wasmtime/engine.rs
1use crate::Config;
2use crate::prelude::*;
3#[cfg(feature = "runtime")]
4pub use crate::runtime::code_memory::CustomCodeMemory;
5#[cfg(feature = "runtime")]
6use crate::runtime::type_registry::TypeRegistry;
7#[cfg(feature = "runtime")]
8use crate::runtime::vm::GcRuntime;
9use alloc::sync::Arc;
10use core::ptr::NonNull;
11#[cfg(target_has_atomic = "64")]
12use core::sync::atomic::{AtomicU64, Ordering};
13#[cfg(any(feature = "cranelift", feature = "winch"))]
14use object::write::{Object, StandardSegment};
15#[cfg(feature = "std")]
16use std::{fs::File, path::Path};
17use wasmparser::WasmFeatures;
18use wasmtime_environ::{FlagValue, ObjectKind, TripleExt, Tunables};
19
20mod serialization;
21
22/// An `Engine` which is a global context for compilation and management of wasm
23/// modules.
24///
25/// An engine can be safely shared across threads and is a cheap cloneable
26/// handle to the actual engine. The engine itself will be deallocated once all
27/// references to it have gone away.
28///
29/// Engines store global configuration preferences such as compilation settings,
30/// enabled features, etc. You'll likely only need at most one of these for a
31/// program.
32///
33/// ## Engines and `Clone`
34///
35/// Using `clone` on an `Engine` is a cheap operation. It will not create an
36/// entirely new engine, but rather just a new reference to the existing engine.
37/// In other words it's a shallow copy, not a deep copy.
38///
39/// ## Engines and `Default`
40///
41/// You can create an engine with default configuration settings using
42/// `Engine::default()`. Be sure to consult the documentation of [`Config`] for
43/// default settings.
44#[derive(Clone)]
45pub struct Engine {
46 inner: Arc<EngineInner>,
47}
48
49struct EngineInner {
50 config: Config,
51 features: WasmFeatures,
52 tunables: Tunables,
53 #[cfg(any(feature = "cranelift", feature = "winch"))]
54 compiler: Option<Box<dyn wasmtime_environ::Compiler>>,
55 #[cfg(feature = "runtime")]
56 allocator: Box<dyn crate::runtime::vm::InstanceAllocator + Send + Sync>,
57 #[cfg(feature = "runtime")]
58 gc_runtime: Option<Arc<dyn GcRuntime>>,
59 #[cfg(feature = "runtime")]
60 profiler: Box<dyn crate::profiling_agent::ProfilingAgent>,
61 #[cfg(feature = "runtime")]
62 signatures: TypeRegistry,
63 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
64 epoch: AtomicU64,
65
66 /// One-time check of whether the compiler's settings, if present, are
67 /// compatible with the native host.
68 compatible_with_native_host: crate::sync::OnceLock<Result<(), String>>,
69}
70
71impl core::fmt::Debug for Engine {
72 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
73 f.debug_tuple("Engine")
74 .field(&Arc::as_ptr(&self.inner))
75 .finish()
76 }
77}
78
79impl Default for Engine {
80 fn default() -> Engine {
81 Engine::new(&Config::default()).unwrap()
82 }
83}
84
85impl Engine {
86 /// Creates a new [`Engine`] with the specified compilation and
87 /// configuration settings.
88 ///
89 /// # Errors
90 ///
91 /// This method can fail if the `config` is invalid or some
92 /// configurations are incompatible.
93 ///
94 /// For example, feature `reference_types` will need to set
95 /// the compiler setting `unwind_info` to `true`, but explicitly
96 /// disable these two compiler settings will cause errors.
97 pub fn new(config: &Config) -> Result<Engine> {
98 let config = config.clone();
99 let (mut tunables, features) = config.validate()?;
100
101 #[cfg(feature = "runtime")]
102 if tunables.signals_based_traps {
103 // Ensure that crate::runtime::vm's signal handlers are
104 // configured. This is the per-program initialization required for
105 // handling traps, such as configuring signals, vectored exception
106 // handlers, etc.
107 #[cfg(has_native_signals)]
108 crate::runtime::vm::init_traps(config.macos_use_mach_ports);
109 if !cfg!(miri) {
110 #[cfg(all(has_host_compiler_backend, feature = "debug-builtins"))]
111 crate::runtime::vm::debug_builtins::init();
112 }
113 }
114
115 #[cfg(any(feature = "cranelift", feature = "winch"))]
116 let (config, compiler) = if config.has_compiler() {
117 let (config, compiler) = config.build_compiler(&mut tunables, features)?;
118 (config, Some(compiler))
119 } else {
120 (config.clone(), None)
121 };
122 #[cfg(not(any(feature = "cranelift", feature = "winch")))]
123 let _ = &mut tunables;
124
125 Ok(Engine {
126 inner: Arc::new(EngineInner {
127 #[cfg(any(feature = "cranelift", feature = "winch"))]
128 compiler,
129 #[cfg(feature = "runtime")]
130 allocator: {
131 let allocator = config.build_allocator(&tunables)?;
132 #[cfg(feature = "gc")]
133 {
134 let mem_ty = tunables.gc_heap_memory_type();
135 allocator.validate_memory(&mem_ty).context(
136 "instance allocator cannot support configured GC heap memory",
137 )?;
138 }
139 allocator
140 },
141 #[cfg(feature = "runtime")]
142 gc_runtime: config.build_gc_runtime()?,
143 #[cfg(feature = "runtime")]
144 profiler: config.build_profiler()?,
145 #[cfg(feature = "runtime")]
146 signatures: TypeRegistry::new(),
147 #[cfg(all(feature = "runtime", target_has_atomic = "64"))]
148 epoch: AtomicU64::new(0),
149 compatible_with_native_host: Default::default(),
150 config,
151 tunables,
152 features,
153 }),
154 })
155 }
156
157 /// Returns the configuration settings that this engine is using.
158 #[inline]
159 pub fn config(&self) -> &Config {
160 &self.inner.config
161 }
162
163 #[inline]
164 pub(crate) fn features(&self) -> WasmFeatures {
165 self.inner.features
166 }
167
168 pub(crate) fn run_maybe_parallel<
169 A: Send,
170 B: Send,
171 E: Send,
172 F: Fn(A) -> Result<B, E> + Send + Sync,
173 >(
174 &self,
175 input: Vec<A>,
176 f: F,
177 ) -> Result<Vec<B>, E> {
178 if self.config().parallel_compilation {
179 #[cfg(feature = "parallel-compilation")]
180 {
181 use rayon::prelude::*;
182 // If we collect into Result<Vec<B>, E> directly, the returned error is not
183 // deterministic, because any error could be returned early. So we first materialize
184 // all results in order and then return the first error deterministically, or Ok(_).
185 return input
186 .into_par_iter()
187 .map(|a| f(a))
188 .collect::<Vec<Result<B, E>>>()
189 .into_iter()
190 .collect::<Result<Vec<B>, E>>();
191 }
192 }
193
194 // In case the parallel-compilation feature is disabled or the parallel_compilation config
195 // was turned off dynamically fallback to the non-parallel version.
196 input
197 .into_iter()
198 .map(|a| f(a))
199 .collect::<Result<Vec<B>, E>>()
200 }
201
202 #[cfg(any(feature = "cranelift", feature = "winch"))]
203 pub(crate) fn run_maybe_parallel_mut<
204 T: Send,
205 E: Send,
206 F: Fn(&mut T) -> Result<(), E> + Send + Sync,
207 >(
208 &self,
209 input: &mut [T],
210 f: F,
211 ) -> Result<(), E> {
212 if self.config().parallel_compilation {
213 #[cfg(feature = "parallel-compilation")]
214 {
215 use rayon::prelude::*;
216 // If we collect into `Result<(), E>` directly, the returned
217 // error is not deterministic, because any error could be
218 // returned early. So we first materialize all results in order
219 // and then return the first error deterministically, or
220 // `Ok(_)`.
221 return input
222 .into_par_iter()
223 .map(|a| f(a))
224 .collect::<Vec<Result<(), E>>>()
225 .into_iter()
226 .collect::<Result<(), E>>();
227 }
228 }
229
230 // In case the parallel-compilation feature is disabled or the
231 // parallel_compilation config was turned off dynamically fallback to
232 // the non-parallel version.
233 input.into_iter().map(|a| f(a)).collect::<Result<(), E>>()
234 }
235
236 /// Take a weak reference to this engine.
237 pub fn weak(&self) -> EngineWeak {
238 EngineWeak {
239 inner: Arc::downgrade(&self.inner),
240 }
241 }
242
243 #[inline]
244 pub(crate) fn tunables(&self) -> &Tunables {
245 &self.inner.tunables
246 }
247
248 /// Returns whether the engine `a` and `b` refer to the same configuration.
249 #[inline]
250 pub fn same(a: &Engine, b: &Engine) -> bool {
251 Arc::ptr_eq(&a.inner, &b.inner)
252 }
253
254 /// Returns whether the engine is configured to support async functions.
255 #[cfg(feature = "async")]
256 #[inline]
257 pub fn is_async(&self) -> bool {
258 self.config().async_support
259 }
260
261 /// Detects whether the bytes provided are a precompiled object produced by
262 /// Wasmtime.
263 ///
264 /// This function will inspect the header of `bytes` to determine if it
265 /// looks like a precompiled core wasm module or a precompiled component.
266 /// This does not validate the full structure or guarantee that
267 /// deserialization will succeed, instead it helps higher-levels of the
268 /// stack make a decision about what to do next when presented with the
269 /// `bytes` as an input module.
270 ///
271 /// If the `bytes` looks like a precompiled object previously produced by
272 /// [`Module::serialize`](crate::Module::serialize),
273 /// [`Component::serialize`](crate::component::Component::serialize),
274 /// [`Engine::precompile_module`], or [`Engine::precompile_component`], then
275 /// this will return `Some(...)` indicating so. Otherwise `None` is
276 /// returned.
277 pub fn detect_precompiled(bytes: &[u8]) -> Option<Precompiled> {
278 serialization::detect_precompiled_bytes(bytes)
279 }
280
281 /// Like [`Engine::detect_precompiled`], but performs the detection on a file.
282 #[cfg(feature = "std")]
283 pub fn detect_precompiled_file(path: impl AsRef<Path>) -> Result<Option<Precompiled>> {
284 serialization::detect_precompiled_file(path)
285 }
286
287 /// Returns the target triple which this engine is compiling code for
288 /// and/or running code for.
289 pub(crate) fn target(&self) -> target_lexicon::Triple {
290 return self.config().compiler_target();
291 }
292
293 /// Verify that this engine's configuration is compatible with loading
294 /// modules onto the native host platform.
295 ///
296 /// This method is used as part of `Module::new` to ensure that this
297 /// engine can indeed load modules for the configured compiler (if any).
298 /// Note that if cranelift is disabled this trivially returns `Ok` because
299 /// loaded serialized modules are checked separately.
300 pub(crate) fn check_compatible_with_native_host(&self) -> Result<()> {
301 self.inner
302 .compatible_with_native_host
303 .get_or_init(|| self._check_compatible_with_native_host())
304 .clone()
305 .map_err(anyhow::Error::msg)
306 }
307
308 fn _check_compatible_with_native_host(&self) -> Result<(), String> {
309 use target_lexicon::Triple;
310
311 let host = Triple::host();
312 let target = self.config().compiler_target();
313
314 let target_matches_host = || {
315 // If the host target and target triple match, then it's valid
316 // to run results of compilation on this host.
317 if host == target {
318 return true;
319 }
320
321 // If there's a mismatch and the target is a compatible pulley
322 // target, then that's also ok to run.
323 if cfg!(feature = "pulley")
324 && target.is_pulley()
325 && target.pointer_width() == host.pointer_width()
326 && target.endianness() == host.endianness()
327 {
328 return true;
329 }
330
331 // ... otherwise everything else is considered not a match.
332 false
333 };
334
335 if !target_matches_host() {
336 return Err(format!(
337 "target '{target}' specified in the configuration does not match the host"
338 ));
339 }
340
341 #[cfg(any(feature = "cranelift", feature = "winch"))]
342 {
343 if let Some(compiler) = self.compiler() {
344 // Also double-check all compiler settings
345 for (key, value) in compiler.flags().iter() {
346 self.check_compatible_with_shared_flag(key, value)?;
347 }
348 for (key, value) in compiler.isa_flags().iter() {
349 self.check_compatible_with_isa_flag(key, value)?;
350 }
351 }
352 }
353
354 // Double-check that this configuration isn't requesting capabilities
355 // that this build of Wasmtime doesn't support.
356 if !cfg!(has_native_signals) && self.tunables().signals_based_traps {
357 return Err("signals-based-traps disabled at compile time -- cannot be enabled".into());
358 }
359 if !cfg!(has_virtual_memory) && self.tunables().memory_init_cow {
360 return Err("virtual memory disabled at compile time -- cannot enable CoW".into());
361 }
362 if !cfg!(target_has_atomic = "64") && self.tunables().epoch_interruption {
363 return Err("epochs currently require 64-bit atomics".into());
364 }
365
366 // Double-check that the host's float ABI matches Cranelift's float ABI.
367 // See `Config::x86_float_abi_ok` for some more
368 // information.
369 if target == target_lexicon::triple!("x86_64-unknown-none")
370 && self.config().x86_float_abi_ok != Some(true)
371 {
372 return Err("\
373the x86_64-unknown-none target by default uses a soft-float ABI that is \
374incompatible with Cranelift and Wasmtime -- use \
375`Config::x86_float_abi_ok` to disable this check and see more \
376information about this check\
377"
378 .into());
379 }
380
381 Ok(())
382 }
383
384 /// Checks to see whether the "shared flag", something enabled for
385 /// individual compilers, is compatible with the native host platform.
386 ///
387 /// This is used both when validating an engine's compilation settings are
388 /// compatible with the host as well as when deserializing modules from
389 /// disk to ensure they're compatible with the current host.
390 ///
391 /// Note that most of the settings here are not configured by users that
392 /// often. While theoretically possible via `Config` methods the more
393 /// interesting flags are the ISA ones below. Typically the values here
394 /// represent global configuration for wasm features. Settings here
395 /// currently rely on the compiler informing us of all settings, including
396 /// those disabled. Settings then fall in a few buckets:
397 ///
398 /// * Some settings must be enabled, such as `preserve_frame_pointers`.
399 /// * Some settings must have a particular value, such as
400 /// `libcall_call_conv`.
401 /// * Some settings do not matter as to their value, such as `opt_level`.
402 pub(crate) fn check_compatible_with_shared_flag(
403 &self,
404 flag: &str,
405 value: &FlagValue,
406 ) -> Result<(), String> {
407 let target = self.target();
408 let ok = match flag {
409 // These settings must all have be enabled, since their value
410 // can affect the way the generated code performs or behaves at
411 // runtime.
412 "libcall_call_conv" => *value == FlagValue::Enum("isa_default"),
413 "preserve_frame_pointers" => *value == FlagValue::Bool(true),
414 "enable_probestack" => *value == FlagValue::Bool(true),
415 "probestack_strategy" => *value == FlagValue::Enum("inline"),
416 "enable_multi_ret_implicit_sret" => *value == FlagValue::Bool(true),
417
418 // Features wasmtime doesn't use should all be disabled, since
419 // otherwise if they are enabled it could change the behavior of
420 // generated code.
421 "enable_llvm_abi_extensions" => *value == FlagValue::Bool(false),
422 "enable_pinned_reg" => *value == FlagValue::Bool(false),
423 "use_colocated_libcalls" => *value == FlagValue::Bool(false),
424 "use_pinned_reg_as_heap_base" => *value == FlagValue::Bool(false),
425
426 // Windows requires unwind info as part of its ABI.
427 "unwind_info" => {
428 if target.operating_system == target_lexicon::OperatingSystem::Windows {
429 *value == FlagValue::Bool(true)
430 } else {
431 return Ok(())
432 }
433 }
434
435 // stack switch model must match the current OS
436 "stack_switch_model" => {
437 if self.features().contains(WasmFeatures::STACK_SWITCHING) {
438 use target_lexicon::OperatingSystem;
439 let expected =
440 match target.operating_system {
441 OperatingSystem::Windows => "update_windows_tib",
442 OperatingSystem::Linux
443 | OperatingSystem::MacOSX(_)
444 | OperatingSystem::Darwin(_) => "basic",
445 _ => { return Err(String::from("stack-switching feature not supported on this platform")); }
446 };
447 *value == FlagValue::Enum(expected)
448 } else {
449 return Ok(())
450 }
451 }
452
453 // These settings don't affect the interface or functionality of
454 // the module itself, so their configuration values shouldn't
455 // matter.
456 "enable_heap_access_spectre_mitigation"
457 | "enable_table_access_spectre_mitigation"
458 | "enable_nan_canonicalization"
459 | "enable_float"
460 | "enable_verifier"
461 | "enable_pcc"
462 | "regalloc_checker"
463 | "regalloc_verbose_logs"
464 | "regalloc_algorithm"
465 | "is_pic"
466 | "bb_padding_log2_minus_one"
467 | "log2_min_function_alignment"
468 | "machine_code_cfg_info"
469 | "tls_model" // wasmtime doesn't use tls right now
470 | "opt_level" // opt level doesn't change semantics
471 | "enable_alias_analysis" // alias analysis-based opts don't change semantics
472 | "probestack_size_log2" // probestack above asserted disabled
473 | "regalloc" // shouldn't change semantics
474 | "enable_incremental_compilation_cache_checks" // shouldn't change semantics
475 | "enable_atomics" => return Ok(()),
476
477 // Everything else is unknown and needs to be added somewhere to
478 // this list if encountered.
479 _ => {
480 return Err(format!("unknown shared setting {flag:?} configured to {value:?}"))
481 }
482 };
483
484 if !ok {
485 return Err(format!(
486 "setting {flag:?} is configured to {value:?} which is not supported",
487 ));
488 }
489 Ok(())
490 }
491
492 /// Same as `check_compatible_with_native_host` except used for ISA-specific
493 /// flags. This is used to test whether a configured ISA flag is indeed
494 /// available on the host platform itself.
495 pub(crate) fn check_compatible_with_isa_flag(
496 &self,
497 flag: &str,
498 value: &FlagValue,
499 ) -> Result<(), String> {
500 match value {
501 // ISA flags are used for things like CPU features, so if they're
502 // disabled then it's compatible with the native host.
503 FlagValue::Bool(false) => return Ok(()),
504
505 // Fall through below where we test at runtime that features are
506 // available.
507 FlagValue::Bool(true) => {}
508
509 // Pulley's pointer_width must match the host.
510 FlagValue::Enum("pointer32") => {
511 return if cfg!(target_pointer_width = "32") {
512 Ok(())
513 } else {
514 Err("wrong host pointer width".to_string())
515 };
516 }
517 FlagValue::Enum("pointer64") => {
518 return if cfg!(target_pointer_width = "64") {
519 Ok(())
520 } else {
521 Err("wrong host pointer width".to_string())
522 };
523 }
524
525 // Only `bool` values are supported right now, other settings would
526 // need more support here.
527 _ => {
528 return Err(format!(
529 "isa-specific feature {flag:?} configured to unknown value {value:?}"
530 ));
531 }
532 }
533
534 let host_feature = match flag {
535 // aarch64 features to detect
536 "has_lse" => "lse",
537 "has_pauth" => "paca",
538 "has_fp16" => "fp16",
539
540 // aarch64 features which don't need detection
541 // No effect on its own.
542 "sign_return_address_all" => return Ok(()),
543 // The pointer authentication instructions act as a `NOP` when
544 // unsupported, so it is safe to enable them.
545 "sign_return_address" => return Ok(()),
546 // No effect on its own.
547 "sign_return_address_with_bkey" => return Ok(()),
548 // The `BTI` instruction acts as a `NOP` when unsupported, so it
549 // is safe to enable it regardless of whether the host supports it
550 // or not.
551 "use_bti" => return Ok(()),
552
553 // s390x features to detect
554 "has_vxrs_ext2" => "vxrs_ext2",
555 "has_vxrs_ext3" => "vxrs_ext3",
556 "has_mie3" => "mie3",
557 "has_mie4" => "mie4",
558
559 // x64 features to detect
560 "has_cmpxchg16b" => "cmpxchg16b",
561 "has_sse3" => "sse3",
562 "has_ssse3" => "ssse3",
563 "has_sse41" => "sse4.1",
564 "has_sse42" => "sse4.2",
565 "has_popcnt" => "popcnt",
566 "has_avx" => "avx",
567 "has_avx2" => "avx2",
568 "has_fma" => "fma",
569 "has_bmi1" => "bmi1",
570 "has_bmi2" => "bmi2",
571 "has_avx512bitalg" => "avx512bitalg",
572 "has_avx512dq" => "avx512dq",
573 "has_avx512f" => "avx512f",
574 "has_avx512vl" => "avx512vl",
575 "has_avx512vbmi" => "avx512vbmi",
576 "has_lzcnt" => "lzcnt",
577
578 // pulley features
579 "big_endian" if cfg!(target_endian = "big") => return Ok(()),
580 "big_endian" if cfg!(target_endian = "little") => {
581 return Err("wrong host endianness".to_string());
582 }
583
584 _ => {
585 // FIXME: should enumerate risc-v features and plumb them
586 // through to the `detect_host_feature` function.
587 if cfg!(target_arch = "riscv64") && flag != "not_a_flag" {
588 return Ok(());
589 }
590 return Err(format!(
591 "don't know how to test for target-specific flag {flag:?} at runtime"
592 ));
593 }
594 };
595
596 let detect = match self.config().detect_host_feature {
597 Some(detect) => detect,
598 None => {
599 return Err(format!(
600 "cannot determine if host feature {host_feature:?} is \
601 available at runtime, configure a probing function with \
602 `Config::detect_host_feature`"
603 ));
604 }
605 };
606
607 match detect(host_feature) {
608 Some(true) => Ok(()),
609 Some(false) => Err(format!(
610 "compilation setting {flag:?} is enabled, but not \
611 available on the host",
612 )),
613 None => Err(format!(
614 "failed to detect if target-specific flag {host_feature:?} is \
615 available at runtime (compile setting {flag:?})"
616 )),
617 }
618 }
619
620 /// Returns whether this [`Engine`] is configured to execute with Pulley,
621 /// Wasmtime's interpreter.
622 ///
623 /// Note that Pulley is the default for host platforms that do not have a
624 /// Cranelift backend to support them. For example at the time of this
625 /// writing 32-bit x86 is not supported in Cranelift so the
626 /// `i686-unknown-linux-gnu` target would by default return `true` here.
627 pub fn is_pulley(&self) -> bool {
628 self.target().is_pulley()
629 }
630}
631
632#[cfg(any(feature = "cranelift", feature = "winch"))]
633impl Engine {
634 pub(crate) fn compiler(&self) -> Option<&dyn wasmtime_environ::Compiler> {
635 self.inner.compiler.as_deref()
636 }
637
638 pub(crate) fn try_compiler(&self) -> Result<&dyn wasmtime_environ::Compiler> {
639 self.compiler()
640 .ok_or_else(|| anyhow!("Engine was not configured with a compiler"))
641 }
642
643 /// Ahead-of-time (AOT) compiles a WebAssembly module.
644 ///
645 /// The `bytes` provided must be in one of two formats:
646 ///
647 /// * A [binary-encoded][binary] WebAssembly module. This is always supported.
648 /// * A [text-encoded][text] instance of the WebAssembly text format.
649 /// This is only supported when the `wat` feature of this crate is enabled.
650 /// If this is supplied then the text format will be parsed before validation.
651 /// Note that the `wat` feature is enabled by default.
652 ///
653 /// This method may be used to compile a module for use with a different target
654 /// host. The output of this method may be used with
655 /// [`Module::deserialize`](crate::Module::deserialize) on hosts compatible
656 /// with the [`Config`](crate::Config) associated with this [`Engine`].
657 ///
658 /// The output of this method is safe to send to another host machine for later
659 /// execution. As the output is already a compiled module, translation and code
660 /// generation will be skipped and this will improve the performance of constructing
661 /// a [`Module`](crate::Module) from the output of this method.
662 ///
663 /// [binary]: https://webassembly.github.io/spec/core/binary/index.html
664 /// [text]: https://webassembly.github.io/spec/core/text/index.html
665 pub fn precompile_module(&self, bytes: &[u8]) -> Result<Vec<u8>> {
666 crate::CodeBuilder::new(self)
667 .wasm_binary_or_text(bytes, None)?
668 .compile_module_serialized()
669 }
670
671 /// Same as [`Engine::precompile_module`] except for a
672 /// [`Component`](crate::component::Component)
673 #[cfg(feature = "component-model")]
674 pub fn precompile_component(&self, bytes: &[u8]) -> Result<Vec<u8>> {
675 crate::CodeBuilder::new(self)
676 .wasm_binary_or_text(bytes, None)?
677 .compile_component_serialized()
678 }
679
680 /// Produces a blob of bytes by serializing the `engine`'s configuration data to
681 /// be checked, perhaps in a different process, with the `check_compatible`
682 /// method below.
683 ///
684 /// The blob of bytes is inserted into the object file specified to become part
685 /// of the final compiled artifact.
686 pub(crate) fn append_compiler_info(&self, obj: &mut Object<'_>) -> Result<()> {
687 serialization::append_compiler_info(self, obj, &serialization::Metadata::new(&self)?);
688 Ok(())
689 }
690
691 #[cfg(any(feature = "cranelift", feature = "winch"))]
692 pub(crate) fn append_bti(&self, obj: &mut Object<'_>) {
693 let section = obj.add_section(
694 obj.segment_name(StandardSegment::Data).to_vec(),
695 wasmtime_environ::obj::ELF_WASM_BTI.as_bytes().to_vec(),
696 object::SectionKind::ReadOnlyData,
697 );
698 let contents = if self
699 .compiler()
700 .is_some_and(|c| c.is_branch_protection_enabled())
701 {
702 1
703 } else {
704 0
705 };
706 obj.append_section_data(section, &[contents], 1);
707 }
708}
709
710/// Return value from the [`Engine::detect_precompiled`] API.
711#[derive(PartialEq, Eq, Copy, Clone, Debug)]
712pub enum Precompiled {
713 /// The input bytes look like a precompiled core wasm module.
714 Module,
715 /// The input bytes look like a precompiled wasm component.
716 Component,
717}
718
719#[cfg(feature = "runtime")]
720impl Engine {
721 /// Eagerly initialize thread-local functionality shared by all [`Engine`]s.
722 ///
723 /// Wasmtime's implementation on some platforms may involve per-thread
724 /// setup that needs to happen whenever WebAssembly is invoked. This setup
725 /// can take on the order of a few hundred microseconds, whereas the
726 /// overhead of calling WebAssembly is otherwise on the order of a few
727 /// nanoseconds. This setup cost is paid once per-OS-thread. If your
728 /// application is sensitive to the latencies of WebAssembly function
729 /// calls, even those that happen first on a thread, then this function
730 /// can be used to improve the consistency of each call into WebAssembly
731 /// by explicitly frontloading the cost of the one-time setup per-thread.
732 ///
733 /// Note that this function is not required to be called in any embedding.
734 /// Wasmtime will automatically initialize thread-local-state as necessary
735 /// on calls into WebAssembly. This is provided for use cases where the
736 /// latency of WebAssembly calls are extra-important, which is not
737 /// necessarily true of all embeddings.
738 pub fn tls_eager_initialize() {
739 crate::runtime::vm::tls_eager_initialize();
740 }
741
742 /// Returns a [`PoolingAllocatorMetrics`](crate::PoolingAllocatorMetrics) if
743 /// this engine was configured with
744 /// [`InstanceAllocationStrategy::Pooling`](crate::InstanceAllocationStrategy::Pooling).
745 #[cfg(feature = "pooling-allocator")]
746 pub fn pooling_allocator_metrics(&self) -> Option<crate::vm::PoolingAllocatorMetrics> {
747 crate::runtime::vm::PoolingAllocatorMetrics::new(self)
748 }
749
750 pub(crate) fn allocator(&self) -> &dyn crate::runtime::vm::InstanceAllocator {
751 self.inner.allocator.as_ref()
752 }
753
754 pub(crate) fn gc_runtime(&self) -> Option<&Arc<dyn GcRuntime>> {
755 self.inner.gc_runtime.as_ref()
756 }
757
758 pub(crate) fn profiler(&self) -> &dyn crate::profiling_agent::ProfilingAgent {
759 self.inner.profiler.as_ref()
760 }
761
762 #[cfg(all(feature = "cache", any(feature = "cranelift", feature = "winch")))]
763 pub(crate) fn cache(&self) -> Option<&wasmtime_cache::Cache> {
764 self.config().cache.as_ref()
765 }
766
767 pub(crate) fn signatures(&self) -> &TypeRegistry {
768 &self.inner.signatures
769 }
770
771 #[cfg(feature = "runtime")]
772 pub(crate) fn custom_code_memory(&self) -> Option<&Arc<dyn CustomCodeMemory>> {
773 self.config().custom_code_memory.as_ref()
774 }
775
776 #[cfg(target_has_atomic = "64")]
777 pub(crate) fn epoch_counter(&self) -> &AtomicU64 {
778 &self.inner.epoch
779 }
780
781 #[cfg(target_has_atomic = "64")]
782 pub(crate) fn current_epoch(&self) -> u64 {
783 self.epoch_counter().load(Ordering::Relaxed)
784 }
785
786 /// Increments the epoch.
787 ///
788 /// When using epoch-based interruption, currently-executing Wasm
789 /// code within this engine will trap or yield "soon" when the
790 /// epoch deadline is reached or exceeded. (The configuration, and
791 /// the deadline, are set on the `Store`.) The intent of the
792 /// design is for this method to be called by the embedder at some
793 /// regular cadence, for example by a thread that wakes up at some
794 /// interval, or by a signal handler.
795 ///
796 /// See [`Config::epoch_interruption`](crate::Config::epoch_interruption)
797 /// for an introduction to epoch-based interruption and pointers
798 /// to the other relevant methods.
799 ///
800 /// When performing `increment_epoch` in a separate thread, consider using
801 /// [`Engine::weak`] to hold an [`EngineWeak`](crate::EngineWeak) and
802 /// performing [`EngineWeak::upgrade`](crate::EngineWeak::upgrade) on each
803 /// tick, so that the epoch ticking thread does not keep an [`Engine`] alive
804 /// longer than any of its consumers.
805 ///
806 /// ## Signal Safety
807 ///
808 /// This method is signal-safe: it does not make any syscalls, and
809 /// performs only an atomic increment to the epoch value in
810 /// memory.
811 #[cfg(target_has_atomic = "64")]
812 pub fn increment_epoch(&self) {
813 self.inner.epoch.fetch_add(1, Ordering::Relaxed);
814 }
815
816 /// Returns a [`std::hash::Hash`] that can be used to check precompiled WebAssembly compatibility.
817 ///
818 /// The outputs of [`Engine::precompile_module`] and [`Engine::precompile_component`]
819 /// are compatible with a different [`Engine`] instance only if the two engines use
820 /// compatible [`Config`]s. If this Hash matches between two [`Engine`]s then binaries
821 /// from one are guaranteed to deserialize in the other.
822 #[cfg(any(feature = "cranelift", feature = "winch"))]
823 pub fn precompile_compatibility_hash(&self) -> impl std::hash::Hash + '_ {
824 crate::compile::HashedEngineCompileEnv(self)
825 }
826
827 /// Returns the required alignment for a code image, if we
828 /// allocate in a way that is not a system `mmap()` that naturally
829 /// aligns it.
830 fn required_code_alignment(&self) -> usize {
831 self.custom_code_memory()
832 .map(|c| c.required_alignment())
833 .unwrap_or(1)
834 }
835
836 /// Loads a `CodeMemory` from the specified in-memory slice, copying it to a
837 /// uniquely owned mmap.
838 ///
839 /// The `expected` marker here is whether the bytes are expected to be a
840 /// precompiled module or a component.
841 pub(crate) fn load_code_bytes(
842 &self,
843 bytes: &[u8],
844 expected: ObjectKind,
845 ) -> Result<Arc<crate::CodeMemory>> {
846 self.load_code(
847 crate::runtime::vm::MmapVec::from_slice_with_alignment(
848 bytes,
849 self.required_code_alignment(),
850 )?,
851 expected,
852 )
853 }
854
855 /// Loads a `CodeMemory` from the specified memory region without copying
856 ///
857 /// The `expected` marker here is whether the bytes are expected to be
858 /// a precompiled module or a component. The `memory` provided is expected
859 /// to be a serialized module (.cwasm) generated by `[Module::serialize]`
860 /// or [`Engine::precompile_module] or their `Component` counterparts
861 /// [`Component::serialize`] or `[Engine::precompile_component]`.
862 ///
863 /// The memory provided is guaranteed to only be immutably by the runtime.
864 ///
865 /// # Safety
866 ///
867 /// As there is no copy here, the runtime will be making direct readonly use
868 /// of the provided memory. As such, outside writes to this memory region
869 /// will result in undefined and likely very undesirable behavior.
870 pub(crate) unsafe fn load_code_raw(
871 &self,
872 memory: NonNull<[u8]>,
873 expected: ObjectKind,
874 ) -> Result<Arc<crate::CodeMemory>> {
875 // SAFETY: the contract of this function is the same as that of
876 // `from_raw`.
877 unsafe { self.load_code(crate::runtime::vm::MmapVec::from_raw(memory)?, expected) }
878 }
879
880 /// Like `load_code_bytes`, but creates a mmap from a file on disk.
881 #[cfg(feature = "std")]
882 pub(crate) fn load_code_file(
883 &self,
884 file: File,
885 expected: ObjectKind,
886 ) -> Result<Arc<crate::CodeMemory>> {
887 self.load_code(
888 crate::runtime::vm::MmapVec::from_file(file)
889 .with_context(|| "Failed to create file mapping".to_string())?,
890 expected,
891 )
892 }
893
894 pub(crate) fn load_code(
895 &self,
896 mmap: crate::runtime::vm::MmapVec,
897 expected: ObjectKind,
898 ) -> Result<Arc<crate::CodeMemory>> {
899 self.check_compatible_with_native_host()
900 .context("compilation settings are not compatible with the native host")?;
901
902 serialization::check_compatible(self, &mmap, expected)?;
903 let mut code = crate::CodeMemory::new(self, mmap)?;
904 code.publish()?;
905 Ok(Arc::new(code))
906 }
907
908 /// Unload process-related trap/signal handlers and destroy this engine.
909 ///
910 /// This method is not safe and is not widely applicable. It is not required
911 /// to be called and is intended for use cases such as unloading a dynamic
912 /// library from a process. It is difficult to invoke this method correctly
913 /// and it requires careful coordination to do so.
914 ///
915 /// # Panics
916 ///
917 /// This method will panic if this `Engine` handle is not the last remaining
918 /// engine handle.
919 ///
920 /// # Aborts
921 ///
922 /// This method will abort the process on some platforms in some situations
923 /// where unloading the handler cannot be performed and an unrecoverable
924 /// state is reached. For example on Unix platforms with signal handling
925 /// the process will be aborted if the current signal handlers are not
926 /// Wasmtime's.
927 ///
928 /// # Unsafety
929 ///
930 /// This method is not generally safe to call and has a number of
931 /// preconditions that must be met to even possibly be safe. Even with these
932 /// known preconditions met there may be other unknown invariants to uphold
933 /// as well.
934 ///
935 /// * There must be no other instances of `Engine` elsewhere in the process.
936 /// Note that this isn't just copies of this `Engine` but it's any other
937 /// `Engine` at all. This unloads global state that is used by all
938 /// `Engine`s so this instance must be the last.
939 ///
940 /// * On Unix platforms no other signal handlers could have been installed
941 /// for signals that Wasmtime catches. In this situation Wasmtime won't
942 /// know how to restore signal handlers that Wasmtime possibly overwrote
943 /// when Wasmtime was initially loaded. If possible initialize other
944 /// libraries first and then initialize Wasmtime last (e.g. defer creating
945 /// an `Engine`).
946 ///
947 /// * All existing threads which have used this DLL or copy of Wasmtime may
948 /// no longer use this copy of Wasmtime. Per-thread state is not iterated
949 /// and destroyed. Only future threads may use future instances of this
950 /// Wasmtime itself.
951 ///
952 /// If other crashes are seen from using this method please feel free to
953 /// file an issue to update the documentation here with more preconditions
954 /// that must be met.
955 #[cfg(has_native_signals)]
956 pub unsafe fn unload_process_handlers(self) {
957 assert_eq!(Arc::weak_count(&self.inner), 0);
958 assert_eq!(Arc::strong_count(&self.inner), 1);
959
960 // SAFETY: the contract of this function is the same as `deinit_traps`.
961 #[cfg(not(miri))]
962 unsafe {
963 crate::runtime::vm::deinit_traps();
964 }
965 }
966}
967
968/// A weak reference to an [`Engine`].
969#[derive(Clone)]
970pub struct EngineWeak {
971 inner: alloc::sync::Weak<EngineInner>,
972}
973
974impl EngineWeak {
975 /// Upgrade this weak reference into an [`Engine`]. Returns `None` if
976 /// strong references (the [`Engine`] type itself) no longer exist.
977 pub fn upgrade(&self) -> Option<Engine> {
978 alloc::sync::Weak::upgrade(&self.inner).map(|inner| Engine { inner })
979 }
980}