wasmtime/engine.rs
1use crate::Config;
2use crate::RRConfig;
3use crate::prelude::*;
4#[cfg(feature = "runtime")]
5pub use crate::runtime::code_memory::CustomCodeMemory;
6#[cfg(feature = "runtime")]
7use crate::runtime::type_registry::TypeRegistry;
8#[cfg(feature = "runtime")]
9use crate::runtime::vm::{GcRuntime, ModuleRuntimeInfo};
10use alloc::sync::Arc;
11use core::ptr::NonNull;
12#[cfg(target_has_atomic = "64")]
13use core::sync::atomic::{AtomicU64, Ordering};
14#[cfg(any(feature = "cranelift", feature = "winch"))]
15use object::write::{Object, StandardSegment};
16#[cfg(feature = "std")]
17use std::{fs::File, path::Path};
18use wasmparser::WasmFeatures;
19use wasmtime_environ::{FlagValue, ObjectKind, TripleExt, Tunables};
20
21mod serialization;
22
23/// An `Engine` which is a global context for compilation and management of wasm
24/// modules.
25///
26/// An engine can be safely shared across threads and is a cheap cloneable
27/// handle to the actual engine. The engine itself will be deallocated once all
28/// references to it have gone away.
29///
30/// Engines store global configuration preferences such as compilation settings,
31/// enabled features, etc. You'll likely only need at most one of these for a
32/// program.
33///
34/// ## Engines and `Clone`
35///
36/// Using `clone` on an `Engine` is a cheap operation. It will not create an
37/// entirely new engine, but rather just a new reference to the existing engine.
38/// In other words it's a shallow copy, not a deep copy.
39///
40/// ## Engines and `Default`
41///
42/// You can create an engine with default configuration settings using
43/// `Engine::default()`. Be sure to consult the documentation of [`Config`] for
44/// default settings.
45#[derive(Clone)]
46pub struct Engine {
47 inner: Arc<EngineInner>,
48}
49
50struct EngineInner {
51 config: Config,
52 features: WasmFeatures,
53 tunables: Tunables,
54 #[cfg(any(feature = "cranelift", feature = "winch"))]
55 compiler: Option<Box<dyn wasmtime_environ::Compiler>>,
56 #[cfg(feature = "runtime")]
57 allocator: Box<dyn crate::runtime::vm::InstanceAllocator + Send + Sync>,
58 #[cfg(feature = "runtime")]
59 gc_runtime: Option<Arc<dyn GcRuntime>>,
60 #[cfg(feature = "runtime")]
61 profiler: Box<dyn crate::profiling_agent::ProfilingAgent>,
62 #[cfg(feature = "runtime")]
63 signatures: TypeRegistry,
64 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
65 epoch: AtomicU64,
66
67 /// One-time check of whether the compiler's settings, if present, are
68 /// compatible with the native host.
69 compatible_with_native_host: crate::sync::OnceLock<Result<(), String>>,
70
71 /// The canonical empty `ModuleRuntimeInfo`, so that each store doesn't need
72 /// allocate its own copy when creating its default caller instance or GC
73 /// heap.
74 #[cfg(feature = "runtime")]
75 empty_module_runtime_info: ModuleRuntimeInfo,
76}
77
78impl core::fmt::Debug for Engine {
79 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
80 f.debug_tuple("Engine")
81 .field(&Arc::as_ptr(&self.inner))
82 .finish()
83 }
84}
85
86impl Default for Engine {
87 fn default() -> Engine {
88 Engine::new(&Config::default()).unwrap()
89 }
90}
91
92impl Engine {
93 /// Creates a new [`Engine`] with the specified compilation and
94 /// configuration settings.
95 ///
96 /// # Errors
97 ///
98 /// This method can fail if the `config` is invalid or some
99 /// configurations are incompatible.
100 ///
101 /// For example, feature `reference_types` will need to set
102 /// the compiler setting `unwind_info` to `true`, but explicitly
103 /// disable these two compiler settings will cause errors.
104 ///
105 /// This function will return an [`OutOfMemory`][crate::OutOfMemory] error when
106 /// memory allocation fails. See the `OutOfMemory` type's documentation for
107 /// details on Wasmtime's out-of-memory handling.
108 pub fn new(config: &Config) -> Result<Engine> {
109 let config = config.clone();
110 let (mut tunables, features) = config.validate()?;
111
112 #[cfg(feature = "runtime")]
113 if tunables.signals_based_traps {
114 // Ensure that crate::runtime::vm's signal handlers are
115 // configured. This is the per-program initialization required for
116 // handling traps, such as configuring signals, vectored exception
117 // handlers, etc.
118 #[cfg(has_native_signals)]
119 crate::runtime::vm::init_traps(config.macos_use_mach_ports);
120 if !cfg!(miri) {
121 #[cfg(all(has_host_compiler_backend, feature = "debug-builtins"))]
122 crate::runtime::vm::debug_builtins::init();
123 }
124 }
125
126 #[cfg(any(feature = "cranelift", feature = "winch"))]
127 let (config, compiler) = if config.has_compiler() {
128 let (config, compiler) = config.build_compiler(&mut tunables, features)?;
129 (config, Some(compiler))
130 } else {
131 (config.clone(), None)
132 };
133 #[cfg(not(any(feature = "cranelift", feature = "winch")))]
134 let _ = &mut tunables;
135
136 #[cfg(feature = "runtime")]
137 let empty_module_runtime_info = ModuleRuntimeInfo::bare(try_new(
138 wasmtime_environ::Module::new(wasmtime_environ::StaticModuleIndex::from_u32(0)),
139 )?)?;
140
141 Ok(Engine {
142 inner: try_new::<Arc<_>>(EngineInner {
143 #[cfg(any(feature = "cranelift", feature = "winch"))]
144 compiler,
145 #[cfg(feature = "runtime")]
146 allocator: {
147 let allocator = config.build_allocator(&tunables)?;
148 #[cfg(feature = "gc")]
149 {
150 let mem_ty = tunables.gc_heap_memory_type();
151 allocator.validate_memory(&mem_ty).context(
152 "instance allocator cannot support configured GC heap memory",
153 )?;
154 }
155 allocator
156 },
157 #[cfg(feature = "runtime")]
158 gc_runtime: config.build_gc_runtime()?,
159 #[cfg(feature = "runtime")]
160 profiler: config.build_profiler()?,
161 #[cfg(feature = "runtime")]
162 signatures: TypeRegistry::new(),
163 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
164 epoch: AtomicU64::new(0),
165 compatible_with_native_host: Default::default(),
166 config,
167 tunables,
168 features,
169 #[cfg(feature = "runtime")]
170 empty_module_runtime_info,
171 })?,
172 })
173 }
174
175 /// Returns the configuration settings that this engine is using.
176 #[inline]
177 pub fn config(&self) -> &Config {
178 &self.inner.config
179 }
180
181 #[inline]
182 pub(crate) fn features(&self) -> WasmFeatures {
183 self.inner.features
184 }
185
186 pub(crate) fn run_maybe_parallel<
187 A: Send,
188 B: Send,
189 E: Send,
190 F: Fn(A) -> Result<B, E> + Send + Sync,
191 >(
192 &self,
193 input: Vec<A>,
194 f: F,
195 ) -> Result<Vec<B>, E> {
196 if self.config().parallel_compilation {
197 #[cfg(feature = "parallel-compilation")]
198 {
199 use rayon::prelude::*;
200 // If we collect into Result<Vec<B>, E> directly, the returned error is not
201 // deterministic, because any error could be returned early. So we first materialize
202 // all results in order and then return the first error deterministically, or Ok(_).
203 return input
204 .into_par_iter()
205 .map(|a| f(a))
206 .collect::<Vec<Result<B, E>>>()
207 .into_iter()
208 .collect::<Result<Vec<B>, E>>();
209 }
210 }
211
212 // In case the parallel-compilation feature is disabled or the parallel_compilation config
213 // was turned off dynamically fallback to the non-parallel version.
214 input
215 .into_iter()
216 .map(|a| f(a))
217 .collect::<Result<Vec<B>, E>>()
218 }
219
220 #[cfg(any(feature = "cranelift", feature = "winch"))]
221 pub(crate) fn run_maybe_parallel_mut<
222 T: Send,
223 E: Send,
224 F: Fn(&mut T) -> Result<(), E> + Send + Sync,
225 >(
226 &self,
227 input: &mut [T],
228 f: F,
229 ) -> Result<(), E> {
230 if self.config().parallel_compilation {
231 #[cfg(feature = "parallel-compilation")]
232 {
233 use rayon::prelude::*;
234 // If we collect into `Result<(), E>` directly, the returned
235 // error is not deterministic, because any error could be
236 // returned early. So we first materialize all results in order
237 // and then return the first error deterministically, or
238 // `Ok(_)`.
239 return input
240 .into_par_iter()
241 .map(|a| f(a))
242 .collect::<Vec<Result<(), E>>>()
243 .into_iter()
244 .collect::<Result<(), E>>();
245 }
246 }
247
248 // In case the parallel-compilation feature is disabled or the
249 // parallel_compilation config was turned off dynamically fallback to
250 // the non-parallel version.
251 input.into_iter().map(|a| f(a)).collect::<Result<(), E>>()
252 }
253
254 /// Take a weak reference to this engine.
255 pub fn weak(&self) -> EngineWeak {
256 EngineWeak {
257 inner: Arc::downgrade(&self.inner),
258 }
259 }
260
261 #[inline]
262 pub(crate) fn tunables(&self) -> &Tunables {
263 &self.inner.tunables
264 }
265
266 /// Returns whether the engine `a` and `b` refer to the same configuration.
267 #[inline]
268 pub fn same(a: &Engine, b: &Engine) -> bool {
269 Arc::ptr_eq(&a.inner, &b.inner)
270 }
271
272 /// Returns whether the engine is configured to support execution recording
273 #[inline]
274 pub fn is_recording(&self) -> bool {
275 match self.config().rr_config {
276 #[cfg(feature = "rr")]
277 RRConfig::Recording => true,
278 #[cfg(feature = "rr")]
279 RRConfig::Replaying => false,
280 RRConfig::None => false,
281 }
282 }
283
284 /// Returns whether the engine is configured to support execution replaying
285 #[inline]
286 pub fn is_replaying(&self) -> bool {
287 match self.config().rr_config {
288 #[cfg(feature = "rr")]
289 RRConfig::Replaying => true,
290 #[cfg(feature = "rr")]
291 RRConfig::Recording => false,
292 RRConfig::None => false,
293 }
294 }
295
296 /// Detects whether the bytes provided are a precompiled object produced by
297 /// Wasmtime.
298 ///
299 /// This function will inspect the header of `bytes` to determine if it
300 /// looks like a precompiled core wasm module or a precompiled component.
301 /// This does not validate the full structure or guarantee that
302 /// deserialization will succeed, instead it helps higher-levels of the
303 /// stack make a decision about what to do next when presented with the
304 /// `bytes` as an input module.
305 ///
306 /// If the `bytes` looks like a precompiled object previously produced by
307 /// [`Module::serialize`](crate::Module::serialize),
308 /// [`Component::serialize`](crate::component::Component::serialize),
309 /// [`Engine::precompile_module`], or [`Engine::precompile_component`], then
310 /// this will return `Some(...)` indicating so. Otherwise `None` is
311 /// returned.
312 pub fn detect_precompiled(bytes: &[u8]) -> Option<Precompiled> {
313 serialization::detect_precompiled_bytes(bytes)
314 }
315
316 /// Like [`Engine::detect_precompiled`], but performs the detection on a file.
317 #[cfg(feature = "std")]
318 pub fn detect_precompiled_file(path: impl AsRef<Path>) -> Result<Option<Precompiled>> {
319 serialization::detect_precompiled_file(path)
320 }
321
322 /// Returns the target triple which this engine is compiling code for
323 /// and/or running code for.
324 pub(crate) fn target(&self) -> target_lexicon::Triple {
325 return self.config().compiler_target();
326 }
327
328 /// Verify that this engine's configuration is compatible with loading
329 /// modules onto the native host platform.
330 ///
331 /// This method is used as part of `Module::new` to ensure that this
332 /// engine can indeed load modules for the configured compiler (if any).
333 /// Note that if cranelift is disabled this trivially returns `Ok` because
334 /// loaded serialized modules are checked separately.
335 pub(crate) fn check_compatible_with_native_host(&self) -> Result<()> {
336 self.inner
337 .compatible_with_native_host
338 .get_or_init(|| self._check_compatible_with_native_host())
339 .clone()
340 .map_err(crate::Error::msg)
341 }
342
343 fn _check_compatible_with_native_host(&self) -> Result<(), String> {
344 use target_lexicon::Triple;
345
346 let host = Triple::host();
347 let target = self.config().compiler_target();
348
349 let target_matches_host = || {
350 // If the host target and target triple match, then it's valid
351 // to run results of compilation on this host.
352 if host == target {
353 return true;
354 }
355
356 // If there's a mismatch and the target is a compatible pulley
357 // target, then that's also ok to run.
358 if cfg!(feature = "pulley")
359 && target.is_pulley()
360 && target.pointer_width() == host.pointer_width()
361 && target.endianness() == host.endianness()
362 {
363 return true;
364 }
365
366 // ... otherwise everything else is considered not a match.
367 false
368 };
369
370 if !target_matches_host() {
371 return Err(format!(
372 "target '{target}' specified in the configuration does not match the host"
373 ));
374 }
375
376 #[cfg(any(feature = "cranelift", feature = "winch"))]
377 {
378 if let Some(compiler) = self.compiler() {
379 // Also double-check all compiler settings
380 for (key, value) in compiler.flags().iter() {
381 self.check_compatible_with_shared_flag(key, value)?;
382 }
383 for (key, value) in compiler.isa_flags().iter() {
384 self.check_compatible_with_isa_flag(key, value)?;
385 }
386 }
387 }
388
389 // Double-check that this configuration isn't requesting capabilities
390 // that this build of Wasmtime doesn't support.
391 if !cfg!(has_native_signals) && self.tunables().signals_based_traps {
392 return Err("signals-based-traps disabled at compile time -- cannot be enabled".into());
393 }
394 if !cfg!(has_virtual_memory) && self.tunables().memory_init_cow {
395 return Err("virtual memory disabled at compile time -- cannot enable CoW".into());
396 }
397 if !cfg!(target_has_atomic = "64") && self.tunables().epoch_interruption {
398 return Err("epochs currently require 64-bit atomics".into());
399 }
400
401 // Double-check that the host's float ABI matches Cranelift's float ABI.
402 // See `Config::x86_float_abi_ok` for some more
403 // information.
404 if target == target_lexicon::triple!("x86_64-unknown-none")
405 && self.config().x86_float_abi_ok != Some(true)
406 {
407 return Err("\
408the x86_64-unknown-none target by default uses a soft-float ABI that is \
409incompatible with Cranelift and Wasmtime -- use \
410`Config::x86_float_abi_ok` to disable this check and see more \
411information about this check\
412"
413 .into());
414 }
415
416 Ok(())
417 }
418
419 /// Checks to see whether the "shared flag", something enabled for
420 /// individual compilers, is compatible with the native host platform.
421 ///
422 /// This is used both when validating an engine's compilation settings are
423 /// compatible with the host as well as when deserializing modules from
424 /// disk to ensure they're compatible with the current host.
425 ///
426 /// Note that most of the settings here are not configured by users that
427 /// often. While theoretically possible via `Config` methods the more
428 /// interesting flags are the ISA ones below. Typically the values here
429 /// represent global configuration for wasm features. Settings here
430 /// currently rely on the compiler informing us of all settings, including
431 /// those disabled. Settings then fall in a few buckets:
432 ///
433 /// * Some settings must be enabled, such as `preserve_frame_pointers`.
434 /// * Some settings must have a particular value, such as
435 /// `libcall_call_conv`.
436 /// * Some settings do not matter as to their value, such as `opt_level`.
437 pub(crate) fn check_compatible_with_shared_flag(
438 &self,
439 flag: &str,
440 value: &FlagValue,
441 ) -> Result<(), String> {
442 let target = self.target();
443 let ok = match flag {
444 // These settings must all have be enabled, since their value
445 // can affect the way the generated code performs or behaves at
446 // runtime.
447 "libcall_call_conv" => *value == FlagValue::Enum("isa_default"),
448 "preserve_frame_pointers" => *value == FlagValue::Bool(true),
449 "enable_probestack" => *value == FlagValue::Bool(true),
450 "probestack_strategy" => *value == FlagValue::Enum("inline"),
451 "enable_multi_ret_implicit_sret" => *value == FlagValue::Bool(true),
452
453 // Features wasmtime doesn't use should all be disabled, since
454 // otherwise if they are enabled it could change the behavior of
455 // generated code.
456 "enable_llvm_abi_extensions" => *value == FlagValue::Bool(false),
457 "enable_pinned_reg" => *value == FlagValue::Bool(false),
458 "use_colocated_libcalls" => *value == FlagValue::Bool(false),
459 "use_pinned_reg_as_heap_base" => *value == FlagValue::Bool(false),
460
461 // Windows requires unwind info as part of its ABI.
462 "unwind_info" => {
463 if target.operating_system == target_lexicon::OperatingSystem::Windows {
464 *value == FlagValue::Bool(true)
465 } else {
466 return Ok(())
467 }
468 }
469
470 // stack switch model must match the current OS
471 "stack_switch_model" => {
472 if self.features().contains(WasmFeatures::STACK_SWITCHING) {
473 use target_lexicon::OperatingSystem;
474 let expected =
475 match target.operating_system {
476 OperatingSystem::Windows => "update_windows_tib",
477 OperatingSystem::Linux
478 | OperatingSystem::MacOSX(_)
479 | OperatingSystem::Darwin(_) => "basic",
480 _ => { return Err(String::from("stack-switching feature not supported on this platform")); }
481 };
482 *value == FlagValue::Enum(expected)
483 } else {
484 return Ok(())
485 }
486 }
487
488 // These settings don't affect the interface or functionality of
489 // the module itself, so their configuration values shouldn't
490 // matter.
491 "enable_heap_access_spectre_mitigation"
492 | "enable_table_access_spectre_mitigation"
493 | "enable_nan_canonicalization"
494 | "enable_float"
495 | "enable_verifier"
496 | "regalloc_checker"
497 | "regalloc_verbose_logs"
498 | "regalloc_algorithm"
499 | "is_pic"
500 | "bb_padding_log2_minus_one"
501 | "log2_min_function_alignment"
502 | "enable_compact_unwind_abi"
503 | "machine_code_cfg_info"
504 | "tls_model" // wasmtime doesn't use tls right now
505 | "opt_level" // opt level doesn't change semantics
506 | "enable_alias_analysis" // alias analysis-based opts don't change semantics
507 | "probestack_size_log2" // probestack above asserted disabled
508 | "regalloc" // shouldn't change semantics
509 | "enable_incremental_compilation_cache_checks" // shouldn't change semantics
510 | "enable_atomics" => return Ok(()),
511
512 // Everything else is unknown and needs to be added somewhere to
513 // this list if encountered.
514 _ => {
515 return Err(format!("unknown shared setting {flag:?} configured to {value:?}"))
516 }
517 };
518
519 if !ok {
520 return Err(format!(
521 "setting {flag:?} is configured to {value:?} which is not supported",
522 ));
523 }
524 Ok(())
525 }
526
527 /// Same as `check_compatible_with_native_host` except used for ISA-specific
528 /// flags. This is used to test whether a configured ISA flag is indeed
529 /// available on the host platform itself.
530 pub(crate) fn check_compatible_with_isa_flag(
531 &self,
532 flag: &str,
533 value: &FlagValue,
534 ) -> Result<(), String> {
535 match value {
536 // ISA flags are used for things like CPU features, so if they're
537 // disabled then it's compatible with the native host.
538 FlagValue::Bool(false) => return Ok(()),
539
540 // Fall through below where we test at runtime that features are
541 // available.
542 FlagValue::Bool(true) => {}
543
544 // Pulley's pointer_width must match the host.
545 FlagValue::Enum("pointer32") => {
546 return if cfg!(target_pointer_width = "32") {
547 Ok(())
548 } else {
549 Err("wrong host pointer width".to_string())
550 };
551 }
552 FlagValue::Enum("pointer64") => {
553 return if cfg!(target_pointer_width = "64") {
554 Ok(())
555 } else {
556 Err("wrong host pointer width".to_string())
557 };
558 }
559
560 // Only `bool` values are supported right now, other settings would
561 // need more support here.
562 _ => {
563 return Err(format!(
564 "isa-specific feature {flag:?} configured to unknown value {value:?}"
565 ));
566 }
567 }
568
569 let host_feature = match flag {
570 // aarch64 features to detect
571 "has_lse" => "lse",
572 "has_pauth" => "paca",
573 "has_fp16" => "fp16",
574
575 // aarch64 features which don't need detection
576 // No effect on its own.
577 "sign_return_address_all" => return Ok(()),
578 // The pointer authentication instructions act as a `NOP` when
579 // unsupported, so it is safe to enable them.
580 "sign_return_address" => return Ok(()),
581 // No effect on its own.
582 "sign_return_address_with_bkey" => return Ok(()),
583 // The `BTI` instruction acts as a `NOP` when unsupported, so it
584 // is safe to enable it regardless of whether the host supports it
585 // or not.
586 "use_bti" => return Ok(()),
587
588 // s390x features to detect
589 "has_vxrs_ext2" => "vxrs_ext2",
590 "has_vxrs_ext3" => "vxrs_ext3",
591 "has_mie3" => "mie3",
592 "has_mie4" => "mie4",
593
594 // x64 features to detect
595 "has_cmpxchg16b" => "cmpxchg16b",
596 "has_sse3" => "sse3",
597 "has_ssse3" => "ssse3",
598 "has_sse41" => "sse4.1",
599 "has_sse42" => "sse4.2",
600 "has_popcnt" => "popcnt",
601 "has_avx" => "avx",
602 "has_avx2" => "avx2",
603 "has_fma" => "fma",
604 "has_bmi1" => "bmi1",
605 "has_bmi2" => "bmi2",
606 "has_avx512bitalg" => "avx512bitalg",
607 "has_avx512dq" => "avx512dq",
608 "has_avx512f" => "avx512f",
609 "has_avx512vl" => "avx512vl",
610 "has_avx512vbmi" => "avx512vbmi",
611 "has_lzcnt" => "lzcnt",
612
613 // pulley features
614 "big_endian" if cfg!(target_endian = "big") => return Ok(()),
615 "big_endian" if cfg!(target_endian = "little") => {
616 return Err("wrong host endianness".to_string());
617 }
618
619 _ => {
620 // FIXME: should enumerate risc-v features and plumb them
621 // through to the `detect_host_feature` function.
622 if cfg!(target_arch = "riscv64") && flag != "not_a_flag" {
623 return Ok(());
624 }
625 return Err(format!(
626 "don't know how to test for target-specific flag {flag:?} at runtime"
627 ));
628 }
629 };
630
631 let detect = match self.config().detect_host_feature {
632 Some(detect) => detect,
633 None => {
634 return Err(format!(
635 "cannot determine if host feature {host_feature:?} is \
636 available at runtime, configure a probing function with \
637 `Config::detect_host_feature`"
638 ));
639 }
640 };
641
642 match detect(host_feature) {
643 Some(true) => Ok(()),
644 Some(false) => Err(format!(
645 "compilation setting {flag:?} is enabled, but not \
646 available on the host",
647 )),
648 None => Err(format!(
649 "failed to detect if target-specific flag {host_feature:?} is \
650 available at runtime (compile setting {flag:?})"
651 )),
652 }
653 }
654
655 /// Returns whether this [`Engine`] is configured to execute with Pulley,
656 /// Wasmtime's interpreter.
657 ///
658 /// Note that Pulley is the default for host platforms that do not have a
659 /// Cranelift backend to support them. For example at the time of this
660 /// writing 32-bit x86 is not supported in Cranelift so the
661 /// `i686-unknown-linux-gnu` target would by default return `true` here.
662 pub fn is_pulley(&self) -> bool {
663 self.target().is_pulley()
664 }
665
666 #[cfg(feature = "runtime")]
667 pub(crate) fn empty_module_runtime_info(&self) -> &ModuleRuntimeInfo {
668 &self.inner.empty_module_runtime_info
669 }
670}
671
672#[cfg(any(feature = "cranelift", feature = "winch"))]
673impl Engine {
674 pub(crate) fn compiler(&self) -> Option<&dyn wasmtime_environ::Compiler> {
675 self.inner.compiler.as_deref()
676 }
677
678 pub(crate) fn try_compiler(&self) -> Result<&dyn wasmtime_environ::Compiler> {
679 self.compiler()
680 .ok_or_else(|| format_err!("Engine was not configured with a compiler"))
681 }
682
683 /// Ahead-of-time (AOT) compiles a WebAssembly module.
684 ///
685 /// The `bytes` provided must be in one of two formats:
686 ///
687 /// * A [binary-encoded][binary] WebAssembly module. This is always supported.
688 /// * A [text-encoded][text] instance of the WebAssembly text format.
689 /// This is only supported when the `wat` feature of this crate is enabled.
690 /// If this is supplied then the text format will be parsed before validation.
691 /// Note that the `wat` feature is enabled by default.
692 ///
693 /// This method may be used to compile a module for use with a different target
694 /// host. The output of this method may be used with
695 /// [`Module::deserialize`](crate::Module::deserialize) on hosts compatible
696 /// with the [`Config`](crate::Config) associated with this [`Engine`].
697 ///
698 /// The output of this method is safe to send to another host machine for later
699 /// execution. As the output is already a compiled module, translation and code
700 /// generation will be skipped and this will improve the performance of constructing
701 /// a [`Module`](crate::Module) from the output of this method.
702 ///
703 /// [binary]: https://webassembly.github.io/spec/core/binary/index.html
704 /// [text]: https://webassembly.github.io/spec/core/text/index.html
705 pub fn precompile_module(&self, bytes: &[u8]) -> Result<Vec<u8>> {
706 crate::CodeBuilder::new(self)
707 .wasm_binary_or_text(bytes, None)?
708 .compile_module_serialized()
709 }
710
711 /// Same as [`Engine::precompile_module`] except for a
712 /// [`Component`](crate::component::Component)
713 #[cfg(feature = "component-model")]
714 pub fn precompile_component(&self, bytes: &[u8]) -> Result<Vec<u8>> {
715 crate::CodeBuilder::new(self)
716 .wasm_binary_or_text(bytes, None)?
717 .compile_component_serialized()
718 }
719
720 /// Produces a blob of bytes by serializing the `engine`'s configuration data to
721 /// be checked, perhaps in a different process, with the `check_compatible`
722 /// method below.
723 ///
724 /// The blob of bytes is inserted into the object file specified to become part
725 /// of the final compiled artifact.
726 pub(crate) fn append_compiler_info(&self, obj: &mut Object<'_>) -> Result<()> {
727 serialization::append_compiler_info(self, obj, &serialization::Metadata::new(&self)?);
728 Ok(())
729 }
730
731 #[cfg(any(feature = "cranelift", feature = "winch"))]
732 pub(crate) fn append_bti(&self, obj: &mut Object<'_>) {
733 let section = obj.add_section(
734 obj.segment_name(StandardSegment::Data).to_vec(),
735 wasmtime_environ::obj::ELF_WASM_BTI.as_bytes().to_vec(),
736 object::SectionKind::ReadOnlyData,
737 );
738 let contents = if self
739 .compiler()
740 .is_some_and(|c| c.is_branch_protection_enabled())
741 {
742 1
743 } else {
744 0
745 };
746 obj.append_section_data(section, &[contents], 1);
747 }
748}
749
750/// Return value from the [`Engine::detect_precompiled`] API.
751#[derive(PartialEq, Eq, Copy, Clone, Debug)]
752pub enum Precompiled {
753 /// The input bytes look like a precompiled core wasm module.
754 Module,
755 /// The input bytes look like a precompiled wasm component.
756 Component,
757}
758
759#[cfg(feature = "runtime")]
760impl Engine {
761 /// Eagerly initialize thread-local functionality shared by all [`Engine`]s.
762 ///
763 /// Wasmtime's implementation on some platforms may involve per-thread
764 /// setup that needs to happen whenever WebAssembly is invoked. This setup
765 /// can take on the order of a few hundred microseconds, whereas the
766 /// overhead of calling WebAssembly is otherwise on the order of a few
767 /// nanoseconds. This setup cost is paid once per-OS-thread. If your
768 /// application is sensitive to the latencies of WebAssembly function
769 /// calls, even those that happen first on a thread, then this function
770 /// can be used to improve the consistency of each call into WebAssembly
771 /// by explicitly frontloading the cost of the one-time setup per-thread.
772 ///
773 /// Note that this function is not required to be called in any embedding.
774 /// Wasmtime will automatically initialize thread-local-state as necessary
775 /// on calls into WebAssembly. This is provided for use cases where the
776 /// latency of WebAssembly calls are extra-important, which is not
777 /// necessarily true of all embeddings.
778 pub fn tls_eager_initialize() {
779 crate::runtime::vm::tls_eager_initialize();
780 }
781
782 /// Returns a [`PoolingAllocatorMetrics`](crate::PoolingAllocatorMetrics) if
783 /// this engine was configured with
784 /// [`InstanceAllocationStrategy::Pooling`](crate::InstanceAllocationStrategy::Pooling).
785 #[cfg(feature = "pooling-allocator")]
786 pub fn pooling_allocator_metrics(&self) -> Option<crate::vm::PoolingAllocatorMetrics> {
787 crate::runtime::vm::PoolingAllocatorMetrics::new(self)
788 }
789
790 pub(crate) fn allocator(&self) -> &dyn crate::runtime::vm::InstanceAllocator {
791 let r: &(dyn crate::runtime::vm::InstanceAllocator + Send + Sync) =
792 self.inner.allocator.as_ref();
793 &*r
794 }
795
796 pub(crate) fn gc_runtime(&self) -> Option<&Arc<dyn GcRuntime>> {
797 self.inner.gc_runtime.as_ref()
798 }
799
800 pub(crate) fn profiler(&self) -> &dyn crate::profiling_agent::ProfilingAgent {
801 self.inner.profiler.as_ref()
802 }
803
804 #[cfg(all(feature = "cache", any(feature = "cranelift", feature = "winch")))]
805 pub(crate) fn cache(&self) -> Option<&wasmtime_cache::Cache> {
806 self.config().cache.as_ref()
807 }
808
809 pub(crate) fn signatures(&self) -> &TypeRegistry {
810 &self.inner.signatures
811 }
812
813 #[cfg(feature = "runtime")]
814 pub(crate) fn custom_code_memory(&self) -> Option<&Arc<dyn CustomCodeMemory>> {
815 self.config().custom_code_memory.as_ref()
816 }
817
818 #[cfg(target_has_atomic = "64")]
819 pub(crate) fn epoch_counter(&self) -> &AtomicU64 {
820 &self.inner.epoch
821 }
822
823 #[cfg(target_has_atomic = "64")]
824 pub(crate) fn current_epoch(&self) -> u64 {
825 self.epoch_counter().load(Ordering::Relaxed)
826 }
827
828 /// Increments the epoch.
829 ///
830 /// When using epoch-based interruption, currently-executing Wasm
831 /// code within this engine will trap or yield "soon" when the
832 /// epoch deadline is reached or exceeded. (The configuration, and
833 /// the deadline, are set on the `Store`.) The intent of the
834 /// design is for this method to be called by the embedder at some
835 /// regular cadence, for example by a thread that wakes up at some
836 /// interval, or by a signal handler.
837 ///
838 /// See [`Config::epoch_interruption`](crate::Config::epoch_interruption)
839 /// for an introduction to epoch-based interruption and pointers
840 /// to the other relevant methods.
841 ///
842 /// When performing `increment_epoch` in a separate thread, consider using
843 /// [`Engine::weak`] to hold an [`EngineWeak`](crate::EngineWeak) and
844 /// performing [`EngineWeak::upgrade`](crate::EngineWeak::upgrade) on each
845 /// tick, so that the epoch ticking thread does not keep an [`Engine`] alive
846 /// longer than any of its consumers.
847 ///
848 /// ## Signal Safety
849 ///
850 /// This method is signal-safe: it does not make any syscalls, and
851 /// performs only an atomic increment to the epoch value in
852 /// memory.
853 #[cfg(target_has_atomic = "64")]
854 pub fn increment_epoch(&self) {
855 self.inner.epoch.fetch_add(1, Ordering::Relaxed);
856 }
857
858 /// Returns a [`std::hash::Hash`] that can be used to check precompiled WebAssembly compatibility.
859 ///
860 /// The outputs of [`Engine::precompile_module`] and [`Engine::precompile_component`]
861 /// are compatible with a different [`Engine`] instance only if the two engines use
862 /// compatible [`Config`]s. If this Hash matches between two [`Engine`]s then binaries
863 /// from one are guaranteed to deserialize in the other.
864 #[cfg(any(feature = "cranelift", feature = "winch"))]
865 pub fn precompile_compatibility_hash(&self) -> impl std::hash::Hash + '_ {
866 crate::compile::HashedEngineCompileEnv(self)
867 }
868
869 /// Returns the required alignment for a code image, if we
870 /// allocate in a way that is not a system `mmap()` that naturally
871 /// aligns it.
872 fn required_code_alignment(&self) -> usize {
873 self.custom_code_memory()
874 .map(|c| c.required_alignment())
875 .unwrap_or(1)
876 }
877
878 /// Loads a `CodeMemory` from the specified in-memory slice, copying it to a
879 /// uniquely owned mmap.
880 ///
881 /// The `expected` marker here is whether the bytes are expected to be a
882 /// precompiled module or a component.
883 pub(crate) fn load_code_bytes(
884 &self,
885 bytes: &[u8],
886 expected: ObjectKind,
887 ) -> Result<Arc<crate::CodeMemory>> {
888 self.load_code(
889 crate::runtime::vm::MmapVec::from_slice_with_alignment(
890 bytes,
891 self.required_code_alignment(),
892 )?,
893 expected,
894 )
895 }
896
897 /// Loads a `CodeMemory` from the specified memory region without copying
898 ///
899 /// The `expected` marker here is whether the bytes are expected to be
900 /// a precompiled module or a component. The `memory` provided is expected
901 /// to be a serialized module (.cwasm) generated by `[Module::serialize]`
902 /// or [`Engine::precompile_module] or their `Component` counterparts
903 /// [`Component::serialize`] or `[Engine::precompile_component]`.
904 ///
905 /// The memory provided is guaranteed to only be immutably by the runtime.
906 ///
907 /// # Safety
908 ///
909 /// As there is no copy here, the runtime will be making direct readonly use
910 /// of the provided memory. As such, outside writes to this memory region
911 /// will result in undefined and likely very undesirable behavior.
912 pub(crate) unsafe fn load_code_raw(
913 &self,
914 memory: NonNull<[u8]>,
915 expected: ObjectKind,
916 ) -> Result<Arc<crate::CodeMemory>> {
917 // SAFETY: the contract of this function is the same as that of
918 // `from_raw`.
919 unsafe { self.load_code(crate::runtime::vm::MmapVec::from_raw(memory)?, expected) }
920 }
921
922 /// Like `load_code_bytes`, but creates a mmap from a file on disk.
923 #[cfg(feature = "std")]
924 pub(crate) fn load_code_file(
925 &self,
926 file: File,
927 expected: ObjectKind,
928 ) -> Result<Arc<crate::CodeMemory>> {
929 self.load_code(
930 crate::runtime::vm::MmapVec::from_file(file)
931 .with_context(|| "Failed to create file mapping".to_string())?,
932 expected,
933 )
934 }
935
936 pub(crate) fn load_code(
937 &self,
938 mmap: crate::runtime::vm::MmapVec,
939 expected: ObjectKind,
940 ) -> Result<Arc<crate::CodeMemory>> {
941 self.check_compatible_with_native_host()
942 .context("compilation settings are not compatible with the native host")?;
943
944 serialization::check_compatible(self, &mmap, expected)?;
945 let mut code = crate::CodeMemory::new(self, mmap)?;
946 code.publish()?;
947 Ok(try_new(code)?)
948 }
949
950 /// Unload process-related trap/signal handlers and destroy this engine.
951 ///
952 /// This method is not safe and is not widely applicable. It is not required
953 /// to be called and is intended for use cases such as unloading a dynamic
954 /// library from a process. It is difficult to invoke this method correctly
955 /// and it requires careful coordination to do so.
956 ///
957 /// # Panics
958 ///
959 /// This method will panic if this `Engine` handle is not the last remaining
960 /// engine handle.
961 ///
962 /// # Aborts
963 ///
964 /// This method will abort the process on some platforms in some situations
965 /// where unloading the handler cannot be performed and an unrecoverable
966 /// state is reached. For example on Unix platforms with signal handling
967 /// the process will be aborted if the current signal handlers are not
968 /// Wasmtime's.
969 ///
970 /// # Unsafety
971 ///
972 /// This method is not generally safe to call and has a number of
973 /// preconditions that must be met to even possibly be safe. Even with these
974 /// known preconditions met there may be other unknown invariants to uphold
975 /// as well.
976 ///
977 /// * There must be no other instances of `Engine` elsewhere in the process.
978 /// Note that this isn't just copies of this `Engine` but it's any other
979 /// `Engine` at all. This unloads global state that is used by all
980 /// `Engine`s so this instance must be the last.
981 ///
982 /// * On Unix platforms no other signal handlers could have been installed
983 /// for signals that Wasmtime catches. In this situation Wasmtime won't
984 /// know how to restore signal handlers that Wasmtime possibly overwrote
985 /// when Wasmtime was initially loaded. If possible initialize other
986 /// libraries first and then initialize Wasmtime last (e.g. defer creating
987 /// an `Engine`).
988 ///
989 /// * All existing threads which have used this DLL or copy of Wasmtime may
990 /// no longer use this copy of Wasmtime. Per-thread state is not iterated
991 /// and destroyed. Only future threads may use future instances of this
992 /// Wasmtime itself.
993 ///
994 /// If other crashes are seen from using this method please feel free to
995 /// file an issue to update the documentation here with more preconditions
996 /// that must be met.
997 #[cfg(has_native_signals)]
998 pub unsafe fn unload_process_handlers(self) {
999 assert_eq!(Arc::weak_count(&self.inner), 0);
1000 assert_eq!(Arc::strong_count(&self.inner), 1);
1001
1002 // SAFETY: the contract of this function is the same as `deinit_traps`.
1003 #[cfg(not(miri))]
1004 unsafe {
1005 crate::runtime::vm::deinit_traps();
1006 }
1007 }
1008}
1009
1010/// A weak reference to an [`Engine`].
1011#[derive(Clone, Default)]
1012pub struct EngineWeak {
1013 inner: alloc::sync::Weak<EngineInner>,
1014}
1015
1016impl EngineWeak {
1017 /// Upgrade this weak reference into an [`Engine`]. Returns `None` if
1018 /// strong references (the [`Engine`] type itself) no longer exist.
1019 pub fn upgrade(&self) -> Option<Engine> {
1020 alloc::sync::Weak::upgrade(&self.inner).map(|inner| Engine { inner })
1021 }
1022}