wasmtime/engine.rs
1use crate::Config;
2use crate::RRConfig;
3use crate::prelude::*;
4#[cfg(feature = "runtime")]
5pub use crate::runtime::code_memory::CustomCodeMemory;
6#[cfg(feature = "runtime")]
7use crate::runtime::type_registry::TypeRegistry;
8#[cfg(feature = "runtime")]
9use crate::runtime::vm::{GcRuntime, ModuleRuntimeInfo};
10use alloc::sync::Arc;
11use core::ptr::NonNull;
12#[cfg(target_has_atomic = "64")]
13use core::sync::atomic::{AtomicU64, Ordering};
14#[cfg(any(feature = "cranelift", feature = "winch"))]
15use object::write::{Object, StandardSegment};
16#[cfg(feature = "std")]
17use std::{fs::File, path::Path};
18use wasmparser::WasmFeatures;
19use wasmtime_environ::{FlagValue, ObjectKind, TripleExt, Tunables};
20
21mod serialization;
22
23/// An `Engine` which is a global context for compilation and management of wasm
24/// modules.
25///
26/// An engine can be safely shared across threads and is a cheap cloneable
27/// handle to the actual engine. The engine itself will be deallocated once all
28/// references to it have gone away.
29///
30/// Engines store global configuration preferences such as compilation settings,
31/// enabled features, etc. You'll likely only need at most one of these for a
32/// program.
33///
34/// ## Engines and `Clone`
35///
36/// Using `clone` on an `Engine` is a cheap operation. It will not create an
37/// entirely new engine, but rather just a new reference to the existing engine.
38/// In other words it's a shallow copy, not a deep copy.
39///
40/// ## Engines and `Default`
41///
42/// You can create an engine with default configuration settings using
43/// `Engine::default()`. Be sure to consult the documentation of [`Config`] for
44/// default settings.
45#[derive(Clone)]
46pub struct Engine {
47 inner: Arc<EngineInner>,
48}
49
50struct EngineInner {
51 config: Config,
52 features: WasmFeatures,
53 tunables: Tunables,
54 #[cfg(any(feature = "cranelift", feature = "winch"))]
55 compiler: Option<Box<dyn wasmtime_environ::Compiler>>,
56 #[cfg(feature = "runtime")]
57 allocator: Box<dyn crate::runtime::vm::InstanceAllocator + Send + Sync>,
58 #[cfg(feature = "runtime")]
59 gc_runtime: Option<Arc<dyn GcRuntime>>,
60 #[cfg(feature = "runtime")]
61 profiler: Box<dyn crate::profiling_agent::ProfilingAgent>,
62 #[cfg(feature = "runtime")]
63 signatures: TypeRegistry,
64 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
65 epoch: AtomicU64,
66
67 /// One-time check of whether the compiler's settings, if present, are
68 /// compatible with the native host.
69 compatible_with_native_host: crate::sync::OnceLock<Result<(), String>>,
70
71 /// The canonical empty `ModuleRuntimeInfo`, so that each store doesn't need
72 /// allocate its own copy when creating its default caller instance or GC
73 /// heap.
74 #[cfg(feature = "runtime")]
75 empty_module_runtime_info: ModuleRuntimeInfo,
76}
77
78impl core::fmt::Debug for Engine {
79 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
80 f.debug_tuple("Engine")
81 .field(&Arc::as_ptr(&self.inner))
82 .finish()
83 }
84}
85
86impl Default for Engine {
87 fn default() -> Engine {
88 Engine::new(&Config::default()).unwrap()
89 }
90}
91
92impl Engine {
93 /// Creates a new [`Engine`] with the specified compilation and
94 /// configuration settings.
95 ///
96 /// # Errors
97 ///
98 /// This method can fail if the `config` is invalid or some
99 /// configurations are incompatible.
100 ///
101 /// For example, feature `reference_types` will need to set
102 /// the compiler setting `unwind_info` to `true`, but explicitly
103 /// disable these two compiler settings will cause errors.
104 ///
105 /// This function will return an [`OutOfMemory`][crate::OutOfMemory] error when
106 /// memory allocation fails. See the `OutOfMemory` type's documentation for
107 /// details on Wasmtime's out-of-memory handling.
108 pub fn new(config: &Config) -> Result<Engine> {
109 let config = config.clone();
110 let (mut tunables, features) = config.validate()?;
111
112 #[cfg(feature = "runtime")]
113 if tunables.signals_based_traps {
114 // Ensure that crate::runtime::vm's signal handlers are
115 // configured. This is the per-program initialization required for
116 // handling traps, such as configuring signals, vectored exception
117 // handlers, etc.
118 #[cfg(has_native_signals)]
119 crate::runtime::vm::init_traps(config.macos_use_mach_ports);
120 if !cfg!(miri) {
121 #[cfg(all(has_host_compiler_backend, feature = "debug-builtins"))]
122 crate::runtime::vm::debug_builtins::init();
123 }
124 }
125
126 #[cfg(any(feature = "cranelift", feature = "winch"))]
127 let (config, compiler) = if config.has_compiler() {
128 let (config, compiler) = config.build_compiler(&mut tunables, features)?;
129 (config, Some(compiler))
130 } else {
131 (config.clone(), None)
132 };
133 #[cfg(not(any(feature = "cranelift", feature = "winch")))]
134 let _ = &mut tunables;
135
136 #[cfg(feature = "runtime")]
137 let empty_module_runtime_info = ModuleRuntimeInfo::bare(try_new(
138 wasmtime_environ::Module::new(wasmtime_environ::StaticModuleIndex::from_u32(0)),
139 )?)?;
140
141 Ok(Engine {
142 inner: try_new::<Arc<_>>(EngineInner {
143 #[cfg(any(feature = "cranelift", feature = "winch"))]
144 compiler,
145 #[cfg(feature = "runtime")]
146 allocator: {
147 let allocator = config.build_allocator(&tunables)?;
148 #[cfg(feature = "gc")]
149 {
150 let mem_ty = tunables.gc_heap_memory_type();
151 allocator.validate_memory(&mem_ty).context(
152 "instance allocator cannot support configured GC heap memory",
153 )?;
154 }
155 allocator
156 },
157 #[cfg(feature = "runtime")]
158 gc_runtime: config.build_gc_runtime()?,
159 #[cfg(feature = "runtime")]
160 profiler: config.build_profiler()?,
161 #[cfg(feature = "runtime")]
162 signatures: TypeRegistry::new(),
163 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
164 epoch: AtomicU64::new(0),
165 compatible_with_native_host: Default::default(),
166 config,
167 tunables,
168 features,
169 #[cfg(feature = "runtime")]
170 empty_module_runtime_info,
171 })?,
172 })
173 }
174
175 /// Returns the configuration settings that this engine is using.
176 #[inline]
177 pub fn config(&self) -> &Config {
178 &self.inner.config
179 }
180
181 #[inline]
182 pub(crate) fn features(&self) -> WasmFeatures {
183 self.inner.features
184 }
185
186 pub(crate) fn run_maybe_parallel<
187 A: Send,
188 B: Send,
189 E: Send,
190 F: Fn(A) -> Result<B, E> + Send + Sync,
191 >(
192 &self,
193 input: Vec<A>,
194 f: F,
195 ) -> Result<Vec<B>, E> {
196 if self.config().parallel_compilation {
197 #[cfg(feature = "parallel-compilation")]
198 {
199 use rayon::prelude::*;
200 // If we collect into Result<Vec<B>, E> directly, the returned error is not
201 // deterministic, because any error could be returned early. So we first materialize
202 // all results in order and then return the first error deterministically, or Ok(_).
203 return input
204 .into_par_iter()
205 .map(|a| f(a))
206 .collect::<Vec<Result<B, E>>>()
207 .into_iter()
208 .collect::<Result<Vec<B>, E>>();
209 }
210 }
211
212 // In case the parallel-compilation feature is disabled or the parallel_compilation config
213 // was turned off dynamically fallback to the non-parallel version.
214 input
215 .into_iter()
216 .map(|a| f(a))
217 .collect::<Result<Vec<B>, E>>()
218 }
219
220 #[cfg(any(feature = "cranelift", feature = "winch"))]
221 pub(crate) fn run_maybe_parallel_mut<
222 T: Send,
223 E: Send,
224 F: Fn(&mut T) -> Result<(), E> + Send + Sync,
225 >(
226 &self,
227 input: &mut [T],
228 f: F,
229 ) -> Result<(), E> {
230 if self.config().parallel_compilation {
231 #[cfg(feature = "parallel-compilation")]
232 {
233 use rayon::prelude::*;
234 // If we collect into `Result<(), E>` directly, the returned
235 // error is not deterministic, because any error could be
236 // returned early. So we first materialize all results in order
237 // and then return the first error deterministically, or
238 // `Ok(_)`.
239 return input
240 .into_par_iter()
241 .map(|a| f(a))
242 .collect::<Vec<Result<(), E>>>()
243 .into_iter()
244 .collect::<Result<(), E>>();
245 }
246 }
247
248 // In case the parallel-compilation feature is disabled or the
249 // parallel_compilation config was turned off dynamically fallback to
250 // the non-parallel version.
251 input.into_iter().map(|a| f(a)).collect::<Result<(), E>>()
252 }
253
254 /// Take a weak reference to this engine.
255 pub fn weak(&self) -> EngineWeak {
256 EngineWeak {
257 inner: Arc::downgrade(&self.inner),
258 }
259 }
260
261 #[inline]
262 pub(crate) fn tunables(&self) -> &Tunables {
263 &self.inner.tunables
264 }
265
266 /// Returns whether the engine `a` and `b` refer to the same configuration.
267 #[inline]
268 pub fn same(a: &Engine, b: &Engine) -> bool {
269 Arc::ptr_eq(&a.inner, &b.inner)
270 }
271
272 /// Returns whether the engine is configured to support execution recording
273 #[inline]
274 pub fn is_recording(&self) -> bool {
275 match self.config().rr_config {
276 #[cfg(feature = "rr")]
277 RRConfig::Recording => true,
278 #[cfg(feature = "rr")]
279 RRConfig::Replaying => false,
280 RRConfig::None => false,
281 }
282 }
283
284 /// Returns whether the engine is configured to support execution replaying
285 #[inline]
286 pub fn is_replaying(&self) -> bool {
287 match self.config().rr_config {
288 #[cfg(feature = "rr")]
289 RRConfig::Replaying => true,
290 #[cfg(feature = "rr")]
291 RRConfig::Recording => false,
292 RRConfig::None => false,
293 }
294 }
295
296 /// Detects whether the bytes provided are a precompiled object produced by
297 /// Wasmtime.
298 ///
299 /// This function will inspect the header of `bytes` to determine if it
300 /// looks like a precompiled core wasm module or a precompiled component.
301 /// This does not validate the full structure or guarantee that
302 /// deserialization will succeed, instead it helps higher-levels of the
303 /// stack make a decision about what to do next when presented with the
304 /// `bytes` as an input module.
305 ///
306 /// If the `bytes` looks like a precompiled object previously produced by
307 /// [`Module::serialize`](crate::Module::serialize),
308 /// [`Component::serialize`](crate::component::Component::serialize),
309 /// [`Engine::precompile_module`], or [`Engine::precompile_component`], then
310 /// this will return `Some(...)` indicating so. Otherwise `None` is
311 /// returned.
312 pub fn detect_precompiled(bytes: &[u8]) -> Option<Precompiled> {
313 serialization::detect_precompiled_bytes(bytes)
314 }
315
316 /// Like [`Engine::detect_precompiled`], but performs the detection on a file.
317 #[cfg(feature = "std")]
318 pub fn detect_precompiled_file(path: impl AsRef<Path>) -> Result<Option<Precompiled>> {
319 serialization::detect_precompiled_file(path)
320 }
321
322 /// Returns the target triple which this engine is compiling code for
323 /// and/or running code for.
324 pub(crate) fn target(&self) -> target_lexicon::Triple {
325 return self.config().compiler_target();
326 }
327
328 /// Verify that this engine's configuration is compatible with loading
329 /// modules onto the native host platform.
330 ///
331 /// This method is used as part of `Module::new` to ensure that this
332 /// engine can indeed load modules for the configured compiler (if any).
333 /// Note that if cranelift is disabled this trivially returns `Ok` because
334 /// loaded serialized modules are checked separately.
335 pub(crate) fn check_compatible_with_native_host(&self) -> Result<()> {
336 self.inner
337 .compatible_with_native_host
338 .get_or_init(|| self._check_compatible_with_native_host())
339 .clone()
340 .map_err(crate::Error::msg)
341 }
342
343 fn _check_compatible_with_native_host(&self) -> Result<(), String> {
344 use target_lexicon::Triple;
345
346 let host = Triple::host();
347 let target = self.config().compiler_target();
348
349 let target_matches_host = || {
350 // If the host target and target triple match, then it's valid
351 // to run results of compilation on this host.
352 if host == target {
353 return true;
354 }
355
356 // If there's a mismatch and the target is a compatible pulley
357 // target, then that's also ok to run.
358 if cfg!(feature = "pulley")
359 && target.is_pulley()
360 && target.pointer_width() == host.pointer_width()
361 && target.endianness() == host.endianness()
362 {
363 return true;
364 }
365
366 // ... otherwise everything else is considered not a match.
367 false
368 };
369
370 if !target_matches_host() {
371 return Err(format!(
372 "target '{target}' specified in the configuration does not match the host"
373 ));
374 }
375
376 #[cfg(any(feature = "cranelift", feature = "winch"))]
377 {
378 if let Some(compiler) = self.compiler() {
379 // Also double-check all compiler settings
380 for (key, value) in compiler.flags().iter() {
381 self.check_compatible_with_shared_flag(key, value)?;
382 }
383 for (key, value) in compiler.isa_flags().iter() {
384 self.check_compatible_with_isa_flag(key, value)?;
385 }
386 }
387 }
388
389 // Double-check that this configuration isn't requesting capabilities
390 // that this build of Wasmtime doesn't support.
391 if !cfg!(has_native_signals) && self.tunables().signals_based_traps {
392 return Err("signals-based-traps disabled at compile time -- cannot be enabled".into());
393 }
394 if !cfg!(has_virtual_memory) && self.tunables().memory_init_cow {
395 return Err("virtual memory disabled at compile time -- cannot enable CoW".into());
396 }
397 if !cfg!(target_has_atomic = "64") && self.tunables().epoch_interruption {
398 return Err("epochs currently require 64-bit atomics".into());
399 }
400
401 // Double-check that the host's float ABI matches Cranelift's float ABI.
402 // See `Config::x86_float_abi_ok` for some more
403 // information.
404 if target == target_lexicon::triple!("x86_64-unknown-none")
405 && self.config().x86_float_abi_ok != Some(true)
406 {
407 return Err("\
408the x86_64-unknown-none target by default uses a soft-float ABI that is \
409incompatible with Cranelift and Wasmtime -- use \
410`Config::x86_float_abi_ok` to disable this check and see more \
411information about this check\
412"
413 .into());
414 }
415
416 Ok(())
417 }
418
419 /// Checks to see whether the "shared flag", something enabled for
420 /// individual compilers, is compatible with the native host platform.
421 ///
422 /// This is used both when validating an engine's compilation settings are
423 /// compatible with the host as well as when deserializing modules from
424 /// disk to ensure they're compatible with the current host.
425 ///
426 /// Note that most of the settings here are not configured by users that
427 /// often. While theoretically possible via `Config` methods the more
428 /// interesting flags are the ISA ones below. Typically the values here
429 /// represent global configuration for wasm features. Settings here
430 /// currently rely on the compiler informing us of all settings, including
431 /// those disabled. Settings then fall in a few buckets:
432 ///
433 /// * Some settings must be enabled, such as `preserve_frame_pointers`.
434 /// * Some settings must have a particular value, such as
435 /// `libcall_call_conv`.
436 /// * Some settings do not matter as to their value, such as `opt_level`.
437 pub(crate) fn check_compatible_with_shared_flag(
438 &self,
439 flag: &str,
440 value: &FlagValue,
441 ) -> Result<(), String> {
442 let target = self.target();
443 let ok = match flag {
444 // These settings must all have be enabled, since their value
445 // can affect the way the generated code performs or behaves at
446 // runtime.
447 "libcall_call_conv" => *value == FlagValue::Enum("isa_default"),
448 "preserve_frame_pointers" => *value == FlagValue::Bool(true),
449 "enable_probestack" => *value == FlagValue::Bool(true),
450 "probestack_strategy" => *value == FlagValue::Enum("inline"),
451 "enable_multi_ret_implicit_sret" => *value == FlagValue::Bool(true),
452
453 // Features wasmtime doesn't use should all be disabled, since
454 // otherwise if they are enabled it could change the behavior of
455 // generated code.
456 "enable_llvm_abi_extensions" => *value == FlagValue::Bool(false),
457 "enable_pinned_reg" => *value == FlagValue::Bool(false),
458 "use_colocated_libcalls" => *value == FlagValue::Bool(false),
459 "use_pinned_reg_as_heap_base" => *value == FlagValue::Bool(false),
460
461 // Windows requires unwind info as part of its ABI.
462 "unwind_info" => {
463 if target.operating_system == target_lexicon::OperatingSystem::Windows {
464 *value == FlagValue::Bool(true)
465 } else {
466 return Ok(())
467 }
468 }
469
470 // stack switch model must match the current OS
471 "stack_switch_model" => {
472 if self.features().contains(WasmFeatures::STACK_SWITCHING) {
473 use target_lexicon::OperatingSystem;
474 let expected =
475 match target.operating_system {
476 OperatingSystem::Windows => "update_windows_tib",
477 OperatingSystem::Linux
478 | OperatingSystem::MacOSX(_)
479 | OperatingSystem::Darwin(_) => "basic",
480 _ => { return Err(String::from("stack-switching feature not supported on this platform")); }
481 };
482 *value == FlagValue::Enum(expected)
483 } else {
484 return Ok(())
485 }
486 }
487
488 // These settings don't affect the interface or functionality of
489 // the module itself, so their configuration values shouldn't
490 // matter.
491 "enable_heap_access_spectre_mitigation"
492 | "enable_table_access_spectre_mitigation"
493 | "enable_nan_canonicalization"
494 | "enable_float"
495 | "enable_verifier"
496 | "regalloc_checker"
497 | "regalloc_verbose_logs"
498 | "regalloc_algorithm"
499 | "is_pic"
500 | "bb_padding_log2_minus_one"
501 | "log2_min_function_alignment"
502 | "machine_code_cfg_info"
503 | "tls_model" // wasmtime doesn't use tls right now
504 | "opt_level" // opt level doesn't change semantics
505 | "enable_alias_analysis" // alias analysis-based opts don't change semantics
506 | "probestack_size_log2" // probestack above asserted disabled
507 | "regalloc" // shouldn't change semantics
508 | "enable_incremental_compilation_cache_checks" // shouldn't change semantics
509 | "enable_atomics" => return Ok(()),
510
511 // Everything else is unknown and needs to be added somewhere to
512 // this list if encountered.
513 _ => {
514 return Err(format!("unknown shared setting {flag:?} configured to {value:?}"))
515 }
516 };
517
518 if !ok {
519 return Err(format!(
520 "setting {flag:?} is configured to {value:?} which is not supported",
521 ));
522 }
523 Ok(())
524 }
525
526 /// Same as `check_compatible_with_native_host` except used for ISA-specific
527 /// flags. This is used to test whether a configured ISA flag is indeed
528 /// available on the host platform itself.
529 pub(crate) fn check_compatible_with_isa_flag(
530 &self,
531 flag: &str,
532 value: &FlagValue,
533 ) -> Result<(), String> {
534 match value {
535 // ISA flags are used for things like CPU features, so if they're
536 // disabled then it's compatible with the native host.
537 FlagValue::Bool(false) => return Ok(()),
538
539 // Fall through below where we test at runtime that features are
540 // available.
541 FlagValue::Bool(true) => {}
542
543 // Pulley's pointer_width must match the host.
544 FlagValue::Enum("pointer32") => {
545 return if cfg!(target_pointer_width = "32") {
546 Ok(())
547 } else {
548 Err("wrong host pointer width".to_string())
549 };
550 }
551 FlagValue::Enum("pointer64") => {
552 return if cfg!(target_pointer_width = "64") {
553 Ok(())
554 } else {
555 Err("wrong host pointer width".to_string())
556 };
557 }
558
559 // Only `bool` values are supported right now, other settings would
560 // need more support here.
561 _ => {
562 return Err(format!(
563 "isa-specific feature {flag:?} configured to unknown value {value:?}"
564 ));
565 }
566 }
567
568 let host_feature = match flag {
569 // aarch64 features to detect
570 "has_lse" => "lse",
571 "has_pauth" => "paca",
572 "has_fp16" => "fp16",
573
574 // aarch64 features which don't need detection
575 // No effect on its own.
576 "sign_return_address_all" => return Ok(()),
577 // The pointer authentication instructions act as a `NOP` when
578 // unsupported, so it is safe to enable them.
579 "sign_return_address" => return Ok(()),
580 // No effect on its own.
581 "sign_return_address_with_bkey" => return Ok(()),
582 // The `BTI` instruction acts as a `NOP` when unsupported, so it
583 // is safe to enable it regardless of whether the host supports it
584 // or not.
585 "use_bti" => return Ok(()),
586
587 // s390x features to detect
588 "has_vxrs_ext2" => "vxrs_ext2",
589 "has_vxrs_ext3" => "vxrs_ext3",
590 "has_mie3" => "mie3",
591 "has_mie4" => "mie4",
592
593 // x64 features to detect
594 "has_cmpxchg16b" => "cmpxchg16b",
595 "has_sse3" => "sse3",
596 "has_ssse3" => "ssse3",
597 "has_sse41" => "sse4.1",
598 "has_sse42" => "sse4.2",
599 "has_popcnt" => "popcnt",
600 "has_avx" => "avx",
601 "has_avx2" => "avx2",
602 "has_fma" => "fma",
603 "has_bmi1" => "bmi1",
604 "has_bmi2" => "bmi2",
605 "has_avx512bitalg" => "avx512bitalg",
606 "has_avx512dq" => "avx512dq",
607 "has_avx512f" => "avx512f",
608 "has_avx512vl" => "avx512vl",
609 "has_avx512vbmi" => "avx512vbmi",
610 "has_lzcnt" => "lzcnt",
611
612 // pulley features
613 "big_endian" if cfg!(target_endian = "big") => return Ok(()),
614 "big_endian" if cfg!(target_endian = "little") => {
615 return Err("wrong host endianness".to_string());
616 }
617
618 _ => {
619 // FIXME: should enumerate risc-v features and plumb them
620 // through to the `detect_host_feature` function.
621 if cfg!(target_arch = "riscv64") && flag != "not_a_flag" {
622 return Ok(());
623 }
624 return Err(format!(
625 "don't know how to test for target-specific flag {flag:?} at runtime"
626 ));
627 }
628 };
629
630 let detect = match self.config().detect_host_feature {
631 Some(detect) => detect,
632 None => {
633 return Err(format!(
634 "cannot determine if host feature {host_feature:?} is \
635 available at runtime, configure a probing function with \
636 `Config::detect_host_feature`"
637 ));
638 }
639 };
640
641 match detect(host_feature) {
642 Some(true) => Ok(()),
643 Some(false) => Err(format!(
644 "compilation setting {flag:?} is enabled, but not \
645 available on the host",
646 )),
647 None => Err(format!(
648 "failed to detect if target-specific flag {host_feature:?} is \
649 available at runtime (compile setting {flag:?})"
650 )),
651 }
652 }
653
654 /// Returns whether this [`Engine`] is configured to execute with Pulley,
655 /// Wasmtime's interpreter.
656 ///
657 /// Note that Pulley is the default for host platforms that do not have a
658 /// Cranelift backend to support them. For example at the time of this
659 /// writing 32-bit x86 is not supported in Cranelift so the
660 /// `i686-unknown-linux-gnu` target would by default return `true` here.
661 pub fn is_pulley(&self) -> bool {
662 self.target().is_pulley()
663 }
664
665 #[cfg(feature = "runtime")]
666 pub(crate) fn empty_module_runtime_info(&self) -> &ModuleRuntimeInfo {
667 &self.inner.empty_module_runtime_info
668 }
669}
670
671#[cfg(any(feature = "cranelift", feature = "winch"))]
672impl Engine {
673 pub(crate) fn compiler(&self) -> Option<&dyn wasmtime_environ::Compiler> {
674 self.inner.compiler.as_deref()
675 }
676
677 pub(crate) fn try_compiler(&self) -> Result<&dyn wasmtime_environ::Compiler> {
678 self.compiler()
679 .ok_or_else(|| format_err!("Engine was not configured with a compiler"))
680 }
681
682 /// Ahead-of-time (AOT) compiles a WebAssembly module.
683 ///
684 /// The `bytes` provided must be in one of two formats:
685 ///
686 /// * A [binary-encoded][binary] WebAssembly module. This is always supported.
687 /// * A [text-encoded][text] instance of the WebAssembly text format.
688 /// This is only supported when the `wat` feature of this crate is enabled.
689 /// If this is supplied then the text format will be parsed before validation.
690 /// Note that the `wat` feature is enabled by default.
691 ///
692 /// This method may be used to compile a module for use with a different target
693 /// host. The output of this method may be used with
694 /// [`Module::deserialize`](crate::Module::deserialize) on hosts compatible
695 /// with the [`Config`](crate::Config) associated with this [`Engine`].
696 ///
697 /// The output of this method is safe to send to another host machine for later
698 /// execution. As the output is already a compiled module, translation and code
699 /// generation will be skipped and this will improve the performance of constructing
700 /// a [`Module`](crate::Module) from the output of this method.
701 ///
702 /// [binary]: https://webassembly.github.io/spec/core/binary/index.html
703 /// [text]: https://webassembly.github.io/spec/core/text/index.html
704 pub fn precompile_module(&self, bytes: &[u8]) -> Result<Vec<u8>> {
705 crate::CodeBuilder::new(self)
706 .wasm_binary_or_text(bytes, None)?
707 .compile_module_serialized()
708 }
709
710 /// Same as [`Engine::precompile_module`] except for a
711 /// [`Component`](crate::component::Component)
712 #[cfg(feature = "component-model")]
713 pub fn precompile_component(&self, bytes: &[u8]) -> Result<Vec<u8>> {
714 crate::CodeBuilder::new(self)
715 .wasm_binary_or_text(bytes, None)?
716 .compile_component_serialized()
717 }
718
719 /// Produces a blob of bytes by serializing the `engine`'s configuration data to
720 /// be checked, perhaps in a different process, with the `check_compatible`
721 /// method below.
722 ///
723 /// The blob of bytes is inserted into the object file specified to become part
724 /// of the final compiled artifact.
725 pub(crate) fn append_compiler_info(&self, obj: &mut Object<'_>) -> Result<()> {
726 serialization::append_compiler_info(self, obj, &serialization::Metadata::new(&self)?);
727 Ok(())
728 }
729
730 #[cfg(any(feature = "cranelift", feature = "winch"))]
731 pub(crate) fn append_bti(&self, obj: &mut Object<'_>) {
732 let section = obj.add_section(
733 obj.segment_name(StandardSegment::Data).to_vec(),
734 wasmtime_environ::obj::ELF_WASM_BTI.as_bytes().to_vec(),
735 object::SectionKind::ReadOnlyData,
736 );
737 let contents = if self
738 .compiler()
739 .is_some_and(|c| c.is_branch_protection_enabled())
740 {
741 1
742 } else {
743 0
744 };
745 obj.append_section_data(section, &[contents], 1);
746 }
747}
748
749/// Return value from the [`Engine::detect_precompiled`] API.
750#[derive(PartialEq, Eq, Copy, Clone, Debug)]
751pub enum Precompiled {
752 /// The input bytes look like a precompiled core wasm module.
753 Module,
754 /// The input bytes look like a precompiled wasm component.
755 Component,
756}
757
758#[cfg(feature = "runtime")]
759impl Engine {
760 /// Eagerly initialize thread-local functionality shared by all [`Engine`]s.
761 ///
762 /// Wasmtime's implementation on some platforms may involve per-thread
763 /// setup that needs to happen whenever WebAssembly is invoked. This setup
764 /// can take on the order of a few hundred microseconds, whereas the
765 /// overhead of calling WebAssembly is otherwise on the order of a few
766 /// nanoseconds. This setup cost is paid once per-OS-thread. If your
767 /// application is sensitive to the latencies of WebAssembly function
768 /// calls, even those that happen first on a thread, then this function
769 /// can be used to improve the consistency of each call into WebAssembly
770 /// by explicitly frontloading the cost of the one-time setup per-thread.
771 ///
772 /// Note that this function is not required to be called in any embedding.
773 /// Wasmtime will automatically initialize thread-local-state as necessary
774 /// on calls into WebAssembly. This is provided for use cases where the
775 /// latency of WebAssembly calls are extra-important, which is not
776 /// necessarily true of all embeddings.
777 pub fn tls_eager_initialize() {
778 crate::runtime::vm::tls_eager_initialize();
779 }
780
781 /// Returns a [`PoolingAllocatorMetrics`](crate::PoolingAllocatorMetrics) if
782 /// this engine was configured with
783 /// [`InstanceAllocationStrategy::Pooling`](crate::InstanceAllocationStrategy::Pooling).
784 #[cfg(feature = "pooling-allocator")]
785 pub fn pooling_allocator_metrics(&self) -> Option<crate::vm::PoolingAllocatorMetrics> {
786 crate::runtime::vm::PoolingAllocatorMetrics::new(self)
787 }
788
789 pub(crate) fn allocator(&self) -> &dyn crate::runtime::vm::InstanceAllocator {
790 let r: &(dyn crate::runtime::vm::InstanceAllocator + Send + Sync) =
791 self.inner.allocator.as_ref();
792 &*r
793 }
794
795 pub(crate) fn gc_runtime(&self) -> Option<&Arc<dyn GcRuntime>> {
796 self.inner.gc_runtime.as_ref()
797 }
798
799 pub(crate) fn profiler(&self) -> &dyn crate::profiling_agent::ProfilingAgent {
800 self.inner.profiler.as_ref()
801 }
802
803 #[cfg(all(feature = "cache", any(feature = "cranelift", feature = "winch")))]
804 pub(crate) fn cache(&self) -> Option<&wasmtime_cache::Cache> {
805 self.config().cache.as_ref()
806 }
807
808 pub(crate) fn signatures(&self) -> &TypeRegistry {
809 &self.inner.signatures
810 }
811
812 #[cfg(feature = "runtime")]
813 pub(crate) fn custom_code_memory(&self) -> Option<&Arc<dyn CustomCodeMemory>> {
814 self.config().custom_code_memory.as_ref()
815 }
816
817 #[cfg(target_has_atomic = "64")]
818 pub(crate) fn epoch_counter(&self) -> &AtomicU64 {
819 &self.inner.epoch
820 }
821
822 #[cfg(target_has_atomic = "64")]
823 pub(crate) fn current_epoch(&self) -> u64 {
824 self.epoch_counter().load(Ordering::Relaxed)
825 }
826
827 /// Increments the epoch.
828 ///
829 /// When using epoch-based interruption, currently-executing Wasm
830 /// code within this engine will trap or yield "soon" when the
831 /// epoch deadline is reached or exceeded. (The configuration, and
832 /// the deadline, are set on the `Store`.) The intent of the
833 /// design is for this method to be called by the embedder at some
834 /// regular cadence, for example by a thread that wakes up at some
835 /// interval, or by a signal handler.
836 ///
837 /// See [`Config::epoch_interruption`](crate::Config::epoch_interruption)
838 /// for an introduction to epoch-based interruption and pointers
839 /// to the other relevant methods.
840 ///
841 /// When performing `increment_epoch` in a separate thread, consider using
842 /// [`Engine::weak`] to hold an [`EngineWeak`](crate::EngineWeak) and
843 /// performing [`EngineWeak::upgrade`](crate::EngineWeak::upgrade) on each
844 /// tick, so that the epoch ticking thread does not keep an [`Engine`] alive
845 /// longer than any of its consumers.
846 ///
847 /// ## Signal Safety
848 ///
849 /// This method is signal-safe: it does not make any syscalls, and
850 /// performs only an atomic increment to the epoch value in
851 /// memory.
852 #[cfg(target_has_atomic = "64")]
853 pub fn increment_epoch(&self) {
854 self.inner.epoch.fetch_add(1, Ordering::Relaxed);
855 }
856
857 /// Returns a [`std::hash::Hash`] that can be used to check precompiled WebAssembly compatibility.
858 ///
859 /// The outputs of [`Engine::precompile_module`] and [`Engine::precompile_component`]
860 /// are compatible with a different [`Engine`] instance only if the two engines use
861 /// compatible [`Config`]s. If this Hash matches between two [`Engine`]s then binaries
862 /// from one are guaranteed to deserialize in the other.
863 #[cfg(any(feature = "cranelift", feature = "winch"))]
864 pub fn precompile_compatibility_hash(&self) -> impl std::hash::Hash + '_ {
865 crate::compile::HashedEngineCompileEnv(self)
866 }
867
868 /// Returns the required alignment for a code image, if we
869 /// allocate in a way that is not a system `mmap()` that naturally
870 /// aligns it.
871 fn required_code_alignment(&self) -> usize {
872 self.custom_code_memory()
873 .map(|c| c.required_alignment())
874 .unwrap_or(1)
875 }
876
877 /// Loads a `CodeMemory` from the specified in-memory slice, copying it to a
878 /// uniquely owned mmap.
879 ///
880 /// The `expected` marker here is whether the bytes are expected to be a
881 /// precompiled module or a component.
882 pub(crate) fn load_code_bytes(
883 &self,
884 bytes: &[u8],
885 expected: ObjectKind,
886 ) -> Result<Arc<crate::CodeMemory>> {
887 self.load_code(
888 crate::runtime::vm::MmapVec::from_slice_with_alignment(
889 bytes,
890 self.required_code_alignment(),
891 )?,
892 expected,
893 )
894 }
895
896 /// Loads a `CodeMemory` from the specified memory region without copying
897 ///
898 /// The `expected` marker here is whether the bytes are expected to be
899 /// a precompiled module or a component. The `memory` provided is expected
900 /// to be a serialized module (.cwasm) generated by `[Module::serialize]`
901 /// or [`Engine::precompile_module] or their `Component` counterparts
902 /// [`Component::serialize`] or `[Engine::precompile_component]`.
903 ///
904 /// The memory provided is guaranteed to only be immutably by the runtime.
905 ///
906 /// # Safety
907 ///
908 /// As there is no copy here, the runtime will be making direct readonly use
909 /// of the provided memory. As such, outside writes to this memory region
910 /// will result in undefined and likely very undesirable behavior.
911 pub(crate) unsafe fn load_code_raw(
912 &self,
913 memory: NonNull<[u8]>,
914 expected: ObjectKind,
915 ) -> Result<Arc<crate::CodeMemory>> {
916 // SAFETY: the contract of this function is the same as that of
917 // `from_raw`.
918 unsafe { self.load_code(crate::runtime::vm::MmapVec::from_raw(memory)?, expected) }
919 }
920
921 /// Like `load_code_bytes`, but creates a mmap from a file on disk.
922 #[cfg(feature = "std")]
923 pub(crate) fn load_code_file(
924 &self,
925 file: File,
926 expected: ObjectKind,
927 ) -> Result<Arc<crate::CodeMemory>> {
928 self.load_code(
929 crate::runtime::vm::MmapVec::from_file(file)
930 .with_context(|| "Failed to create file mapping".to_string())?,
931 expected,
932 )
933 }
934
935 pub(crate) fn load_code(
936 &self,
937 mmap: crate::runtime::vm::MmapVec,
938 expected: ObjectKind,
939 ) -> Result<Arc<crate::CodeMemory>> {
940 self.check_compatible_with_native_host()
941 .context("compilation settings are not compatible with the native host")?;
942
943 serialization::check_compatible(self, &mmap, expected)?;
944 let mut code = crate::CodeMemory::new(self, mmap)?;
945 code.publish()?;
946 Ok(try_new(code)?)
947 }
948
949 /// Unload process-related trap/signal handlers and destroy this engine.
950 ///
951 /// This method is not safe and is not widely applicable. It is not required
952 /// to be called and is intended for use cases such as unloading a dynamic
953 /// library from a process. It is difficult to invoke this method correctly
954 /// and it requires careful coordination to do so.
955 ///
956 /// # Panics
957 ///
958 /// This method will panic if this `Engine` handle is not the last remaining
959 /// engine handle.
960 ///
961 /// # Aborts
962 ///
963 /// This method will abort the process on some platforms in some situations
964 /// where unloading the handler cannot be performed and an unrecoverable
965 /// state is reached. For example on Unix platforms with signal handling
966 /// the process will be aborted if the current signal handlers are not
967 /// Wasmtime's.
968 ///
969 /// # Unsafety
970 ///
971 /// This method is not generally safe to call and has a number of
972 /// preconditions that must be met to even possibly be safe. Even with these
973 /// known preconditions met there may be other unknown invariants to uphold
974 /// as well.
975 ///
976 /// * There must be no other instances of `Engine` elsewhere in the process.
977 /// Note that this isn't just copies of this `Engine` but it's any other
978 /// `Engine` at all. This unloads global state that is used by all
979 /// `Engine`s so this instance must be the last.
980 ///
981 /// * On Unix platforms no other signal handlers could have been installed
982 /// for signals that Wasmtime catches. In this situation Wasmtime won't
983 /// know how to restore signal handlers that Wasmtime possibly overwrote
984 /// when Wasmtime was initially loaded. If possible initialize other
985 /// libraries first and then initialize Wasmtime last (e.g. defer creating
986 /// an `Engine`).
987 ///
988 /// * All existing threads which have used this DLL or copy of Wasmtime may
989 /// no longer use this copy of Wasmtime. Per-thread state is not iterated
990 /// and destroyed. Only future threads may use future instances of this
991 /// Wasmtime itself.
992 ///
993 /// If other crashes are seen from using this method please feel free to
994 /// file an issue to update the documentation here with more preconditions
995 /// that must be met.
996 #[cfg(has_native_signals)]
997 pub unsafe fn unload_process_handlers(self) {
998 assert_eq!(Arc::weak_count(&self.inner), 0);
999 assert_eq!(Arc::strong_count(&self.inner), 1);
1000
1001 // SAFETY: the contract of this function is the same as `deinit_traps`.
1002 #[cfg(not(miri))]
1003 unsafe {
1004 crate::runtime::vm::deinit_traps();
1005 }
1006 }
1007}
1008
1009/// A weak reference to an [`Engine`].
1010#[derive(Clone, Default)]
1011pub struct EngineWeak {
1012 inner: alloc::sync::Weak<EngineInner>,
1013}
1014
1015impl EngineWeak {
1016 /// Upgrade this weak reference into an [`Engine`]. Returns `None` if
1017 /// strong references (the [`Engine`] type itself) no longer exist.
1018 pub fn upgrade(&self) -> Option<Engine> {
1019 alloc::sync::Weak::upgrade(&self.inner).map(|inner| Engine { inner })
1020 }
1021}