array call signature" which then
2319 /// delegates internally to the host. This assumes that `callee_vmctx` is a
2320 /// `VMArrayCallHostFuncContext` which was built above with
2321 /// `HostFuncState<F>` internally. This internal function is then used to
2322 /// dispatch based on the arguments.
2323 ///
2324 /// Details handled by this wrapper are:
2325 ///
2326 /// * Host panics are handled (`enter_host_from_wasm`)
2327 /// * `F` is loaded from `callee_vmctx`
2328 /// * `Caller` is constructed to pass to `F`
2329 /// * A GC LIFO scope is maintained around the execution of `F`.
2330 /// * Call hooks for entering/leaving the host are maintained.
array_call_trampoline<T, F>( callee_vmctx: NonNull<VMOpaqueContext>, caller_vmctx: NonNull<VMContext>, args: NonNull<ValRaw>, args_len: usize, ) -> bool where F: Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + 'static, T: 'static,2331 unsafe extern "C" fn array_call_trampoline<T, F>(
2332 callee_vmctx: NonNull<VMOpaqueContext>,
2333 caller_vmctx: NonNull<VMContext>,
2334 args: NonNull<ValRaw>,
2335 args_len: usize,
2336 ) -> bool
2337 where
2338 F: Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + 'static,
2339 T: 'static,
2340 {
2341 let run = |store: &mut dyn crate::vm::VMStore, instance: InstanceId| {
2342 // SAFETY: correct usage of this trampoline requires correct
2343 // ascription of `T`, so it's the caller's responsibility to line
2344 // this up.
2345 let mut store = unsafe { store.unchecked_context_mut() };
2346
2347 // Handle the entry call hook, with a corresponding exit call hook
2348 // below.
2349 store.0.call_hook(CallHook::CallingHost)?;
2350
2351 // SAFETY: this function itself requires that the `vmctx` is
2352 // valid to use here.
2353 let state = unsafe {
2354 let vmctx = VMArrayCallHostFuncContext::from_opaque(callee_vmctx);
2355 vmctx.as_ref().host_state()
2356 };
2357
2358 // Double-check ourselves in debug mode, but we control the
2359 // `Any` here so an unsafe downcast should also work.
2360 //
2361 // SAFETY: this function is only usable with `F`.
2362 let state = unsafe {
2363 debug_assert!(state.is::<HostFuncState<F>>());
2364 &*(state as *const _ as *const HostFuncState<F>)
2365 };
2366
2367 let (gc_lifo_scope, ret) = {
2368 let gc_lifo_scope = store.0.gc_roots().enter_lifo_scope();
2369
2370 let mut args = NonNull::slice_from_raw_parts(args.cast(), args_len);
2371 // SAFETY: it's a contract of this function itself that the values
2372 // provided are valid to view as a slice.
2373 let args = unsafe { args.as_mut() };
2374
2375 let ret = (state.func)(
2376 Caller {
2377 caller: Instance::from_wasmtime(instance, store.0),
2378 store: store.as_context_mut(),
2379 },
2380 args,
2381 );
2382
2383 (gc_lifo_scope, ret)
2384 };
2385
2386 store.0.exit_gc_lifo_scope(gc_lifo_scope);
2387
2388 // Note that if this returns a trap then `ret` is discarded
2389 // entirely.
2390 store.0.call_hook(CallHook::ReturningFromHost)?;
2391
2392 ret
2393 };
2394
2395 // SAFETY: this is an entrypoint of wasm which requires correct type
2396 // ascription of `T` itself, meaning that this should be safe to call
2397 // both `enter_host_from_wasm` as well as `unchecked_context_mut`.
2398 unsafe { vm::Instance::enter_host_from_wasm(caller_vmctx, run) }
2399 }
2400 /// Analog of [`Func::new_unchecked`]
2401 ///
2402 /// # Panics
2403 ///
2404 /// Panics if the given function type is not associated with the given
2405 /// engine.
2406 ///
2407 /// # Safety
2408 ///
2409 /// The `func` provided must operate according to the `ty` provided to
2410 /// ensure it's reading the correctly-typed parameters and writing the
2411 /// correctly-typed results.
new_unchecked<T>( engine: &Engine, ty: FuncType, func: impl Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static, ) -> Result<Self, OutOfMemory> where T: 'static,2412 pub unsafe fn new_unchecked<T>(
2413 engine: &Engine,
2414 ty: FuncType,
2415 func: impl Fn(Caller<'_, T>, &mut [MaybeUninit<ValRaw>]) -> Result<()> + Send + Sync + 'static,
2416 ) -> Result<Self, OutOfMemory>
2417 where
2418 T: 'static,
2419 {
2420 Ok(HostFunc::new_raw(
2421 engine,
2422 Self::vmctx_sync(engine, ty, func)?,
2423 Asyncness::No,
2424 ))
2425 }
2426
2427 /// Analog of [`Func::new`]
2428 ///
2429 /// # Panics
2430 ///
2431 /// Panics if the given function type is not associated with the given
2432 /// engine.
new<T>( engine: &Engine, ty: FuncType, func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static, ) -> Result<Self, OutOfMemory> where T: 'static,2433 pub fn new<T>(
2434 engine: &Engine,
2435 ty: FuncType,
2436 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
2437 ) -> Result<Self, OutOfMemory>
2438 where
2439 T: 'static,
2440 {
2441 // NB: this is "duplicated" below in `new_async`, so try to keep the
2442 // two in sync.
2443 Ok(HostFunc::new_raw(
2444 engine,
2445 Self::vmctx_sync(engine, ty.clone(), move |mut caller, values| {
2446 // SAFETY: Wasmtime in general provides the guarantee that
2447 // `values` matches `ty`, so this should be safe.
2448 let mut vec = unsafe { Self::load_untyped_params(caller.store.0, &ty, values) };
2449 let (params, results) = vec.split_at_mut(ty.params().len());
2450 func(caller.sub_caller(), params, results)?;
2451 Self::store_untyped_results(caller.store, &ty, vec, values)
2452 })?,
2453 Asyncness::No,
2454 ))
2455 }
2456
2457 /// Analog of [`Func::new_async`]
2458 ///
2459 /// # Panics
2460 ///
2461 /// Panics if the given function type is not associated with the given
2462 /// engine.
2463 #[cfg(feature = "async")]
new_async<T, F>(engine: &Engine, ty: FuncType, func: F) -> Result<Self, OutOfMemory> where F: for<'a> Fn( Caller<'a, T>, &'a [Val], &'a mut [Val], ) -> Box<dyn Future<Output = Result<()>> + Send + 'a> + Send + Sync + 'static, T: Send + 'static,2464 pub fn new_async<T, F>(engine: &Engine, ty: FuncType, func: F) -> Result<Self, OutOfMemory>
2465 where
2466 F: for<'a> Fn(
2467 Caller<'a, T>,
2468 &'a [Val],
2469 &'a mut [Val],
2470 ) -> Box<dyn Future<Output = Result<()>> + Send + 'a>
2471 + Send
2472 + Sync
2473 + 'static,
2474 T: Send + 'static,
2475 {
2476 // NB: this is "duplicated" above in `new`, so try to keep the two in
2477 // sync.
2478 Ok(HostFunc::new_raw(
2479 engine,
2480 Self::vmctx_async(
2481 engine,
2482 ty.clone(),
2483 (ty, func),
2484 move |mut caller, values, (ty, func)| {
2485 Box::new(async move {
2486 // SAFETY: Wasmtime in general provides the guarantee that
2487 // `values` matches `ty`, so this should be safe.
2488 let mut vec =
2489 unsafe { Self::load_untyped_params(caller.store.0, &ty, values) };
2490 let (params, results) = vec.split_at_mut(ty.params().len());
2491 core::pin::Pin::from(func(caller.sub_caller(), params, results)).await?;
2492 Self::store_untyped_results(caller.store, &ty, vec, values)
2493 })
2494 },
2495 )?,
2496 Asyncness::Yes,
2497 ))
2498 }
2499
2500 /// Loads the the parameters of `ty` from `params` into a vector.
2501 ///
2502 /// This additionally pushes space onto the vector for all results to split
2503 /// the vector into params/results halves.
2504 ///
2505 /// # Safety
2506 ///
2507 /// Requires that `params` matches the parameters loaded by `P`.
load_untyped_params( store: &mut StoreOpaque, ty: &FuncType, params: &mut [MaybeUninit<ValRaw>], ) -> Vec<Val>2508 unsafe fn load_untyped_params(
2509 store: &mut StoreOpaque,
2510 ty: &FuncType,
2511 params: &mut [MaybeUninit<ValRaw>],
2512 ) -> Vec<Val> {
2513 let mut val_vec = store.take_hostcall_val_storage();
2514 debug_assert!(val_vec.is_empty());
2515 let nparams = ty.params().len();
2516 val_vec.reserve(nparams + ty.results().len());
2517 let mut store = AutoAssertNoGc::new(store);
2518 for (i, ty) in ty.params().enumerate() {
2519 val_vec.push(unsafe { Val::_from_raw(&mut store, params[i].assume_init(), &ty) })
2520 }
2521
2522 val_vec.extend((0..ty.results().len()).map(|_| Val::null_func_ref()));
2523 val_vec
2524 }
2525
2526 /// Stores the results, at the end of `args_then_results` according to `ty`,
2527 /// into `storage`.
store_untyped_results<T>( mut store: StoreContextMut<'_, T>, ty: &FuncType, mut args_then_results: Vec<Val>, storage: &mut [MaybeUninit<ValRaw>], ) -> Result<()>2528 fn store_untyped_results<T>(
2529 mut store: StoreContextMut<'_, T>,
2530 ty: &FuncType,
2531 mut args_then_results: Vec<Val>,
2532 storage: &mut [MaybeUninit<ValRaw>],
2533 ) -> Result<()> {
2534 // Unlike our arguments we need to dynamically check that the return
2535 // values produced are correct. There could be a bug in `func` that
2536 // produces the wrong number, wrong types, or wrong stores of
2537 // values, and we need to catch that here.
2538 let results = &args_then_results[ty.params().len()..];
2539 for (i, (ret, ty)) in results.iter().zip(ty.results()).enumerate() {
2540 ret.ensure_matches_ty(store.0, &ty)
2541 .context("function attempted to return an incompatible value")?;
2542 storage[i].write(ret.to_raw(store.as_context_mut())?);
2543 }
2544
2545 // Restore our `val_vec` back into the store so it's usable for the next
2546 // hostcall to reuse our own storage.
2547 args_then_results.truncate(0);
2548 store.0.save_hostcall_val_storage(args_then_results);
2549 Ok(())
2550 }
2551
2552 /// Analog of [`Func::wrap`]
wrap<T, F, P, R>(engine: &Engine, func: F) -> Result<Self, OutOfMemory> where F: Fn(Caller<'_, T>, P) -> R + Send + Sync + 'static, P: WasmTyList, R: WasmRet, T: 'static,2553 pub fn wrap<T, F, P, R>(engine: &Engine, func: F) -> Result<Self, OutOfMemory>
2554 where
2555 F: Fn(Caller<'_, T>, P) -> R + Send + Sync + 'static,
2556 P: WasmTyList,
2557 R: WasmRet,
2558 T: 'static,
2559 {
2560 // NB: this entire function is "duplicated" below in `wrap_async`, so
2561 // try to keep the two in sync.
2562 let ty = R::func_type(engine, None::<ValType>.into_iter().chain(P::valtypes()))?;
2563
2564 let ctx = Self::vmctx_sync(engine, ty, move |mut caller, args| {
2565 // SAFETY: `args` matching `ty` is provided by `HostFunc` and
2566 // wasmtime's ambient correctness.
2567 let params = unsafe { Self::load_typed_params(caller.store.0, args) };
2568 let ret = func(caller.sub_caller(), params).into_fallible();
2569 // SAFETY: `args` matching `ty` is provided by `HostFunc` and
2570 // wasmtime's ambient correctness.
2571 unsafe { Self::store_typed_results(caller.store.0, ret, args) }
2572 })?;
2573 Ok(HostFunc::new_raw(engine, ctx, Asyncness::No))
2574 }
2575
2576 /// Analog of [`Func::wrap_async`]
2577 #[cfg(feature = "async")]
wrap_async<T, F, P, R>(engine: &Engine, func: F) -> Result<Self, OutOfMemory> where F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a> + Send + Sync + 'static, P: WasmTyList, R: WasmRet, T: Send + 'static,2578 pub fn wrap_async<T, F, P, R>(engine: &Engine, func: F) -> Result<Self, OutOfMemory>
2579 where
2580 F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a>
2581 + Send
2582 + Sync
2583 + 'static,
2584 P: WasmTyList,
2585 R: WasmRet,
2586 T: Send + 'static,
2587 {
2588 // NB: this entire function is "duplicated" above in `wrap`, so try to
2589 // keep the two in sync.
2590 let ty = R::func_type(engine, None::<ValType>.into_iter().chain(P::valtypes()))?;
2591
2592 let ctx = Self::vmctx_async(engine, ty, func, move |mut caller, args, func| {
2593 Box::new(async move {
2594 // SAFETY: `args` matching `ty` is provided by `HostFunc` and
2595 // wasmtime's ambient correctness.
2596 let params = unsafe { Self::load_typed_params(caller.store.0, args) };
2597 let ret = core::pin::Pin::from(func(caller.sub_caller(), params)).await;
2598 // SAFETY: `args` matching `ty` is provided by `HostFunc` and
2599 // wasmtime's ambient correctness.
2600 unsafe { Self::store_typed_results(caller.store.0, ret.into_fallible(), args) }
2601 })
2602 })?;
2603 Ok(HostFunc::new_raw(engine, ctx, Asyncness::Yes))
2604 }
2605
2606 /// Loads the typed parameters from `params`
2607 ///
2608 /// # Safety
2609 ///
2610 /// Requires that `params` matches the parameters loaded by `P`.
load_typed_params<P>(store: &mut StoreOpaque, params: &mut [MaybeUninit<ValRaw>]) -> P where P: WasmTyList,2611 unsafe fn load_typed_params<P>(store: &mut StoreOpaque, params: &mut [MaybeUninit<ValRaw>]) -> P
2612 where
2613 P: WasmTyList,
2614 {
2615 let mut store = if P::may_gc() {
2616 AutoAssertNoGc::new(store)
2617 } else {
2618 unsafe { AutoAssertNoGc::disabled(store) }
2619 };
2620 // SAFETY: this function's own safety contract is the same as `P::load`.
2621 unsafe { P::load(&mut store, params) }
2622 }
2623
2624 /// Stores the results of `R` into the array provided.
2625 ///
2626 /// # Safety
2627 ///
2628 /// Requires that `ret` matches the result `storage` space. See `WasmRet`
2629 /// for more safety info.
store_typed_results<R>( store: &mut StoreOpaque, ret: R, storage: &mut [MaybeUninit<ValRaw>], ) -> Result<()> where R: WasmRet,2630 unsafe fn store_typed_results<R>(
2631 store: &mut StoreOpaque,
2632 ret: R,
2633 storage: &mut [MaybeUninit<ValRaw>],
2634 ) -> Result<()>
2635 where
2636 R: WasmRet,
2637 {
2638 ensure!(
2639 ret.compatible_with_store(store),
2640 "host function attempted to return cross-`Store` value to Wasm",
2641 );
2642
2643 let mut store = if R::may_gc() {
2644 AutoAssertNoGc::new(store)
2645 } else {
2646 unsafe { AutoAssertNoGc::disabled(store) }
2647 };
2648 // SAFETY: this safety contract is the same as this own function's
2649 // safety contract.
2650 unsafe {
2651 ret.store(&mut store, storage)?;
2652 }
2653 Ok(())
2654 }
2655
2656 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2657 /// it.
2658 ///
2659 /// # Unsafety
2660 ///
2661 /// Can only be inserted into stores with a matching `T` relative to when
2662 /// this `HostFunc` was first created.
to_func(self: &Arc<Self>, store: &mut StoreOpaque) -> Result<Func, OutOfMemory>2663 pub unsafe fn to_func(self: &Arc<Self>, store: &mut StoreOpaque) -> Result<Func, OutOfMemory> {
2664 self.validate_store(store);
2665 let (funcrefs, modules) = store.func_refs_and_modules();
2666 let funcref = funcrefs.push_arc_host(self.clone(), modules)?;
2667 // SAFETY: this funcref was just pushed within the store, so it's safe
2668 // to say this store owns it.
2669 Ok(unsafe { Func::from_vm_func_ref(store.id(), funcref) })
2670 }
2671
2672 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2673 /// it.
2674 ///
2675 /// This function is similar to, but not equivalent, to `HostFunc::to_func`.
2676 /// Notably this function requires that the `Arc<Self>` pointer is otherwise
2677 /// rooted within the `StoreOpaque` via another means. When in doubt use
2678 /// `to_func` above as it's safer.
2679 ///
2680 /// # Unsafety
2681 ///
2682 /// Can only be inserted into stores with a matching `T` relative to when
2683 /// this `HostFunc` was first created.
2684 ///
2685 /// Additionally the `&Arc<Self>` is not cloned in this function. Instead a
2686 /// raw pointer to `Self` is stored within the `Store` for this function.
2687 /// The caller must arrange for the `Arc<Self>` to be "rooted" in the store
2688 /// provided via another means, probably by pushing to
2689 /// `StoreOpaque::rooted_host_funcs`.
2690 ///
2691 /// Similarly, the caller must arrange for `rooted_func_ref` to be rooted in
2692 /// the same store and additionally be a valid pointer.
to_func_store_rooted( self: &Arc<Self>, store: &mut StoreOpaque, rooted_func_ref: Option<NonNull<VMFuncRef>>, ) -> Func2693 pub unsafe fn to_func_store_rooted(
2694 self: &Arc<Self>,
2695 store: &mut StoreOpaque,
2696 rooted_func_ref: Option<NonNull<VMFuncRef>>,
2697 ) -> Func {
2698 self.validate_store(store);
2699
2700 match rooted_func_ref {
2701 Some(funcref) => {
2702 // SAFETY: it's a contract of this function itself that
2703 // `funcref` is safe to read.
2704 unsafe {
2705 debug_assert!(funcref.as_ref().wasm_call.is_some());
2706 }
2707 // SAFETY: it's a contract of this function that `funcref` is
2708 // owned by `store`.
2709 unsafe { Func::from_vm_func_ref(store.id(), funcref) }
2710 }
2711 None => {
2712 debug_assert!(self.func_ref().wasm_call.is_some());
2713
2714 // SAFETY: it's an unsafe contract of this function that we are
2715 // rooted within the store to say that the store owns a copy of
2716 // this funcref.
2717 unsafe { Func::from_vm_func_ref(store.id(), self.func_ref().into()) }
2718 }
2719 }
2720 }
2721
2722 /// Same as [`HostFunc::to_func`], different ownership.
into_func(self, store: &mut StoreOpaque) -> Result<Func, OutOfMemory>2723 unsafe fn into_func(self, store: &mut StoreOpaque) -> Result<Func, OutOfMemory> {
2724 self.validate_store(store);
2725
2726 // This function could be called by a guest at any time, and it requires
2727 // fibers, so the store now required async entrypoints.
2728 store.set_async_required(self.asyncness);
2729
2730 let (funcrefs, modules) = store.func_refs_and_modules();
2731 let funcref = funcrefs.push_box_host(try_new::<Box<_>>(self)?, modules)?;
2732 // SAFETY: this funcref was just pushed within `store`, so it's safe to
2733 // say it's owned by the store's id.
2734 Ok(unsafe { Func::from_vm_func_ref(store.id(), funcref) })
2735 }
2736
validate_store(&self, store: &mut StoreOpaque)2737 fn validate_store(&self, store: &mut StoreOpaque) {
2738 // This assert is required to ensure that we can indeed safely insert
2739 // `self` into the `store` provided, otherwise the type information we
2740 // have listed won't be correct. This is possible to hit with the public
2741 // API of Wasmtime, and should be documented in relevant functions.
2742 assert!(
2743 Engine::same(&self.engine, store.engine()),
2744 "cannot use a store with a different engine than a linker was created with",
2745 );
2746 }
2747
sig_index(&self) -> VMSharedTypeIndex2748 pub(crate) fn sig_index(&self) -> VMSharedTypeIndex {
2749 self.func_ref().type_index
2750 }
2751
func_ref(&self) -> &VMFuncRef2752 pub(crate) fn func_ref(&self) -> &VMFuncRef {
2753 unsafe { self.ctx.get().as_ref().func_ref() }
2754 }
2755
asyncness(&self) -> Asyncness2756 pub(crate) fn asyncness(&self) -> Asyncness {
2757 self.asyncness
2758 }
2759 }
2760
2761 #[cfg(test)]
2762 mod tests {
2763 use super::*;
2764 use crate::{Module, Store};
2765
2766 #[test]
2767 #[cfg_attr(miri, ignore)]
hash_key_is_stable_across_duplicate_store_data_entries() -> Result<()>2768 fn hash_key_is_stable_across_duplicate_store_data_entries() -> Result<()> {
2769 let mut store = Store::<()>::default();
2770 let module = Module::new(
2771 store.engine(),
2772 r#"
2773 (module
2774 (func (export "f")
2775 nop
2776 )
2777 )
2778 "#,
2779 )?;
2780 let instance = Instance::new(&mut store, &module, &[])?;
2781
2782 // Each time we `get_func`, we call `Func::from_wasmtime` which adds a
2783 // new entry to `StoreData`, so `f1` and `f2` will have different
2784 // indices into `StoreData`.
2785 let f1 = instance.get_func(&mut store, "f").unwrap();
2786 let f2 = instance.get_func(&mut store, "f").unwrap();
2787
2788 // But their hash keys are the same.
2789 assert!(
2790 f1.hash_key(&mut store.as_context_mut().0)
2791 == f2.hash_key(&mut store.as_context_mut().0)
2792 );
2793
2794 // But the hash keys are different from different funcs.
2795 let instance2 = Instance::new(&mut store, &module, &[])?;
2796 let f3 = instance2.get_func(&mut store, "f").unwrap();
2797 assert!(
2798 f1.hash_key(&mut store.as_context_mut().0)
2799 != f3.hash_key(&mut store.as_context_mut().0)
2800 );
2801
2802 Ok(())
2803 }
2804 }
2805