wasmtime/runtime/func.rs
1use crate::prelude::*;
2use crate::runtime::vm::{
3 ExportFunction, InterpreterRef, SendSyncPtr, StoreBox, VMArrayCallHostFuncContext, VMContext,
4 VMFuncRef, VMFunctionImport, VMOpaqueContext,
5};
6use crate::runtime::Uninhabited;
7use crate::store::{AutoAssertNoGc, StoreData, StoreOpaque, Stored};
8use crate::type_registry::RegisteredType;
9use crate::{
10 AsContext, AsContextMut, CallHook, Engine, Extern, FuncType, Instance, Module, ModuleExport,
11 Ref, StoreContext, StoreContextMut, Val, ValRaw, ValType,
12};
13use alloc::sync::Arc;
14use core::ffi::c_void;
15use core::mem::{self, MaybeUninit};
16use core::ptr::NonNull;
17#[cfg(feature = "async")]
18use core::{future::Future, pin::Pin};
19use wasmtime_environ::VMSharedTypeIndex;
20
21/// A reference to the abstract `nofunc` heap value.
22///
23/// The are no instances of `(ref nofunc)`: it is an uninhabited type.
24///
25/// There is precisely one instance of `(ref null nofunc)`, aka `nullfuncref`:
26/// the null reference.
27///
28/// This `NoFunc` Rust type's sole purpose is for use with [`Func::wrap`]- and
29/// [`Func::typed`]-style APIs for statically typing a function as taking or
30/// returning a `(ref null nofunc)` (aka `Option<NoFunc>`) which is always
31/// `None`.
32///
33/// # Example
34///
35/// ```
36/// # use wasmtime::*;
37/// # fn _foo() -> Result<()> {
38/// let mut config = Config::new();
39/// config.wasm_function_references(true);
40/// let engine = Engine::new(&config)?;
41///
42/// let module = Module::new(
43/// &engine,
44/// r#"
45/// (module
46/// (func (export "f") (param (ref null nofunc))
47/// ;; If the reference is null, return.
48/// local.get 0
49/// ref.is_null nofunc
50/// br_if 0
51///
52/// ;; If the reference was not null (which is impossible)
53/// ;; then raise a trap.
54/// unreachable
55/// )
56/// )
57/// "#,
58/// )?;
59///
60/// let mut store = Store::new(&engine, ());
61/// let instance = Instance::new(&mut store, &module, &[])?;
62/// let f = instance.get_func(&mut store, "f").unwrap();
63///
64/// // We can cast a `(ref null nofunc)`-taking function into a typed function that
65/// // takes an `Option<NoFunc>` via the `Func::typed` method.
66/// let f = f.typed::<Option<NoFunc>, ()>(&store)?;
67///
68/// // We can call the typed function, passing the null `nofunc` reference.
69/// let result = f.call(&mut store, NoFunc::null());
70///
71/// // The function should not have trapped, because the reference we gave it was
72/// // null (as it had to be, since `NoFunc` is uninhabited).
73/// assert!(result.is_ok());
74/// # Ok(())
75/// # }
76/// ```
77#[derive(Copy, Clone, Debug, PartialEq, Eq)]
78pub struct NoFunc {
79 _inner: Uninhabited,
80}
81
82impl NoFunc {
83 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference.
84 #[inline]
85 pub fn null() -> Option<NoFunc> {
86 None
87 }
88
89 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
90 /// [`Ref`].
91 #[inline]
92 pub fn null_ref() -> Ref {
93 Ref::Func(None)
94 }
95
96 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
97 /// [`Val`].
98 #[inline]
99 pub fn null_val() -> Val {
100 Val::FuncRef(None)
101 }
102}
103
104/// A WebAssembly function which can be called.
105///
106/// This type typically represents an exported function from a WebAssembly
107/// module instance. In this case a [`Func`] belongs to an [`Instance`] and is
108/// loaded from there. A [`Func`] may also represent a host function as well in
109/// some cases, too.
110///
111/// Functions can be called in a few different ways, either synchronous or async
112/// and either typed or untyped (more on this below). Note that host functions
113/// are normally inserted directly into a [`Linker`](crate::Linker) rather than
114/// using this directly, but both options are available.
115///
116/// # `Func` and `async`
117///
118/// Functions from the perspective of WebAssembly are always synchronous. You
119/// might have an `async` function in Rust, however, which you'd like to make
120/// available from WebAssembly. Wasmtime supports asynchronously calling
121/// WebAssembly through native stack switching. You can get some more
122/// information about [asynchronous configs](crate::Config::async_support), but
123/// from the perspective of `Func` it's important to know that whether or not
124/// your [`Store`](crate::Store) is asynchronous will dictate whether you call
125/// functions through [`Func::call`] or [`Func::call_async`] (or the typed
126/// wrappers such as [`TypedFunc::call`] vs [`TypedFunc::call_async`]).
127///
128/// # To `Func::call` or to `Func::typed().call()`
129///
130/// There's a 2x2 matrix of methods to call [`Func`]. Invocations can either be
131/// asynchronous or synchronous. They can also be statically typed or not.
132/// Whether or not an invocation is asynchronous is indicated via the method
133/// being `async` and [`call_async`](Func::call_async) being the entry point.
134/// Otherwise for statically typed or not your options are:
135///
136/// * Dynamically typed - if you don't statically know the signature of the
137/// function that you're calling you'll be using [`Func::call`] or
138/// [`Func::call_async`]. These functions take a variable-length slice of
139/// "boxed" arguments in their [`Val`] representation. Additionally the
140/// results are returned as an owned slice of [`Val`]. These methods are not
141/// optimized due to the dynamic type checks that must occur, in addition to
142/// some dynamic allocations for where to put all the arguments. While this
143/// allows you to call all possible wasm function signatures, if you're
144/// looking for a speedier alternative you can also use...
145///
146/// * Statically typed - if you statically know the type signature of the wasm
147/// function you're calling, then you'll want to use the [`Func::typed`]
148/// method to acquire an instance of [`TypedFunc`]. This structure is static proof
149/// that the underlying wasm function has the ascripted type, and type
150/// validation is only done once up-front. The [`TypedFunc::call`] and
151/// [`TypedFunc::call_async`] methods are much more efficient than [`Func::call`]
152/// and [`Func::call_async`] because the type signature is statically known.
153/// This eschews runtime checks as much as possible to get into wasm as fast
154/// as possible.
155///
156/// # Examples
157///
158/// One way to get a `Func` is from an [`Instance`] after you've instantiated
159/// it:
160///
161/// ```
162/// # use wasmtime::*;
163/// # fn main() -> anyhow::Result<()> {
164/// let engine = Engine::default();
165/// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
166/// let mut store = Store::new(&engine, ());
167/// let instance = Instance::new(&mut store, &module, &[])?;
168/// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
169///
170/// // Work with `foo` as a `Func` at this point, such as calling it
171/// // dynamically...
172/// match foo.call(&mut store, &[], &mut []) {
173/// Ok(()) => { /* ... */ }
174/// Err(trap) => {
175/// panic!("execution of `foo` resulted in a wasm trap: {}", trap);
176/// }
177/// }
178/// foo.call(&mut store, &[], &mut [])?;
179///
180/// // ... or we can make a static assertion about its signature and call it.
181/// // Our first call here can fail if the signatures don't match, and then the
182/// // second call can fail if the function traps (like the `match` above).
183/// let foo = foo.typed::<(), ()>(&store)?;
184/// foo.call(&mut store, ())?;
185/// # Ok(())
186/// # }
187/// ```
188///
189/// You can also use the [`wrap` function](Func::wrap) to create a
190/// `Func`
191///
192/// ```
193/// # use wasmtime::*;
194/// # fn main() -> anyhow::Result<()> {
195/// let mut store = Store::<()>::default();
196///
197/// // Create a custom `Func` which can execute arbitrary code inside of the
198/// // closure.
199/// let add = Func::wrap(&mut store, |a: i32, b: i32| -> i32 { a + b });
200///
201/// // Next we can hook that up to a wasm module which uses it.
202/// let module = Module::new(
203/// store.engine(),
204/// r#"
205/// (module
206/// (import "" "" (func $add (param i32 i32) (result i32)))
207/// (func (export "call_add_twice") (result i32)
208/// i32.const 1
209/// i32.const 2
210/// call $add
211/// i32.const 3
212/// i32.const 4
213/// call $add
214/// i32.add))
215/// "#,
216/// )?;
217/// let instance = Instance::new(&mut store, &module, &[add.into()])?;
218/// let call_add_twice = instance.get_typed_func::<(), i32>(&mut store, "call_add_twice")?;
219///
220/// assert_eq!(call_add_twice.call(&mut store, ())?, 10);
221/// # Ok(())
222/// # }
223/// ```
224///
225/// Or you could also create an entirely dynamic `Func`!
226///
227/// ```
228/// # use wasmtime::*;
229/// # fn main() -> anyhow::Result<()> {
230/// let mut store = Store::<()>::default();
231///
232/// // Here we need to define the type signature of our `Double` function and
233/// // then wrap it up in a `Func`
234/// let double_type = wasmtime::FuncType::new(
235/// store.engine(),
236/// [wasmtime::ValType::I32].iter().cloned(),
237/// [wasmtime::ValType::I32].iter().cloned(),
238/// );
239/// let double = Func::new(&mut store, double_type, |_, params, results| {
240/// let mut value = params[0].unwrap_i32();
241/// value *= 2;
242/// results[0] = value.into();
243/// Ok(())
244/// });
245///
246/// let module = Module::new(
247/// store.engine(),
248/// r#"
249/// (module
250/// (import "" "" (func $double (param i32) (result i32)))
251/// (func $start
252/// i32.const 1
253/// call $double
254/// drop)
255/// (start $start))
256/// "#,
257/// )?;
258/// let instance = Instance::new(&mut store, &module, &[double.into()])?;
259/// // .. work with `instance` if necessary
260/// # Ok(())
261/// # }
262/// ```
263#[derive(Copy, Clone, Debug)]
264#[repr(transparent)] // here for the C API
265pub struct Func(Stored<FuncData>);
266
267pub(crate) struct FuncData {
268 kind: FuncKind,
269
270 // A pointer to the in-store `VMFuncRef` for this function, if
271 // any.
272 //
273 // When a function is passed to Wasm but doesn't have a Wasm-to-native
274 // trampoline, we have to patch it in. But that requires mutating the
275 // `VMFuncRef`, and this function could be shared across
276 // threads. So we instead copy and pin the `VMFuncRef` into
277 // `StoreOpaque::func_refs`, where we can safely patch the field without
278 // worrying about synchronization and we hold a pointer to it here so we can
279 // reuse it rather than re-copy if it is passed to Wasm again.
280 in_store_func_ref: Option<SendSyncPtr<VMFuncRef>>,
281
282 // This is somewhat expensive to load from the `Engine` and in most
283 // optimized use cases (e.g. `TypedFunc`) it's not actually needed or it's
284 // only needed rarely. To handle that this is an optionally-contained field
285 // which is lazily loaded into as part of `Func::call`.
286 //
287 // Also note that this is intentionally placed behind a pointer to keep it
288 // small as `FuncData` instances are often inserted into a `Store`.
289 ty: Option<Box<FuncType>>,
290}
291
292/// The ways that a function can be created and referenced from within a store.
293enum FuncKind {
294 /// A function already owned by the store via some other means. This is
295 /// used, for example, when creating a `Func` from an instance's exported
296 /// function. The instance's `InstanceHandle` is already owned by the store
297 /// and we just have some pointers into that which represent how to call the
298 /// function.
299 StoreOwned { export: ExportFunction },
300
301 /// A function is shared across possibly other stores, hence the `Arc`. This
302 /// variant happens when a `Linker`-defined function is instantiated within
303 /// a `Store` (e.g. via `Linker::get` or similar APIs). The `Arc` here
304 /// indicates that there's some number of other stores holding this function
305 /// too, so dropping this may not deallocate the underlying
306 /// `InstanceHandle`.
307 SharedHost(Arc<HostFunc>),
308
309 /// A uniquely-owned host function within a `Store`. This comes about with
310 /// `Func::new` or similar APIs. The `HostFunc` internally owns the
311 /// `InstanceHandle` and that will get dropped when this `HostFunc` itself
312 /// is dropped.
313 ///
314 /// Note that this is intentionally placed behind a `Box` to minimize the
315 /// size of this enum since the most common variant for high-performance
316 /// situations is `SharedHost` and `StoreOwned`, so this ideally isn't
317 /// larger than those two.
318 Host(Box<HostFunc>),
319
320 /// A reference to a `HostFunc`, but one that's "rooted" in the `Store`
321 /// itself.
322 ///
323 /// This variant is created when an `InstancePre<T>` is instantiated in to a
324 /// `Store<T>`. In that situation the `InstancePre<T>` already has a list of
325 /// host functions that are packaged up in an `Arc`, so the `Arc<[T]>` is
326 /// cloned once into the `Store` to avoid each individual function requiring
327 /// an `Arc::clone`.
328 ///
329 /// The lifetime management of this type is `unsafe` because
330 /// `RootedHostFunc` is a small wrapper around `NonNull<HostFunc>`. To be
331 /// safe this is required that the memory of the host function is pinned
332 /// elsewhere (e.g. the `Arc` in the `Store`).
333 RootedHost(RootedHostFunc),
334}
335
336macro_rules! for_each_function_signature {
337 ($mac:ident) => {
338 $mac!(0);
339 $mac!(1 A1);
340 $mac!(2 A1 A2);
341 $mac!(3 A1 A2 A3);
342 $mac!(4 A1 A2 A3 A4);
343 $mac!(5 A1 A2 A3 A4 A5);
344 $mac!(6 A1 A2 A3 A4 A5 A6);
345 $mac!(7 A1 A2 A3 A4 A5 A6 A7);
346 $mac!(8 A1 A2 A3 A4 A5 A6 A7 A8);
347 $mac!(9 A1 A2 A3 A4 A5 A6 A7 A8 A9);
348 $mac!(10 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10);
349 $mac!(11 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11);
350 $mac!(12 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12);
351 $mac!(13 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13);
352 $mac!(14 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14);
353 $mac!(15 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15);
354 $mac!(16 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16);
355 $mac!(17 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16 A17);
356 };
357}
358
359mod typed;
360pub use typed::*;
361
362impl Func {
363 /// Creates a new `Func` with the given arguments, typically to create a
364 /// host-defined function to pass as an import to a module.
365 ///
366 /// * `store` - the store in which to create this [`Func`], which will own
367 /// the return value.
368 ///
369 /// * `ty` - the signature of this function, used to indicate what the
370 /// inputs and outputs are.
371 ///
372 /// * `func` - the native code invoked whenever this `Func` will be called.
373 /// This closure is provided a [`Caller`] as its first argument to learn
374 /// information about the caller, and then it's passed a list of
375 /// parameters as a slice along with a mutable slice of where to write
376 /// results.
377 ///
378 /// Note that the implementation of `func` must adhere to the `ty` signature
379 /// given, error or traps may occur if it does not respect the `ty`
380 /// signature. For example if the function type declares that it returns one
381 /// i32 but the `func` closures does not write anything into the results
382 /// slice then a trap may be generated.
383 ///
384 /// Additionally note that this is quite a dynamic function since signatures
385 /// are not statically known. For a more performant and ergonomic `Func`
386 /// it's recommended to use [`Func::wrap`] if you can because with
387 /// statically known signatures Wasmtime can optimize the implementation
388 /// much more.
389 ///
390 /// For more information about `Send + Sync + 'static` requirements on the
391 /// `func`, see [`Func::wrap`](#why-send--sync--static).
392 ///
393 /// # Errors
394 ///
395 /// The host-provided function here returns a
396 /// [`Result<()>`](anyhow::Result). If the function returns `Ok(())` then
397 /// that indicates that the host function completed successfully and wrote
398 /// the result into the `&mut [Val]` argument.
399 ///
400 /// If the function returns `Err(e)`, however, then this is equivalent to
401 /// the host function triggering a trap for wasm. WebAssembly execution is
402 /// immediately halted and the original caller of [`Func::call`], for
403 /// example, will receive the error returned here (possibly with
404 /// [`WasmBacktrace`](crate::WasmBacktrace) context information attached).
405 ///
406 /// For more information about errors in Wasmtime see the [`Trap`]
407 /// documentation.
408 ///
409 /// [`Trap`]: crate::Trap
410 ///
411 /// # Panics
412 ///
413 /// Panics if the given function type is not associated with this store's
414 /// engine.
415 pub fn new<T>(
416 store: impl AsContextMut<Data = T>,
417 ty: FuncType,
418 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
419 ) -> Self {
420 assert!(ty.comes_from_same_engine(store.as_context().engine()));
421 let ty_clone = ty.clone();
422 unsafe {
423 Func::new_unchecked(store, ty, move |caller, values| {
424 Func::invoke_host_func_for_wasm(caller, &ty_clone, values, &func)
425 })
426 }
427 }
428
429 /// Creates a new [`Func`] with the given arguments, although has fewer
430 /// runtime checks than [`Func::new`].
431 ///
432 /// This function takes a callback of a different signature than
433 /// [`Func::new`], instead receiving a raw pointer with a list of [`ValRaw`]
434 /// structures. These values have no type information associated with them
435 /// so it's up to the caller to provide a function that will correctly
436 /// interpret the list of values as those coming from the `ty` specified.
437 ///
438 /// If you're calling this from Rust it's recommended to either instead use
439 /// [`Func::new`] or [`Func::wrap`]. The [`Func::wrap`] API, in particular,
440 /// is both safer and faster than this API.
441 ///
442 /// # Errors
443 ///
444 /// See [`Func::new`] for the behavior of returning an error from the host
445 /// function provided here.
446 ///
447 /// # Unsafety
448 ///
449 /// This function is not safe because it's not known at compile time that
450 /// the `func` provided correctly interprets the argument types provided to
451 /// it, or that the results it produces will be of the correct type.
452 ///
453 /// # Panics
454 ///
455 /// Panics if the given function type is not associated with this store's
456 /// engine.
457 pub unsafe fn new_unchecked<T>(
458 mut store: impl AsContextMut<Data = T>,
459 ty: FuncType,
460 func: impl Fn(Caller<'_, T>, &mut [ValRaw]) -> Result<()> + Send + Sync + 'static,
461 ) -> Self {
462 assert!(ty.comes_from_same_engine(store.as_context().engine()));
463 let store = store.as_context_mut().0;
464 let host = HostFunc::new_unchecked(store.engine(), ty, func);
465 host.into_func(store)
466 }
467
468 /// Creates a new host-defined WebAssembly function which, when called,
469 /// will run the asynchronous computation defined by `func` to completion
470 /// and then return the result to WebAssembly.
471 ///
472 /// This function is the asynchronous analogue of [`Func::new`] and much of
473 /// that documentation applies to this as well. The key difference is that
474 /// `func` returns a future instead of simply a `Result`. Note that the
475 /// returned future can close over any of the arguments, but it cannot close
476 /// over the state of the closure itself. It's recommended to store any
477 /// necessary async state in the `T` of the [`Store<T>`](crate::Store) which
478 /// can be accessed through [`Caller::data`] or [`Caller::data_mut`].
479 ///
480 /// For more information on `Send + Sync + 'static`, see
481 /// [`Func::wrap`](#why-send--sync--static).
482 ///
483 /// # Panics
484 ///
485 /// This function will panic if `store` is not associated with an [async
486 /// config](crate::Config::async_support).
487 ///
488 /// Panics if the given function type is not associated with this store's
489 /// engine.
490 ///
491 /// # Errors
492 ///
493 /// See [`Func::new`] for the behavior of returning an error from the host
494 /// function provided here.
495 ///
496 /// # Examples
497 ///
498 /// ```
499 /// # use wasmtime::*;
500 /// # fn main() -> anyhow::Result<()> {
501 /// // Simulate some application-specific state as well as asynchronous
502 /// // functions to query that state.
503 /// struct MyDatabase {
504 /// // ...
505 /// }
506 ///
507 /// impl MyDatabase {
508 /// async fn get_row_count(&self) -> u32 {
509 /// // ...
510 /// # 100
511 /// }
512 /// }
513 ///
514 /// let my_database = MyDatabase {
515 /// // ...
516 /// };
517 ///
518 /// // Using `new_async` we can hook up into calling our async
519 /// // `get_row_count` function.
520 /// let engine = Engine::new(Config::new().async_support(true))?;
521 /// let mut store = Store::new(&engine, MyDatabase {
522 /// // ...
523 /// });
524 /// let get_row_count_type = wasmtime::FuncType::new(
525 /// &engine,
526 /// None,
527 /// Some(wasmtime::ValType::I32),
528 /// );
529 /// let get = Func::new_async(&mut store, get_row_count_type, |caller, _params, results| {
530 /// Box::new(async move {
531 /// let count = caller.data().get_row_count().await;
532 /// results[0] = Val::I32(count as i32);
533 /// Ok(())
534 /// })
535 /// });
536 /// // ...
537 /// # Ok(())
538 /// # }
539 /// ```
540 #[cfg(all(feature = "async", feature = "cranelift"))]
541 pub fn new_async<T, F>(store: impl AsContextMut<Data = T>, ty: FuncType, func: F) -> Func
542 where
543 F: for<'a> Fn(
544 Caller<'a, T>,
545 &'a [Val],
546 &'a mut [Val],
547 ) -> Box<dyn Future<Output = Result<()>> + Send + 'a>
548 + Send
549 + Sync
550 + 'static,
551 {
552 assert!(
553 store.as_context().async_support(),
554 "cannot use `new_async` without enabling async support in the config"
555 );
556 assert!(ty.comes_from_same_engine(store.as_context().engine()));
557 Func::new(store, ty, move |mut caller, params, results| {
558 let async_cx = caller
559 .store
560 .as_context_mut()
561 .0
562 .async_cx()
563 .expect("Attempt to spawn new action on dying fiber");
564 let future = func(caller, params, results);
565 match unsafe { async_cx.block_on(Pin::from(future)) } {
566 Ok(Ok(())) => Ok(()),
567 Ok(Err(trap)) | Err(trap) => Err(trap),
568 }
569 })
570 }
571
572 pub(crate) unsafe fn from_vm_func_ref(
573 store: &mut StoreOpaque,
574 func_ref: NonNull<VMFuncRef>,
575 ) -> Func {
576 debug_assert!(func_ref.as_ref().type_index != VMSharedTypeIndex::default());
577 let export = ExportFunction { func_ref };
578 Func::from_wasmtime_function(export, store)
579 }
580
581 /// Creates a new `Func` from the given Rust closure.
582 ///
583 /// This function will create a new `Func` which, when called, will
584 /// execute the given Rust closure. Unlike [`Func::new`] the target
585 /// function being called is known statically so the type signature can
586 /// be inferred. Rust types will map to WebAssembly types as follows:
587 ///
588 /// | Rust Argument Type | WebAssembly Type |
589 /// |-----------------------------------|-------------------------------------------|
590 /// | `i32` | `i32` |
591 /// | `u32` | `i32` |
592 /// | `i64` | `i64` |
593 /// | `u64` | `i64` |
594 /// | `f32` | `f32` |
595 /// | `f64` | `f64` |
596 /// | `V128` on x86-64 and aarch64 only | `v128` |
597 /// | `Option<Func>` | `funcref` aka `(ref null func)` |
598 /// | `Func` | `(ref func)` |
599 /// | `Option<Nofunc>` | `nullfuncref` aka `(ref null nofunc)` |
600 /// | `NoFunc` | `(ref nofunc)` |
601 /// | `Option<Rooted<ExternRef>>` | `externref` aka `(ref null extern)` |
602 /// | `Rooted<ExternRef>` | `(ref extern)` |
603 /// | `Option<NoExtern>` | `nullexternref` aka `(ref null noextern)` |
604 /// | `NoExtern` | `(ref noextern)` |
605 /// | `Option<Rooted<AnyRef>>` | `anyref` aka `(ref null any)` |
606 /// | `Rooted<AnyRef>` | `(ref any)` |
607 /// | `Option<Rooted<EqRef>>` | `eqref` aka `(ref null eq)` |
608 /// | `Rooted<EqRef>` | `(ref eq)` |
609 /// | `Option<I31>` | `i31ref` aka `(ref null i31)` |
610 /// | `I31` | `(ref i31)` |
611 /// | `Option<Rooted<StructRef>>` | `(ref null struct)` |
612 /// | `Rooted<StructRef>` | `(ref struct)` |
613 /// | `Option<Rooted<ArrayRef>>` | `(ref null array)` |
614 /// | `Rooted<ArrayRef>` | `(ref array)` |
615 /// | `Option<NoneRef>` | `nullref` aka `(ref null none)` |
616 /// | `NoneRef` | `(ref none)` |
617 ///
618 /// Note that anywhere a `Rooted<T>` appears, a `ManuallyRooted<T>` may also
619 /// be used.
620 ///
621 /// Any of the Rust types can be returned from the closure as well, in
622 /// addition to some extra types
623 ///
624 /// | Rust Return Type | WebAssembly Return Type | Meaning |
625 /// |-------------------|-------------------------|-----------------------|
626 /// | `()` | nothing | no return value |
627 /// | `T` | `T` | a single return value |
628 /// | `(T1, T2, ...)` | `T1 T2 ...` | multiple returns |
629 ///
630 /// Note that all return types can also be wrapped in `Result<_>` to
631 /// indicate that the host function can generate a trap as well as possibly
632 /// returning a value.
633 ///
634 /// Finally you can also optionally take [`Caller`] as the first argument of
635 /// your closure. If inserted then you're able to inspect the caller's
636 /// state, for example the [`Memory`](crate::Memory) it has exported so you
637 /// can read what pointers point to.
638 ///
639 /// Note that when using this API, the intention is to create as thin of a
640 /// layer as possible for when WebAssembly calls the function provided. With
641 /// sufficient inlining and optimization the WebAssembly will call straight
642 /// into `func` provided, with no extra fluff entailed.
643 ///
644 /// # Why `Send + Sync + 'static`?
645 ///
646 /// All host functions defined in a [`Store`](crate::Store) (including
647 /// those from [`Func::new`] and other constructors) require that the
648 /// `func` provided is `Send + Sync + 'static`. Additionally host functions
649 /// always are `Fn` as opposed to `FnMut` or `FnOnce`. This can at-a-glance
650 /// feel restrictive since the closure cannot close over as many types as
651 /// before. The reason for this, though, is to ensure that
652 /// [`Store<T>`](crate::Store) can implement both the `Send` and `Sync`
653 /// traits.
654 ///
655 /// Fear not, however, because this isn't as restrictive as it seems! Host
656 /// functions are provided a [`Caller<'_, T>`](crate::Caller) argument which
657 /// allows access to the host-defined data within the
658 /// [`Store`](crate::Store). The `T` type is not required to be any of
659 /// `Send`, `Sync`, or `'static`! This means that you can store whatever
660 /// you'd like in `T` and have it accessible by all host functions.
661 /// Additionally mutable access to `T` is allowed through
662 /// [`Caller::data_mut`].
663 ///
664 /// Most host-defined [`Func`] values provide closures that end up not
665 /// actually closing over any values. These zero-sized types will use the
666 /// context from [`Caller`] for host-defined information.
667 ///
668 /// # Errors
669 ///
670 /// The closure provided here to `wrap` can optionally return a
671 /// [`Result<T>`](anyhow::Result). Returning `Ok(t)` represents the host
672 /// function successfully completing with the `t` result. Returning
673 /// `Err(e)`, however, is equivalent to raising a custom wasm trap.
674 /// Execution of WebAssembly does not resume and the stack is unwound to the
675 /// original caller of the function where the error is returned.
676 ///
677 /// For more information about errors in Wasmtime see the [`Trap`]
678 /// documentation.
679 ///
680 /// [`Trap`]: crate::Trap
681 ///
682 /// # Examples
683 ///
684 /// First up we can see how simple wasm imports can be implemented, such
685 /// as a function that adds its two arguments and returns the result.
686 ///
687 /// ```
688 /// # use wasmtime::*;
689 /// # fn main() -> anyhow::Result<()> {
690 /// # let mut store = Store::<()>::default();
691 /// let add = Func::wrap(&mut store, |a: i32, b: i32| a + b);
692 /// let module = Module::new(
693 /// store.engine(),
694 /// r#"
695 /// (module
696 /// (import "" "" (func $add (param i32 i32) (result i32)))
697 /// (func (export "foo") (param i32 i32) (result i32)
698 /// local.get 0
699 /// local.get 1
700 /// call $add))
701 /// "#,
702 /// )?;
703 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
704 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
705 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
706 /// # Ok(())
707 /// # }
708 /// ```
709 ///
710 /// We can also do the same thing, but generate a trap if the addition
711 /// overflows:
712 ///
713 /// ```
714 /// # use wasmtime::*;
715 /// # fn main() -> anyhow::Result<()> {
716 /// # let mut store = Store::<()>::default();
717 /// let add = Func::wrap(&mut store, |a: i32, b: i32| {
718 /// match a.checked_add(b) {
719 /// Some(i) => Ok(i),
720 /// None => anyhow::bail!("overflow"),
721 /// }
722 /// });
723 /// let module = Module::new(
724 /// store.engine(),
725 /// r#"
726 /// (module
727 /// (import "" "" (func $add (param i32 i32) (result i32)))
728 /// (func (export "foo") (param i32 i32) (result i32)
729 /// local.get 0
730 /// local.get 1
731 /// call $add))
732 /// "#,
733 /// )?;
734 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
735 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
736 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
737 /// assert!(foo.call(&mut store, (i32::max_value(), 1)).is_err());
738 /// # Ok(())
739 /// # }
740 /// ```
741 ///
742 /// And don't forget all the wasm types are supported!
743 ///
744 /// ```
745 /// # use wasmtime::*;
746 /// # fn main() -> anyhow::Result<()> {
747 /// # let mut store = Store::<()>::default();
748 /// let debug = Func::wrap(&mut store, |a: i32, b: u32, c: f32, d: i64, e: u64, f: f64| {
749 ///
750 /// println!("a={}", a);
751 /// println!("b={}", b);
752 /// println!("c={}", c);
753 /// println!("d={}", d);
754 /// println!("e={}", e);
755 /// println!("f={}", f);
756 /// });
757 /// let module = Module::new(
758 /// store.engine(),
759 /// r#"
760 /// (module
761 /// (import "" "" (func $debug (param i32 i32 f32 i64 i64 f64)))
762 /// (func (export "foo")
763 /// i32.const -1
764 /// i32.const 1
765 /// f32.const 2
766 /// i64.const -3
767 /// i64.const 3
768 /// f64.const 4
769 /// call $debug))
770 /// "#,
771 /// )?;
772 /// let instance = Instance::new(&mut store, &module, &[debug.into()])?;
773 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
774 /// foo.call(&mut store, ())?;
775 /// # Ok(())
776 /// # }
777 /// ```
778 ///
779 /// Finally if you want to get really fancy you can also implement
780 /// imports that read/write wasm module's memory
781 ///
782 /// ```
783 /// use std::str;
784 ///
785 /// # use wasmtime::*;
786 /// # fn main() -> anyhow::Result<()> {
787 /// # let mut store = Store::default();
788 /// let log_str = Func::wrap(&mut store, |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
789 /// let mem = match caller.get_export("memory") {
790 /// Some(Extern::Memory(mem)) => mem,
791 /// _ => anyhow::bail!("failed to find host memory"),
792 /// };
793 /// let data = mem.data(&caller)
794 /// .get(ptr as u32 as usize..)
795 /// .and_then(|arr| arr.get(..len as u32 as usize));
796 /// let string = match data {
797 /// Some(data) => match str::from_utf8(data) {
798 /// Ok(s) => s,
799 /// Err(_) => anyhow::bail!("invalid utf-8"),
800 /// },
801 /// None => anyhow::bail!("pointer/length out of bounds"),
802 /// };
803 /// assert_eq!(string, "Hello, world!");
804 /// println!("{}", string);
805 /// Ok(())
806 /// });
807 /// let module = Module::new(
808 /// store.engine(),
809 /// r#"
810 /// (module
811 /// (import "" "" (func $log_str (param i32 i32)))
812 /// (func (export "foo")
813 /// i32.const 4 ;; ptr
814 /// i32.const 13 ;; len
815 /// call $log_str)
816 /// (memory (export "memory") 1)
817 /// (data (i32.const 4) "Hello, world!"))
818 /// "#,
819 /// )?;
820 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
821 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
822 /// foo.call(&mut store, ())?;
823 /// # Ok(())
824 /// # }
825 /// ```
826 pub fn wrap<T, Params, Results>(
827 mut store: impl AsContextMut<Data = T>,
828 func: impl IntoFunc<T, Params, Results>,
829 ) -> Func {
830 let store = store.as_context_mut().0;
831 // part of this unsafety is about matching the `T` to a `Store<T>`,
832 // which is done through the `AsContextMut` bound above.
833 unsafe {
834 let host = HostFunc::wrap(store.engine(), func);
835 host.into_func(store)
836 }
837 }
838
839 #[cfg(feature = "async")]
840 fn wrap_inner<F, T, Params, Results>(mut store: impl AsContextMut<Data = T>, func: F) -> Func
841 where
842 F: Fn(Caller<'_, T>, Params) -> Results + Send + Sync + 'static,
843 Params: WasmTyList,
844 Results: WasmRet,
845 {
846 let store = store.as_context_mut().0;
847 // part of this unsafety is about matching the `T` to a `Store<T>`,
848 // which is done through the `AsContextMut` bound above.
849 unsafe {
850 let host = HostFunc::wrap_inner(store.engine(), func);
851 host.into_func(store)
852 }
853 }
854
855 /// Same as [`Func::wrap`], except the closure asynchronously produces the
856 /// result and the arguments are passed within a tuple. For more information
857 /// see the [`Func`] documentation.
858 ///
859 /// # Panics
860 ///
861 /// This function will panic if called with a non-asynchronous store.
862 #[cfg(feature = "async")]
863 pub fn wrap_async<T, F, P, R>(store: impl AsContextMut<Data = T>, func: F) -> Func
864 where
865 F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a>
866 + Send
867 + Sync
868 + 'static,
869 P: WasmTyList,
870 R: WasmRet,
871 {
872 assert!(
873 store.as_context().async_support(),
874 concat!("cannot use `wrap_async` without enabling async support on the config")
875 );
876 Func::wrap_inner(store, move |mut caller: Caller<'_, T>, args| {
877 let async_cx = caller
878 .store
879 .as_context_mut()
880 .0
881 .async_cx()
882 .expect("Attempt to start async function on dying fiber");
883 let future = func(caller, args);
884
885 match unsafe { async_cx.block_on(Pin::from(future)) } {
886 Ok(ret) => ret.into_fallible(),
887 Err(e) => R::fallible_from_error(e),
888 }
889 })
890 }
891
892 /// Returns the underlying wasm type that this `Func` has.
893 ///
894 /// # Panics
895 ///
896 /// Panics if `store` does not own this function.
897 pub fn ty(&self, store: impl AsContext) -> FuncType {
898 self.load_ty(&store.as_context().0)
899 }
900
901 /// Forcibly loads the type of this function from the `Engine`.
902 ///
903 /// Note that this is a somewhat expensive method since it requires taking a
904 /// lock as well as cloning a type.
905 pub(crate) fn load_ty(&self, store: &StoreOpaque) -> FuncType {
906 assert!(self.comes_from_same_store(store));
907 FuncType::from_shared_type_index(store.engine(), self.type_index(store.store_data()))
908 }
909
910 /// Does this function match the given type?
911 ///
912 /// That is, is this function's type a subtype of the given type?
913 ///
914 /// # Panics
915 ///
916 /// Panics if this function is not associated with the given store or if the
917 /// function type is not associated with the store's engine.
918 pub fn matches_ty(&self, store: impl AsContext, func_ty: &FuncType) -> bool {
919 self._matches_ty(store.as_context().0, func_ty)
920 }
921
922 pub(crate) fn _matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> bool {
923 let actual_ty = self.load_ty(store);
924 actual_ty.matches(func_ty)
925 }
926
927 pub(crate) fn ensure_matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> Result<()> {
928 if !self.comes_from_same_store(store) {
929 bail!("function used with wrong store");
930 }
931 if self._matches_ty(store, func_ty) {
932 Ok(())
933 } else {
934 let actual_ty = self.load_ty(store);
935 bail!("type mismatch: expected {func_ty}, found {actual_ty}")
936 }
937 }
938
939 /// Gets a reference to the `FuncType` for this function.
940 ///
941 /// Note that this returns both a reference to the type of this function as
942 /// well as a reference back to the store itself. This enables using the
943 /// `StoreOpaque` while the `FuncType` is also being used (from the
944 /// perspective of the borrow-checker) because otherwise the signature would
945 /// consider `StoreOpaque` borrowed mutable while `FuncType` is in use.
946 fn ty_ref<'a>(&self, store: &'a mut StoreOpaque) -> (&'a FuncType, &'a StoreOpaque) {
947 // If we haven't loaded our type into the store yet then do so lazily at
948 // this time.
949 if store.store_data()[self.0].ty.is_none() {
950 let ty = self.load_ty(store);
951 store.store_data_mut()[self.0].ty = Some(Box::new(ty));
952 }
953
954 (store.store_data()[self.0].ty.as_ref().unwrap(), store)
955 }
956
957 pub(crate) fn type_index(&self, data: &StoreData) -> VMSharedTypeIndex {
958 data[self.0].sig_index()
959 }
960
961 /// Invokes this function with the `params` given and writes returned values
962 /// to `results`.
963 ///
964 /// The `params` here must match the type signature of this `Func`, or an
965 /// error will occur. Additionally `results` must have the same
966 /// length as the number of results for this function. Calling this function
967 /// will synchronously execute the WebAssembly function referenced to get
968 /// the results.
969 ///
970 /// This function will return `Ok(())` if execution completed without a trap
971 /// or error of any kind. In this situation the results will be written to
972 /// the provided `results` array.
973 ///
974 /// # Errors
975 ///
976 /// Any error which occurs throughout the execution of the function will be
977 /// returned as `Err(e)`. The [`Error`](anyhow::Error) type can be inspected
978 /// for the precise error cause such as:
979 ///
980 /// * [`Trap`] - indicates that a wasm trap happened and execution was
981 /// halted.
982 /// * [`WasmBacktrace`] - optionally included on errors for backtrace
983 /// information of the trap/error.
984 /// * Other string-based errors to indicate issues such as type errors with
985 /// `params`.
986 /// * Any host-originating error originally returned from a function defined
987 /// via [`Func::new`], for example.
988 ///
989 /// Errors typically indicate that execution of WebAssembly was halted
990 /// mid-way and did not complete after the error condition happened.
991 ///
992 /// [`Trap`]: crate::Trap
993 ///
994 /// # Panics
995 ///
996 /// This function will panic if called on a function belonging to an async
997 /// store. Asynchronous stores must always use `call_async`. Also panics if
998 /// `store` does not own this function.
999 ///
1000 /// [`WasmBacktrace`]: crate::WasmBacktrace
1001 pub fn call(
1002 &self,
1003 mut store: impl AsContextMut,
1004 params: &[Val],
1005 results: &mut [Val],
1006 ) -> Result<()> {
1007 assert!(
1008 !store.as_context().async_support(),
1009 "must use `call_async` when async support is enabled on the config",
1010 );
1011 let mut store = store.as_context_mut();
1012 let need_gc = self.call_impl_check_args(&mut store, params, results)?;
1013 if need_gc {
1014 store.0.gc();
1015 }
1016 unsafe { self.call_impl_do_call(&mut store, params, results) }
1017 }
1018
1019 /// Invokes this function in an "unchecked" fashion, reading parameters and
1020 /// writing results to `params_and_returns`.
1021 ///
1022 /// This function is the same as [`Func::call`] except that the arguments
1023 /// and results both use a different representation. If possible it's
1024 /// recommended to use [`Func::call`] if safety isn't necessary or to use
1025 /// [`Func::typed`] in conjunction with [`TypedFunc::call`] since that's
1026 /// both safer and faster than this method of invoking a function.
1027 ///
1028 /// Note that if this function takes `externref` arguments then it will
1029 /// **not** automatically GC unlike the [`Func::call`] and
1030 /// [`TypedFunc::call`] functions. This means that if this function is
1031 /// invoked many times with new `ExternRef` values and no other GC happens
1032 /// via any other means then no values will get collected.
1033 ///
1034 /// # Errors
1035 ///
1036 /// For more information about errors see the [`Func::call`] documentation.
1037 ///
1038 /// # Unsafety
1039 ///
1040 /// This function is unsafe because the `params_and_returns` argument is not
1041 /// validated at all. It must uphold invariants such as:
1042 ///
1043 /// * It's a valid pointer to an array
1044 /// * It has enough space to store all parameters
1045 /// * It has enough space to store all results (not at the same time as
1046 /// parameters)
1047 /// * Parameters are initially written to the array and have the correct
1048 /// types and such.
1049 /// * Reference types like `externref` and `funcref` are valid at the
1050 /// time of this call and for the `store` specified.
1051 ///
1052 /// These invariants are all upheld for you with [`Func::call`] and
1053 /// [`TypedFunc::call`].
1054 pub unsafe fn call_unchecked(
1055 &self,
1056 mut store: impl AsContextMut,
1057 params_and_returns: *mut [ValRaw],
1058 ) -> Result<()> {
1059 let mut store = store.as_context_mut();
1060 let data = &store.0.store_data()[self.0];
1061 let func_ref = data.export().func_ref;
1062 let params_and_returns = NonNull::new(params_and_returns).unwrap_or(NonNull::from(&mut []));
1063 Self::call_unchecked_raw(&mut store, func_ref, params_and_returns)
1064 }
1065
1066 pub(crate) unsafe fn call_unchecked_raw<T>(
1067 store: &mut StoreContextMut<'_, T>,
1068 func_ref: NonNull<VMFuncRef>,
1069 params_and_returns: NonNull<[ValRaw]>,
1070 ) -> Result<()> {
1071 invoke_wasm_and_catch_traps(store, |caller, vm| {
1072 func_ref.as_ref().array_call(
1073 vm,
1074 VMOpaqueContext::from_vmcontext(caller),
1075 params_and_returns,
1076 )
1077 })
1078 }
1079
1080 /// Converts the raw representation of a `funcref` into an `Option<Func>`
1081 ///
1082 /// This is intended to be used in conjunction with [`Func::new_unchecked`],
1083 /// [`Func::call_unchecked`], and [`ValRaw`] with its `funcref` field.
1084 ///
1085 /// # Unsafety
1086 ///
1087 /// This function is not safe because `raw` is not validated at all. The
1088 /// caller must guarantee that `raw` is owned by the `store` provided and is
1089 /// valid within the `store`.
1090 pub unsafe fn from_raw(mut store: impl AsContextMut, raw: *mut c_void) -> Option<Func> {
1091 Self::_from_raw(store.as_context_mut().0, raw)
1092 }
1093
1094 pub(crate) unsafe fn _from_raw(store: &mut StoreOpaque, raw: *mut c_void) -> Option<Func> {
1095 Some(Func::from_vm_func_ref(store, NonNull::new(raw.cast())?))
1096 }
1097
1098 /// Extracts the raw value of this `Func`, which is owned by `store`.
1099 ///
1100 /// This function returns a value that's suitable for writing into the
1101 /// `funcref` field of the [`ValRaw`] structure.
1102 ///
1103 /// # Unsafety
1104 ///
1105 /// The returned value is only valid for as long as the store is alive and
1106 /// this function is properly rooted within it. Additionally this function
1107 /// should not be liberally used since it's a very low-level knob.
1108 pub unsafe fn to_raw(&self, mut store: impl AsContextMut) -> *mut c_void {
1109 self.vm_func_ref(store.as_context_mut().0).as_ptr().cast()
1110 }
1111
1112 /// Invokes this function with the `params` given, returning the results
1113 /// asynchronously.
1114 ///
1115 /// This function is the same as [`Func::call`] except that it is
1116 /// asynchronous. This is only compatible with stores associated with an
1117 /// [asynchronous config](crate::Config::async_support).
1118 ///
1119 /// It's important to note that the execution of WebAssembly will happen
1120 /// synchronously in the `poll` method of the future returned from this
1121 /// function. Wasmtime does not manage its own thread pool or similar to
1122 /// execute WebAssembly in. Future `poll` methods are generally expected to
1123 /// resolve quickly, so it's recommended that you run or poll this future
1124 /// in a "blocking context".
1125 ///
1126 /// For more information see the documentation on [asynchronous
1127 /// configs](crate::Config::async_support).
1128 ///
1129 /// # Errors
1130 ///
1131 /// For more information on errors see the [`Func::call`] documentation.
1132 ///
1133 /// # Panics
1134 ///
1135 /// Panics if this is called on a function in a synchronous store. This
1136 /// only works with functions defined within an asynchronous store. Also
1137 /// panics if `store` does not own this function.
1138 #[cfg(feature = "async")]
1139 pub async fn call_async<T>(
1140 &self,
1141 mut store: impl AsContextMut<Data = T>,
1142 params: &[Val],
1143 results: &mut [Val],
1144 ) -> Result<()>
1145 where
1146 T: Send,
1147 {
1148 let mut store = store.as_context_mut();
1149 assert!(
1150 store.0.async_support(),
1151 "cannot use `call_async` without enabling async support in the config",
1152 );
1153 let need_gc = self.call_impl_check_args(&mut store, params, results)?;
1154 if need_gc {
1155 store.0.gc_async().await;
1156 }
1157 let result = store
1158 .on_fiber(|store| unsafe { self.call_impl_do_call(store, params, results) })
1159 .await??;
1160 Ok(result)
1161 }
1162
1163 /// Perform dynamic checks that the arguments given to us match
1164 /// the signature of this function and are appropriate to pass to this
1165 /// function.
1166 ///
1167 /// This involves checking to make sure we have the right number and types
1168 /// of arguments as well as making sure everything is from the same `Store`.
1169 ///
1170 /// This must be called just before `call_impl_do_call`.
1171 ///
1172 /// Returns whether we need to GC before calling `call_impl_do_call`.
1173 fn call_impl_check_args<T>(
1174 &self,
1175 store: &mut StoreContextMut<'_, T>,
1176 params: &[Val],
1177 results: &mut [Val],
1178 ) -> Result<bool> {
1179 let (ty, opaque) = self.ty_ref(store.0);
1180 if ty.params().len() != params.len() {
1181 bail!(
1182 "expected {} arguments, got {}",
1183 ty.params().len(),
1184 params.len()
1185 );
1186 }
1187 if ty.results().len() != results.len() {
1188 bail!(
1189 "expected {} results, got {}",
1190 ty.results().len(),
1191 results.len()
1192 );
1193 }
1194 for (ty, arg) in ty.params().zip(params) {
1195 arg.ensure_matches_ty(opaque, &ty)
1196 .context("argument type mismatch")?;
1197 if !arg.comes_from_same_store(opaque) {
1198 bail!("cross-`Store` values are not currently supported");
1199 }
1200 }
1201
1202 #[cfg(feature = "gc")]
1203 {
1204 // Check whether we need to GC before calling into Wasm.
1205 //
1206 // For example, with the DRC collector, whenever we pass GC refs
1207 // from host code to Wasm code, they go into the
1208 // `VMGcRefActivationsTable`. But the table might be at capacity
1209 // already. If it is at capacity (unlikely) then we need to do a GC
1210 // to free up space.
1211 let num_gc_refs = ty.as_wasm_func_type().non_i31_gc_ref_params_count();
1212 if let Some(num_gc_refs) = core::num::NonZeroUsize::new(num_gc_refs) {
1213 return Ok(opaque
1214 .gc_store()?
1215 .gc_heap
1216 .need_gc_before_entering_wasm(num_gc_refs));
1217 }
1218 }
1219
1220 Ok(false)
1221 }
1222
1223 /// Do the actual call into Wasm.
1224 ///
1225 /// # Safety
1226 ///
1227 /// You must have type checked the arguments by calling
1228 /// `call_impl_check_args` immediately before calling this function. It is
1229 /// only safe to call this function if that one did not return an error.
1230 unsafe fn call_impl_do_call<T>(
1231 &self,
1232 store: &mut StoreContextMut<'_, T>,
1233 params: &[Val],
1234 results: &mut [Val],
1235 ) -> Result<()> {
1236 // Store the argument values into `values_vec`.
1237 let (ty, _) = self.ty_ref(store.0);
1238 let values_vec_size = params.len().max(ty.results().len());
1239 let mut values_vec = store.0.take_wasm_val_raw_storage();
1240 debug_assert!(values_vec.is_empty());
1241 values_vec.resize_with(values_vec_size, || ValRaw::v128(0));
1242 for (arg, slot) in params.iter().cloned().zip(&mut values_vec) {
1243 unsafe {
1244 *slot = arg.to_raw(&mut *store)?;
1245 }
1246 }
1247
1248 unsafe {
1249 self.call_unchecked(
1250 &mut *store,
1251 core::ptr::slice_from_raw_parts_mut(values_vec.as_mut_ptr(), values_vec_size),
1252 )?;
1253 }
1254
1255 for ((i, slot), val) in results.iter_mut().enumerate().zip(&values_vec) {
1256 let ty = self.ty_ref(store.0).0.results().nth(i).unwrap();
1257 *slot = unsafe { Val::from_raw(&mut *store, *val, ty) };
1258 }
1259 values_vec.truncate(0);
1260 store.0.save_wasm_val_raw_storage(values_vec);
1261 Ok(())
1262 }
1263
1264 #[inline]
1265 pub(crate) fn vm_func_ref(&self, store: &mut StoreOpaque) -> NonNull<VMFuncRef> {
1266 let func_data = &mut store.store_data_mut()[self.0];
1267 let func_ref = func_data.export().func_ref;
1268 if unsafe { func_ref.as_ref().wasm_call.is_some() } {
1269 return func_ref;
1270 }
1271
1272 if let Some(in_store) = func_data.in_store_func_ref {
1273 in_store.as_non_null()
1274 } else {
1275 unsafe {
1276 // Move this uncommon/slow path out of line.
1277 self.copy_func_ref_into_store_and_fill(store, func_ref)
1278 }
1279 }
1280 }
1281
1282 unsafe fn copy_func_ref_into_store_and_fill(
1283 &self,
1284 store: &mut StoreOpaque,
1285 func_ref: NonNull<VMFuncRef>,
1286 ) -> NonNull<VMFuncRef> {
1287 let func_ref = store.func_refs().push(func_ref.as_ref().clone());
1288 store.store_data_mut()[self.0].in_store_func_ref = Some(SendSyncPtr::new(func_ref));
1289 store.fill_func_refs();
1290 func_ref
1291 }
1292
1293 pub(crate) unsafe fn from_wasmtime_function(
1294 export: ExportFunction,
1295 store: &mut StoreOpaque,
1296 ) -> Self {
1297 Func::from_func_kind(FuncKind::StoreOwned { export }, store)
1298 }
1299
1300 fn from_func_kind(kind: FuncKind, store: &mut StoreOpaque) -> Self {
1301 Func(store.store_data_mut().insert(FuncData {
1302 kind,
1303 in_store_func_ref: None,
1304 ty: None,
1305 }))
1306 }
1307
1308 pub(crate) fn vmimport(&self, store: &mut StoreOpaque, module: &Module) -> VMFunctionImport {
1309 unsafe {
1310 let f = {
1311 let func_data = &mut store.store_data_mut()[self.0];
1312 // If we already patched this `funcref.wasm_call` and saved a
1313 // copy in the store, use the patched version. Otherwise, use
1314 // the potentially un-patched version.
1315 if let Some(func_ref) = func_data.in_store_func_ref {
1316 func_ref.as_non_null()
1317 } else {
1318 func_data.export().func_ref
1319 }
1320 };
1321 VMFunctionImport {
1322 wasm_call: if let Some(wasm_call) = f.as_ref().wasm_call {
1323 wasm_call.into()
1324 } else {
1325 // Assert that this is a array-call function, since those
1326 // are the only ones that could be missing a `wasm_call`
1327 // trampoline.
1328 let _ = VMArrayCallHostFuncContext::from_opaque(f.as_ref().vmctx.as_non_null());
1329
1330 let sig = self.type_index(store.store_data());
1331 module.wasm_to_array_trampoline(sig).expect(
1332 "if the wasm is importing a function of a given type, it must have the \
1333 type's trampoline",
1334 ).into()
1335 },
1336 array_call: f.as_ref().array_call,
1337 vmctx: f.as_ref().vmctx,
1338 }
1339 }
1340 }
1341
1342 pub(crate) fn comes_from_same_store(&self, store: &StoreOpaque) -> bool {
1343 store.store_data().contains(self.0)
1344 }
1345
1346 fn invoke_host_func_for_wasm<T>(
1347 mut caller: Caller<'_, T>,
1348 ty: &FuncType,
1349 values_vec: &mut [ValRaw],
1350 func: &dyn Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()>,
1351 ) -> Result<()> {
1352 // Translate the raw JIT arguments in `values_vec` into a `Val` which
1353 // we'll be passing as a slice. The storage for our slice-of-`Val` we'll
1354 // be taking from the `Store`. We preserve our slice back into the
1355 // `Store` after the hostcall, ideally amortizing the cost of allocating
1356 // the storage across wasm->host calls.
1357 //
1358 // Note that we have a dynamic guarantee that `values_vec` is the
1359 // appropriate length to both read all arguments from as well as store
1360 // all results into.
1361 let mut val_vec = caller.store.0.take_hostcall_val_storage();
1362 debug_assert!(val_vec.is_empty());
1363 let nparams = ty.params().len();
1364 val_vec.reserve(nparams + ty.results().len());
1365 for (i, ty) in ty.params().enumerate() {
1366 val_vec.push(unsafe { Val::from_raw(&mut caller.store, values_vec[i], ty) })
1367 }
1368
1369 val_vec.extend((0..ty.results().len()).map(|_| Val::null_func_ref()));
1370 let (params, results) = val_vec.split_at_mut(nparams);
1371 func(caller.sub_caller(), params, results)?;
1372
1373 // Unlike our arguments we need to dynamically check that the return
1374 // values produced are correct. There could be a bug in `func` that
1375 // produces the wrong number, wrong types, or wrong stores of
1376 // values, and we need to catch that here.
1377 for (i, (ret, ty)) in results.iter().zip(ty.results()).enumerate() {
1378 ret.ensure_matches_ty(caller.store.0, &ty)
1379 .context("function attempted to return an incompatible value")?;
1380 unsafe {
1381 values_vec[i] = ret.to_raw(&mut caller.store)?;
1382 }
1383 }
1384
1385 // Restore our `val_vec` back into the store so it's usable for the next
1386 // hostcall to reuse our own storage.
1387 val_vec.truncate(0);
1388 caller.store.0.save_hostcall_val_storage(val_vec);
1389 Ok(())
1390 }
1391
1392 /// Attempts to extract a typed object from this `Func` through which the
1393 /// function can be called.
1394 ///
1395 /// This function serves as an alternative to [`Func::call`] and
1396 /// [`Func::call_async`]. This method performs a static type check (using
1397 /// the `Params` and `Results` type parameters on the underlying wasm
1398 /// function. If the type check passes then a `TypedFunc` object is returned,
1399 /// otherwise an error is returned describing the typecheck failure.
1400 ///
1401 /// The purpose of this relative to [`Func::call`] is that it's much more
1402 /// efficient when used to invoke WebAssembly functions. With the types
1403 /// statically known far less setup/teardown is required when invoking
1404 /// WebAssembly. If speed is desired then this function is recommended to be
1405 /// used instead of [`Func::call`] (which is more general, hence its
1406 /// slowdown).
1407 ///
1408 /// The `Params` type parameter is used to describe the parameters of the
1409 /// WebAssembly function. This can either be a single type (like `i32`), or
1410 /// a tuple of types representing the list of parameters (like `(i32, f32,
1411 /// f64)`). Additionally you can use `()` to represent that the function has
1412 /// no parameters.
1413 ///
1414 /// The `Results` type parameter is used to describe the results of the
1415 /// function. This behaves the same way as `Params`, but just for the
1416 /// results of the function.
1417 ///
1418 /// # Translating Between WebAssembly and Rust Types
1419 ///
1420 /// Translation between Rust types and WebAssembly types looks like:
1421 ///
1422 /// | WebAssembly | Rust |
1423 /// |-------------------------------------------|---------------------------------------|
1424 /// | `i32` | `i32` or `u32` |
1425 /// | `i64` | `i64` or `u64` |
1426 /// | `f32` | `f32` |
1427 /// | `f64` | `f64` |
1428 /// | `externref` aka `(ref null extern)` | `Option<Rooted<ExternRef>>` |
1429 /// | `(ref extern)` | `Rooted<ExternRef>` |
1430 /// | `nullexternref` aka `(ref null noextern)` | `Option<NoExtern>` |
1431 /// | `(ref noextern)` | `NoExtern` |
1432 /// | `anyref` aka `(ref null any)` | `Option<Rooted<AnyRef>>` |
1433 /// | `(ref any)` | `Rooted<AnyRef>` |
1434 /// | `eqref` aka `(ref null eq)` | `Option<Rooted<EqRef>>` |
1435 /// | `(ref eq)` | `Rooted<EqRef>` |
1436 /// | `i31ref` aka `(ref null i31)` | `Option<I31>` |
1437 /// | `(ref i31)` | `I31` |
1438 /// | `structref` aka `(ref null struct)` | `Option<Rooted<StructRef>>` |
1439 /// | `(ref struct)` | `Rooted<StructRef>` |
1440 /// | `arrayref` aka `(ref null array)` | `Option<Rooted<ArrayRef>>` |
1441 /// | `(ref array)` | `Rooted<ArrayRef>` |
1442 /// | `nullref` aka `(ref null none)` | `Option<NoneRef>` |
1443 /// | `(ref none)` | `NoneRef` |
1444 /// | `funcref` aka `(ref null func)` | `Option<Func>` |
1445 /// | `(ref func)` | `Func` |
1446 /// | `(ref null <func type index>)` | `Option<Func>` |
1447 /// | `(ref <func type index>)` | `Func` |
1448 /// | `nullfuncref` aka `(ref null nofunc)` | `Option<NoFunc>` |
1449 /// | `(ref nofunc)` | `NoFunc` |
1450 /// | `v128` | `V128` on `x86-64` and `aarch64` only |
1451 ///
1452 /// (Note that this mapping is the same as that of [`Func::wrap`], and that
1453 /// anywhere a `Rooted<T>` appears, a `ManuallyRooted<T>` may also appear).
1454 ///
1455 /// Note that once the [`TypedFunc`] return value is acquired you'll use either
1456 /// [`TypedFunc::call`] or [`TypedFunc::call_async`] as necessary to actually invoke
1457 /// the function. This method does not invoke any WebAssembly code, it
1458 /// simply performs a typecheck before returning the [`TypedFunc`] value.
1459 ///
1460 /// This method also has a convenience wrapper as
1461 /// [`Instance::get_typed_func`](crate::Instance::get_typed_func) to
1462 /// directly get a typed function value from an
1463 /// [`Instance`](crate::Instance).
1464 ///
1465 /// ## Subtyping
1466 ///
1467 /// For result types, you can always use a supertype of the WebAssembly
1468 /// function's actual declared result type. For example, if the WebAssembly
1469 /// function was declared with type `(func (result nullfuncref))` you could
1470 /// successfully call `f.typed::<(), Option<Func>>()` because `Option<Func>`
1471 /// corresponds to `funcref`, which is a supertype of `nullfuncref`.
1472 ///
1473 /// For parameter types, you can always use a subtype of the WebAssembly
1474 /// function's actual declared parameter type. For example, if the
1475 /// WebAssembly function was declared with type `(func (param (ref null
1476 /// func)))` you could successfully call `f.typed::<Func, ()>()` because
1477 /// `Func` corresponds to `(ref func)`, which is a subtype of `(ref null
1478 /// func)`.
1479 ///
1480 /// Additionally, for functions which take a reference to a concrete type as
1481 /// a parameter, you can also use the concrete type's supertype. Consider a
1482 /// WebAssembly function that takes a reference to a function with a
1483 /// concrete type: `(ref null <func type index>)`. In this scenario, there
1484 /// is no static `wasmtime::Foo` Rust type that corresponds to that
1485 /// particular Wasm-defined concrete reference type because Wasm modules are
1486 /// loaded dynamically at runtime. You *could* do `f.typed::<Option<NoFunc>,
1487 /// ()>()`, and while that is correctly typed and valid, it is often overly
1488 /// restrictive. The only value you could call the resulting typed function
1489 /// with is the null function reference, but we'd like to call it with
1490 /// non-null function references that happen to be of the correct
1491 /// type. Therefore, `f.typed<Option<Func>, ()>()` is also allowed in this
1492 /// case, even though `Option<Func>` represents `(ref null func)` which is
1493 /// the supertype, not subtype, of `(ref null <func type index>)`. This does
1494 /// imply some minimal dynamic type checks in this case, but it is supported
1495 /// for better ergonomics, to enable passing non-null references into the
1496 /// function.
1497 ///
1498 /// # Errors
1499 ///
1500 /// This function will return an error if `Params` or `Results` does not
1501 /// match the native type of this WebAssembly function.
1502 ///
1503 /// # Panics
1504 ///
1505 /// This method will panic if `store` does not own this function.
1506 ///
1507 /// # Examples
1508 ///
1509 /// An end-to-end example of calling a function which takes no parameters
1510 /// and has no results:
1511 ///
1512 /// ```
1513 /// # use wasmtime::*;
1514 /// # fn main() -> anyhow::Result<()> {
1515 /// let engine = Engine::default();
1516 /// let mut store = Store::new(&engine, ());
1517 /// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
1518 /// let instance = Instance::new(&mut store, &module, &[])?;
1519 /// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
1520 ///
1521 /// // Note that this call can fail due to the typecheck not passing, but
1522 /// // in our case we statically know the module so we know this should
1523 /// // pass.
1524 /// let typed = foo.typed::<(), ()>(&store)?;
1525 ///
1526 /// // Note that this can fail if the wasm traps at runtime.
1527 /// typed.call(&mut store, ())?;
1528 /// # Ok(())
1529 /// # }
1530 /// ```
1531 ///
1532 /// You can also pass in multiple parameters and get a result back
1533 ///
1534 /// ```
1535 /// # use wasmtime::*;
1536 /// # fn foo(add: &Func, mut store: Store<()>) -> anyhow::Result<()> {
1537 /// let typed = add.typed::<(i32, i64), f32>(&store)?;
1538 /// assert_eq!(typed.call(&mut store, (1, 2))?, 3.0);
1539 /// # Ok(())
1540 /// # }
1541 /// ```
1542 ///
1543 /// and similarly if a function has multiple results you can bind that too
1544 ///
1545 /// ```
1546 /// # use wasmtime::*;
1547 /// # fn foo(add_with_overflow: &Func, mut store: Store<()>) -> anyhow::Result<()> {
1548 /// let typed = add_with_overflow.typed::<(u32, u32), (u32, i32)>(&store)?;
1549 /// let (result, overflow) = typed.call(&mut store, (u32::max_value(), 2))?;
1550 /// assert_eq!(result, 1);
1551 /// assert_eq!(overflow, 1);
1552 /// # Ok(())
1553 /// # }
1554 /// ```
1555 pub fn typed<Params, Results>(
1556 &self,
1557 store: impl AsContext,
1558 ) -> Result<TypedFunc<Params, Results>>
1559 where
1560 Params: WasmParams,
1561 Results: WasmResults,
1562 {
1563 // Type-check that the params/results are all valid
1564 let store = store.as_context().0;
1565 let ty = self.load_ty(store);
1566 Params::typecheck(store.engine(), ty.params(), TypeCheckPosition::Param)
1567 .context("type mismatch with parameters")?;
1568 Results::typecheck(store.engine(), ty.results(), TypeCheckPosition::Result)
1569 .context("type mismatch with results")?;
1570
1571 // and then we can construct the typed version of this function
1572 // (unsafely), which should be safe since we just did the type check above.
1573 unsafe { Ok(TypedFunc::_new_unchecked(store, *self)) }
1574 }
1575
1576 /// Get a stable hash key for this function.
1577 ///
1578 /// Even if the same underlying function is added to the `StoreData`
1579 /// multiple times and becomes multiple `wasmtime::Func`s, this hash key
1580 /// will be consistent across all of these functions.
1581 #[allow(dead_code)] // Not used yet, but added for consistency.
1582 pub(crate) fn hash_key(&self, store: &mut StoreOpaque) -> impl core::hash::Hash + Eq + use<> {
1583 self.vm_func_ref(store).as_ptr() as usize
1584 }
1585}
1586
1587/// Prepares for entrance into WebAssembly.
1588///
1589/// This function will set up context such that `closure` is allowed to call a
1590/// raw trampoline or a raw WebAssembly function. This *must* be called to do
1591/// things like catch traps and set up GC properly.
1592///
1593/// The `closure` provided receives a default "caller" `VMContext` parameter it
1594/// can pass to the called wasm function, if desired.
1595pub(crate) fn invoke_wasm_and_catch_traps<T>(
1596 store: &mut StoreContextMut<'_, T>,
1597 closure: impl FnMut(NonNull<VMContext>, Option<InterpreterRef<'_>>) -> bool,
1598) -> Result<()> {
1599 unsafe {
1600 let exit = enter_wasm(store);
1601
1602 if let Err(trap) = store.0.call_hook(CallHook::CallingWasm) {
1603 exit_wasm(store, exit);
1604 return Err(trap);
1605 }
1606 let result = crate::runtime::vm::catch_traps(store, closure);
1607 exit_wasm(store, exit);
1608 store.0.call_hook(CallHook::ReturningFromWasm)?;
1609 result.map_err(|t| crate::trap::from_runtime_box(store.0, t))
1610 }
1611}
1612
1613/// This function is called to register state within `Store` whenever
1614/// WebAssembly is entered within the `Store`.
1615///
1616/// This function sets up various limits such as:
1617///
1618/// * The stack limit. This is what ensures that we limit the stack space
1619/// allocated by WebAssembly code and it's relative to the initial stack
1620/// pointer that called into wasm.
1621///
1622/// This function may fail if the stack limit can't be set because an
1623/// interrupt already happened.
1624fn enter_wasm<T>(store: &mut StoreContextMut<'_, T>) -> Option<usize> {
1625 // If this is a recursive call, e.g. our stack limit is already set, then
1626 // we may be able to skip this function.
1627 //
1628 // For synchronous stores there's nothing else to do because all wasm calls
1629 // happen synchronously and on the same stack. This means that the previous
1630 // stack limit will suffice for the next recursive call.
1631 //
1632 // For asynchronous stores then each call happens on a separate native
1633 // stack. This means that the previous stack limit is no longer relevant
1634 // because we're on a separate stack.
1635 if unsafe { *store.0.vm_store_context().stack_limit.get() } != usize::MAX
1636 && !store.0.async_support()
1637 {
1638 return None;
1639 }
1640
1641 // Ignore this stack pointer business on miri since we can't execute wasm
1642 // anyway and the concept of a stack pointer on miri is a bit nebulous
1643 // regardless.
1644 if cfg!(miri) {
1645 return None;
1646 }
1647
1648 // When Cranelift has support for the host then we might be running native
1649 // compiled code meaning we need to read the actual stack pointer. If
1650 // Cranelift can't be used though then we're guaranteed to be running pulley
1651 // in which case this stack pointer isn't actually used as Pulley has custom
1652 // mechanisms for stack overflow.
1653 #[cfg(has_host_compiler_backend)]
1654 let stack_pointer = crate::runtime::vm::get_stack_pointer();
1655 #[cfg(not(has_host_compiler_backend))]
1656 let stack_pointer = {
1657 use wasmtime_environ::TripleExt;
1658 debug_assert!(store.engine().target().is_pulley());
1659 usize::MAX
1660 };
1661
1662 // Determine the stack pointer where, after which, any wasm code will
1663 // immediately trap. This is checked on the entry to all wasm functions.
1664 //
1665 // Note that this isn't 100% precise. We are requested to give wasm
1666 // `max_wasm_stack` bytes, but what we're actually doing is giving wasm
1667 // probably a little less than `max_wasm_stack` because we're
1668 // calculating the limit relative to this function's approximate stack
1669 // pointer. Wasm will be executed on a frame beneath this one (or next
1670 // to it). In any case it's expected to be at most a few hundred bytes
1671 // of slop one way or another. When wasm is typically given a MB or so
1672 // (a million bytes) the slop shouldn't matter too much.
1673 //
1674 // After we've got the stack limit then we store it into the `stack_limit`
1675 // variable.
1676 let wasm_stack_limit = stack_pointer - store.engine().config().max_wasm_stack;
1677 let prev_stack = unsafe {
1678 mem::replace(
1679 &mut *store.0.vm_store_context().stack_limit.get(),
1680 wasm_stack_limit,
1681 )
1682 };
1683
1684 Some(prev_stack)
1685}
1686
1687fn exit_wasm<T>(store: &mut StoreContextMut<'_, T>, prev_stack: Option<usize>) {
1688 // If we don't have a previous stack pointer to restore, then there's no
1689 // cleanup we need to perform here.
1690 let prev_stack = match prev_stack {
1691 Some(stack) => stack,
1692 None => return,
1693 };
1694
1695 unsafe {
1696 *store.0.vm_store_context().stack_limit.get() = prev_stack;
1697 }
1698}
1699
1700/// A trait implemented for types which can be returned from closures passed to
1701/// [`Func::wrap`] and friends.
1702///
1703/// This trait should not be implemented by user types. This trait may change at
1704/// any time internally. The types which implement this trait, however, are
1705/// stable over time.
1706///
1707/// For more information see [`Func::wrap`]
1708pub unsafe trait WasmRet {
1709 // Same as `WasmTy::compatible_with_store`.
1710 #[doc(hidden)]
1711 fn compatible_with_store(&self, store: &StoreOpaque) -> bool;
1712
1713 /// Stores this return value into the `ptr` specified using the rooted
1714 /// `store`.
1715 ///
1716 /// Traps are communicated through the `Result<_>` return value.
1717 ///
1718 /// # Unsafety
1719 ///
1720 /// This method is unsafe as `ptr` must have the correct length to store
1721 /// this result. This property is only checked in debug mode, not in release
1722 /// mode.
1723 #[doc(hidden)]
1724 unsafe fn store(
1725 self,
1726 store: &mut AutoAssertNoGc<'_>,
1727 ptr: &mut [MaybeUninit<ValRaw>],
1728 ) -> Result<()>;
1729
1730 #[doc(hidden)]
1731 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType;
1732 #[doc(hidden)]
1733 fn may_gc() -> bool;
1734
1735 // Utilities used to convert an instance of this type to a `Result`
1736 // explicitly, used when wrapping async functions which always bottom-out
1737 // in a function that returns a trap because futures can be cancelled.
1738 #[doc(hidden)]
1739 type Fallible: WasmRet;
1740 #[doc(hidden)]
1741 fn into_fallible(self) -> Self::Fallible;
1742 #[doc(hidden)]
1743 fn fallible_from_error(error: Error) -> Self::Fallible;
1744}
1745
1746unsafe impl<T> WasmRet for T
1747where
1748 T: WasmTy,
1749{
1750 type Fallible = Result<T>;
1751
1752 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1753 <Self as WasmTy>::compatible_with_store(self, store)
1754 }
1755
1756 unsafe fn store(
1757 self,
1758 store: &mut AutoAssertNoGc<'_>,
1759 ptr: &mut [MaybeUninit<ValRaw>],
1760 ) -> Result<()> {
1761 debug_assert!(ptr.len() > 0);
1762 <Self as WasmTy>::store(self, store, ptr.get_unchecked_mut(0))
1763 }
1764
1765 fn may_gc() -> bool {
1766 T::may_gc()
1767 }
1768
1769 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1770 FuncType::new(engine, params, Some(<Self as WasmTy>::valtype()))
1771 }
1772
1773 fn into_fallible(self) -> Result<T> {
1774 Ok(self)
1775 }
1776
1777 fn fallible_from_error(error: Error) -> Result<T> {
1778 Err(error)
1779 }
1780}
1781
1782unsafe impl<T> WasmRet for Result<T>
1783where
1784 T: WasmRet,
1785{
1786 type Fallible = Self;
1787
1788 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1789 match self {
1790 Ok(x) => <T as WasmRet>::compatible_with_store(x, store),
1791 Err(_) => true,
1792 }
1793 }
1794
1795 unsafe fn store(
1796 self,
1797 store: &mut AutoAssertNoGc<'_>,
1798 ptr: &mut [MaybeUninit<ValRaw>],
1799 ) -> Result<()> {
1800 self.and_then(|val| val.store(store, ptr))
1801 }
1802
1803 fn may_gc() -> bool {
1804 T::may_gc()
1805 }
1806
1807 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1808 T::func_type(engine, params)
1809 }
1810
1811 fn into_fallible(self) -> Result<T> {
1812 self
1813 }
1814
1815 fn fallible_from_error(error: Error) -> Result<T> {
1816 Err(error)
1817 }
1818}
1819
1820macro_rules! impl_wasm_host_results {
1821 ($n:tt $($t:ident)*) => (
1822 #[allow(non_snake_case)]
1823 unsafe impl<$($t),*> WasmRet for ($($t,)*)
1824 where
1825 $($t: WasmTy,)*
1826 {
1827 type Fallible = Result<Self>;
1828
1829 #[inline]
1830 fn compatible_with_store(&self, _store: &StoreOpaque) -> bool {
1831 let ($($t,)*) = self;
1832 $( $t.compatible_with_store(_store) && )* true
1833 }
1834
1835 #[inline]
1836 unsafe fn store(
1837 self,
1838 _store: &mut AutoAssertNoGc<'_>,
1839 _ptr: &mut [MaybeUninit<ValRaw>],
1840 ) -> Result<()> {
1841 let ($($t,)*) = self;
1842 let mut _cur = 0;
1843 $(
1844 debug_assert!(_cur < _ptr.len());
1845 let val = _ptr.get_unchecked_mut(_cur);
1846 _cur += 1;
1847 WasmTy::store($t, _store, val)?;
1848 )*
1849 Ok(())
1850 }
1851
1852 #[doc(hidden)]
1853 fn may_gc() -> bool {
1854 $( $t::may_gc() || )* false
1855 }
1856
1857 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1858 FuncType::new(
1859 engine,
1860 params,
1861 IntoIterator::into_iter([$($t::valtype(),)*]),
1862 )
1863 }
1864
1865 #[inline]
1866 fn into_fallible(self) -> Result<Self> {
1867 Ok(self)
1868 }
1869
1870 #[inline]
1871 fn fallible_from_error(error: Error) -> Result<Self> {
1872 Err(error)
1873 }
1874 }
1875 )
1876}
1877
1878for_each_function_signature!(impl_wasm_host_results);
1879
1880/// Internal trait implemented for all arguments that can be passed to
1881/// [`Func::wrap`] and [`Linker::func_wrap`](crate::Linker::func_wrap).
1882///
1883/// This trait should not be implemented by external users, it's only intended
1884/// as an implementation detail of this crate.
1885pub trait IntoFunc<T, Params, Results>: Send + Sync + 'static {
1886 /// Convert this function into a `VM{Array,Native}CallHostFuncContext` and
1887 /// internal `VMFuncRef`.
1888 #[doc(hidden)]
1889 fn into_func(self, engine: &Engine) -> HostContext;
1890}
1891
1892macro_rules! impl_into_func {
1893 ($num:tt $arg:ident) => {
1894 // Implement for functions without a leading `&Caller` parameter,
1895 // delegating to the implementation below which does have the leading
1896 // `Caller` parameter.
1897 #[allow(non_snake_case)]
1898 impl<T, F, $arg, R> IntoFunc<T, $arg, R> for F
1899 where
1900 F: Fn($arg) -> R + Send + Sync + 'static,
1901 $arg: WasmTy,
1902 R: WasmRet,
1903 {
1904 fn into_func(self, engine: &Engine) -> HostContext {
1905 let f = move |_: Caller<'_, T>, $arg: $arg| {
1906 self($arg)
1907 };
1908
1909 f.into_func(engine)
1910 }
1911 }
1912
1913 #[allow(non_snake_case)]
1914 impl<T, F, $arg, R> IntoFunc<T, (Caller<'_, T>, $arg), R> for F
1915 where
1916 F: Fn(Caller<'_, T>, $arg) -> R + Send + Sync + 'static,
1917 $arg: WasmTy,
1918 R: WasmRet,
1919 {
1920 fn into_func(self, engine: &Engine) -> HostContext {
1921 HostContext::from_closure(engine, move |caller: Caller<'_, T>, ($arg,)| {
1922 self(caller, $arg)
1923 })
1924 }
1925 }
1926 };
1927 ($num:tt $($args:ident)*) => {
1928 // Implement for functions without a leading `&Caller` parameter,
1929 // delegating to the implementation below which does have the leading
1930 // `Caller` parameter.
1931 #[allow(non_snake_case)]
1932 impl<T, F, $($args,)* R> IntoFunc<T, ($($args,)*), R> for F
1933 where
1934 F: Fn($($args),*) -> R + Send + Sync + 'static,
1935 $($args: WasmTy,)*
1936 R: WasmRet,
1937 {
1938 fn into_func(self, engine: &Engine) -> HostContext {
1939 let f = move |_: Caller<'_, T>, $($args:$args),*| {
1940 self($($args),*)
1941 };
1942
1943 f.into_func(engine)
1944 }
1945 }
1946
1947 #[allow(non_snake_case)]
1948 impl<T, F, $($args,)* R> IntoFunc<T, (Caller<'_, T>, $($args,)*), R> for F
1949 where
1950 F: Fn(Caller<'_, T>, $($args),*) -> R + Send + Sync + 'static,
1951 $($args: WasmTy,)*
1952 R: WasmRet,
1953 {
1954 fn into_func(self, engine: &Engine) -> HostContext {
1955 HostContext::from_closure(engine, move |caller: Caller<'_, T>, ( $( $args ),* )| {
1956 self(caller, $( $args ),* )
1957 })
1958 }
1959 }
1960 }
1961}
1962
1963for_each_function_signature!(impl_into_func);
1964
1965/// Trait implemented for various tuples made up of types which implement
1966/// [`WasmTy`] that can be passed to [`Func::wrap_inner`] and
1967/// [`HostContext::from_closure`].
1968pub unsafe trait WasmTyList {
1969 /// Get the value type that each Type in the list represents.
1970 fn valtypes() -> impl Iterator<Item = ValType>;
1971
1972 // Load a version of `Self` from the `values` provided.
1973 //
1974 // # Safety
1975 //
1976 // This function is unsafe as it's up to the caller to ensure that `values` are
1977 // valid for this given type.
1978 #[doc(hidden)]
1979 unsafe fn load(store: &mut AutoAssertNoGc<'_>, values: &mut [MaybeUninit<ValRaw>]) -> Self;
1980
1981 #[doc(hidden)]
1982 fn may_gc() -> bool;
1983}
1984
1985macro_rules! impl_wasm_ty_list {
1986 ($num:tt $($args:ident)*) => (
1987 #[allow(non_snake_case)]
1988 unsafe impl<$($args),*> WasmTyList for ($($args,)*)
1989 where
1990 $($args: WasmTy,)*
1991 {
1992 fn valtypes() -> impl Iterator<Item = ValType> {
1993 IntoIterator::into_iter([$($args::valtype(),)*])
1994 }
1995
1996 unsafe fn load(_store: &mut AutoAssertNoGc<'_>, _values: &mut [MaybeUninit<ValRaw>]) -> Self {
1997 let mut _cur = 0;
1998 ($({
1999 debug_assert!(_cur < _values.len());
2000 let ptr = _values.get_unchecked(_cur).assume_init_ref();
2001 _cur += 1;
2002 $args::load(_store, ptr)
2003 },)*)
2004 }
2005
2006 fn may_gc() -> bool {
2007 $( $args::may_gc() || )* false
2008 }
2009 }
2010 );
2011}
2012
2013for_each_function_signature!(impl_wasm_ty_list);
2014
2015/// A structure representing the caller's context when creating a function
2016/// via [`Func::wrap`].
2017///
2018/// This structure can be taken as the first parameter of a closure passed to
2019/// [`Func::wrap`] or other constructors, and serves two purposes:
2020///
2021/// * First consumers can use [`Caller<'_, T>`](crate::Caller) to get access to
2022/// [`StoreContextMut<'_, T>`](crate::StoreContextMut) and/or get access to
2023/// `T` itself. This means that the [`Caller`] type can serve as a proxy to
2024/// the original [`Store`](crate::Store) itself and is used to satisfy
2025/// [`AsContext`] and [`AsContextMut`] bounds.
2026///
2027/// * Second a [`Caller`] can be used as the name implies, learning about the
2028/// caller's context, namely it's exported memory and exported functions. This
2029/// allows functions which take pointers as arguments to easily read the
2030/// memory the pointers point into, or if a function is expected to call
2031/// malloc in the wasm module to reserve space for the output you can do that.
2032///
2033/// Host functions which want access to [`Store`](crate::Store)-level state are
2034/// recommended to use this type.
2035pub struct Caller<'a, T> {
2036 pub(crate) store: StoreContextMut<'a, T>,
2037 caller: &'a crate::runtime::vm::Instance,
2038}
2039
2040impl<T> Caller<'_, T> {
2041 unsafe fn with<F, R>(caller: NonNull<VMContext>, f: F) -> R
2042 where
2043 // The closure must be valid for any `Caller` it is given; it doesn't
2044 // get to choose the `Caller`'s lifetime.
2045 F: for<'a> FnOnce(Caller<'a, T>) -> R,
2046 // And the return value must not borrow from the caller/store.
2047 R: 'static,
2048 {
2049 crate::runtime::vm::InstanceAndStore::from_vmctx(caller, |pair| {
2050 let (instance, mut store) = pair.unpack_context_mut::<T>();
2051
2052 let (gc_lifo_scope, ret) = {
2053 let gc_lifo_scope = store.0.gc_roots().enter_lifo_scope();
2054
2055 let ret = f(Caller {
2056 store: store.as_context_mut(),
2057 caller: &instance,
2058 });
2059
2060 (gc_lifo_scope, ret)
2061 };
2062
2063 // Safe to recreate a mutable borrow of the store because `ret`
2064 // cannot be borrowing from the store.
2065 store.0.exit_gc_lifo_scope(gc_lifo_scope);
2066
2067 ret
2068 })
2069 }
2070
2071 fn sub_caller(&mut self) -> Caller<'_, T> {
2072 Caller {
2073 store: self.store.as_context_mut(),
2074 caller: self.caller,
2075 }
2076 }
2077
2078 /// Looks up an export from the caller's module by the `name` given.
2079 ///
2080 /// This is a low-level function that's typically used to implement passing
2081 /// of pointers or indices between core Wasm instances, where the callee
2082 /// needs to consult the caller's exports to perform memory management and
2083 /// resolve the references.
2084 ///
2085 /// For comparison, in components, the component model handles translating
2086 /// arguments from one component instance to another and managing memory, so
2087 /// that callees don't need to be aware of their callers, which promotes
2088 /// virtualizability of APIs.
2089 ///
2090 /// # Return
2091 ///
2092 /// If an export with the `name` provided was found, then it is returned as an
2093 /// `Extern`. There are a number of situations, however, where the export may not
2094 /// be available:
2095 ///
2096 /// * The caller instance may not have an export named `name`
2097 /// * There may not be a caller available, for example if `Func` was called
2098 /// directly from host code.
2099 ///
2100 /// It's recommended to take care when calling this API and gracefully
2101 /// handling a `None` return value.
2102 pub fn get_export(&mut self, name: &str) -> Option<Extern> {
2103 // All instances created have a `host_state` with a pointer pointing
2104 // back to themselves. If this caller doesn't have that `host_state`
2105 // then it probably means it was a host-created object like `Func::new`
2106 // which doesn't have any exports we want to return anyway.
2107 self.caller
2108 .host_state()
2109 .downcast_ref::<Instance>()?
2110 .get_export(&mut self.store, name)
2111 }
2112
2113 /// Looks up an exported [`Extern`] value by a [`ModuleExport`] value.
2114 ///
2115 /// This is similar to [`Self::get_export`] but uses a [`ModuleExport`] value to avoid
2116 /// string lookups where possible. [`ModuleExport`]s can be obtained by calling
2117 /// [`Module::get_export_index`] on the [`Module`] that an instance was instantiated with.
2118 ///
2119 /// This method will search the module for an export with a matching entity index and return
2120 /// the value, if found.
2121 ///
2122 /// Returns `None` if there was no export with a matching entity index.
2123 /// # Panics
2124 ///
2125 /// Panics if `store` does not own this instance.
2126 ///
2127 /// # Usage
2128 /// ```
2129 /// use std::str;
2130 ///
2131 /// # use wasmtime::*;
2132 /// # fn main() -> anyhow::Result<()> {
2133 /// # let mut store = Store::default();
2134 ///
2135 /// let module = Module::new(
2136 /// store.engine(),
2137 /// r#"
2138 /// (module
2139 /// (import "" "" (func $log_str (param i32 i32)))
2140 /// (func (export "foo")
2141 /// i32.const 4 ;; ptr
2142 /// i32.const 13 ;; len
2143 /// call $log_str)
2144 /// (memory (export "memory") 1)
2145 /// (data (i32.const 4) "Hello, world!"))
2146 /// "#,
2147 /// )?;
2148 ///
2149 /// let Some(module_export) = module.get_export_index("memory") else {
2150 /// anyhow::bail!("failed to find `memory` export in module");
2151 /// };
2152 ///
2153 /// let log_str = Func::wrap(&mut store, move |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
2154 /// let mem = match caller.get_module_export(&module_export) {
2155 /// Some(Extern::Memory(mem)) => mem,
2156 /// _ => anyhow::bail!("failed to find host memory"),
2157 /// };
2158 /// let data = mem.data(&caller)
2159 /// .get(ptr as u32 as usize..)
2160 /// .and_then(|arr| arr.get(..len as u32 as usize));
2161 /// let string = match data {
2162 /// Some(data) => match str::from_utf8(data) {
2163 /// Ok(s) => s,
2164 /// Err(_) => anyhow::bail!("invalid utf-8"),
2165 /// },
2166 /// None => anyhow::bail!("pointer/length out of bounds"),
2167 /// };
2168 /// assert_eq!(string, "Hello, world!");
2169 /// println!("{}", string);
2170 /// Ok(())
2171 /// });
2172 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
2173 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
2174 /// foo.call(&mut store, ())?;
2175 /// # Ok(())
2176 /// # }
2177 /// ```
2178 pub fn get_module_export(&mut self, export: &ModuleExport) -> Option<Extern> {
2179 self.caller
2180 .host_state()
2181 .downcast_ref::<Instance>()?
2182 .get_module_export(&mut self.store, export)
2183 }
2184
2185 /// Access the underlying data owned by this `Store`.
2186 ///
2187 /// Same as [`Store::data`](crate::Store::data)
2188 pub fn data(&self) -> &T {
2189 self.store.data()
2190 }
2191
2192 /// Access the underlying data owned by this `Store`.
2193 ///
2194 /// Same as [`Store::data_mut`](crate::Store::data_mut)
2195 pub fn data_mut(&mut self) -> &mut T {
2196 self.store.data_mut()
2197 }
2198
2199 /// Returns the underlying [`Engine`] this store is connected to.
2200 pub fn engine(&self) -> &Engine {
2201 self.store.engine()
2202 }
2203
2204 /// Perform garbage collection.
2205 ///
2206 /// Same as [`Store::gc`](crate::Store::gc).
2207 #[cfg(feature = "gc")]
2208 pub fn gc(&mut self) {
2209 self.store.gc()
2210 }
2211
2212 /// Perform garbage collection asynchronously.
2213 ///
2214 /// Same as [`Store::gc_async`](crate::Store::gc_async).
2215 #[cfg(all(feature = "async", feature = "gc"))]
2216 pub async fn gc_async(&mut self)
2217 where
2218 T: Send,
2219 {
2220 self.store.gc_async().await;
2221 }
2222
2223 /// Returns the remaining fuel in the store.
2224 ///
2225 /// For more information see [`Store::get_fuel`](crate::Store::get_fuel)
2226 pub fn get_fuel(&self) -> Result<u64> {
2227 self.store.get_fuel()
2228 }
2229
2230 /// Set the amount of fuel in this store to be consumed when executing wasm code.
2231 ///
2232 /// For more information see [`Store::set_fuel`](crate::Store::set_fuel)
2233 pub fn set_fuel(&mut self, fuel: u64) -> Result<()> {
2234 self.store.set_fuel(fuel)
2235 }
2236
2237 /// Configures this `Store` to yield while executing futures every N units of fuel.
2238 ///
2239 /// For more information see
2240 /// [`Store::fuel_async_yield_interval`](crate::Store::fuel_async_yield_interval)
2241 pub fn fuel_async_yield_interval(&mut self, interval: Option<u64>) -> Result<()> {
2242 self.store.fuel_async_yield_interval(interval)
2243 }
2244}
2245
2246impl<T> AsContext for Caller<'_, T> {
2247 type Data = T;
2248 fn as_context(&self) -> StoreContext<'_, T> {
2249 self.store.as_context()
2250 }
2251}
2252
2253impl<T> AsContextMut for Caller<'_, T> {
2254 fn as_context_mut(&mut self) -> StoreContextMut<'_, T> {
2255 self.store.as_context_mut()
2256 }
2257}
2258
2259// State stored inside a `VMArrayCallHostFuncContext`.
2260struct HostFuncState<F> {
2261 // The actual host function.
2262 func: F,
2263
2264 // NB: We have to keep our `VMSharedTypeIndex` registered in the engine for
2265 // as long as this function exists.
2266 #[allow(dead_code)]
2267 ty: RegisteredType,
2268}
2269
2270#[doc(hidden)]
2271pub enum HostContext {
2272 Array(StoreBox<VMArrayCallHostFuncContext>),
2273}
2274
2275impl From<StoreBox<VMArrayCallHostFuncContext>> for HostContext {
2276 fn from(ctx: StoreBox<VMArrayCallHostFuncContext>) -> Self {
2277 HostContext::Array(ctx)
2278 }
2279}
2280
2281impl HostContext {
2282 fn from_closure<F, T, P, R>(engine: &Engine, func: F) -> Self
2283 where
2284 F: Fn(Caller<'_, T>, P) -> R + Send + Sync + 'static,
2285 P: WasmTyList,
2286 R: WasmRet,
2287 {
2288 let ty = R::func_type(engine, None::<ValType>.into_iter().chain(P::valtypes()));
2289 let type_index = ty.type_index();
2290
2291 let array_call = Self::array_call_trampoline::<T, F, P, R>;
2292
2293 let ctx = unsafe {
2294 VMArrayCallHostFuncContext::new(
2295 array_call,
2296 type_index,
2297 Box::new(HostFuncState {
2298 func,
2299 ty: ty.into_registered_type(),
2300 }),
2301 )
2302 };
2303
2304 ctx.into()
2305 }
2306
2307 unsafe extern "C" fn array_call_trampoline<T, F, P, R>(
2308 callee_vmctx: NonNull<VMOpaqueContext>,
2309 caller_vmctx: NonNull<VMOpaqueContext>,
2310 args: NonNull<ValRaw>,
2311 args_len: usize,
2312 ) -> bool
2313 where
2314 F: Fn(Caller<'_, T>, P) -> R + 'static,
2315 P: WasmTyList,
2316 R: WasmRet,
2317 {
2318 // Note that this function is intentionally scoped into a
2319 // separate closure. Handling traps and panics will involve
2320 // longjmp-ing from this function which means we won't run
2321 // destructors. As a result anything requiring a destructor
2322 // should be part of this closure, and the long-jmp-ing
2323 // happens after the closure in handling the result.
2324 let run = move |mut caller: Caller<'_, T>| {
2325 let mut args =
2326 NonNull::slice_from_raw_parts(args.cast::<MaybeUninit<ValRaw>>(), args_len);
2327 let vmctx = VMArrayCallHostFuncContext::from_opaque(callee_vmctx);
2328 let state = vmctx.as_ref().host_state();
2329
2330 // Double-check ourselves in debug mode, but we control
2331 // the `Any` here so an unsafe downcast should also
2332 // work.
2333 debug_assert!(state.is::<HostFuncState<F>>());
2334 let state = &*(state as *const _ as *const HostFuncState<F>);
2335 let func = &state.func;
2336
2337 let ret = 'ret: {
2338 if let Err(trap) = caller.store.0.call_hook(CallHook::CallingHost) {
2339 break 'ret R::fallible_from_error(trap);
2340 }
2341
2342 let mut store = if P::may_gc() {
2343 AutoAssertNoGc::new(caller.store.0)
2344 } else {
2345 unsafe { AutoAssertNoGc::disabled(caller.store.0) }
2346 };
2347 let params = P::load(&mut store, args.as_mut());
2348 let _ = &mut store;
2349 drop(store);
2350
2351 let r = func(caller.sub_caller(), params);
2352 if let Err(trap) = caller.store.0.call_hook(CallHook::ReturningFromHost) {
2353 break 'ret R::fallible_from_error(trap);
2354 }
2355 r.into_fallible()
2356 };
2357
2358 if !ret.compatible_with_store(caller.store.0) {
2359 bail!("host function attempted to return cross-`Store` value to Wasm")
2360 } else {
2361 let mut store = if R::may_gc() {
2362 AutoAssertNoGc::new(caller.store.0)
2363 } else {
2364 unsafe { AutoAssertNoGc::disabled(caller.store.0) }
2365 };
2366 let ret = ret.store(&mut store, args.as_mut())?;
2367 Ok(ret)
2368 }
2369 };
2370
2371 // With nothing else on the stack move `run` into this
2372 // closure and then run it as part of `Caller::with`.
2373 crate::runtime::vm::catch_unwind_and_record_trap(move || {
2374 let caller_vmctx = VMContext::from_opaque(caller_vmctx);
2375 Caller::with(caller_vmctx, run)
2376 })
2377 }
2378}
2379
2380/// Representation of a host-defined function.
2381///
2382/// This is used for `Func::new` but also for `Linker`-defined functions. For
2383/// `Func::new` this is stored within a `Store`, and for `Linker`-defined
2384/// functions they wrap this up in `Arc` to enable shared ownership of this
2385/// across many stores.
2386///
2387/// Technically this structure needs a `<T>` type parameter to connect to the
2388/// `Store<T>` itself, but that's an unsafe contract of using this for now
2389/// rather than part of the struct type (to avoid `Func<T>` in the API).
2390pub(crate) struct HostFunc {
2391 ctx: HostContext,
2392
2393 // Stored to unregister this function's signature with the engine when this
2394 // is dropped.
2395 engine: Engine,
2396}
2397
2398impl core::fmt::Debug for HostFunc {
2399 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
2400 f.debug_struct("HostFunc").finish_non_exhaustive()
2401 }
2402}
2403
2404impl HostFunc {
2405 /// Analog of [`Func::new`]
2406 ///
2407 /// # Panics
2408 ///
2409 /// Panics if the given function type is not associated with the given
2410 /// engine.
2411 pub fn new<T>(
2412 engine: &Engine,
2413 ty: FuncType,
2414 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
2415 ) -> Self {
2416 assert!(ty.comes_from_same_engine(engine));
2417 let ty_clone = ty.clone();
2418 unsafe {
2419 HostFunc::new_unchecked(engine, ty, move |caller, values| {
2420 Func::invoke_host_func_for_wasm(caller, &ty_clone, values, &func)
2421 })
2422 }
2423 }
2424
2425 /// Analog of [`Func::new_unchecked`]
2426 ///
2427 /// # Panics
2428 ///
2429 /// Panics if the given function type is not associated with the given
2430 /// engine.
2431 pub unsafe fn new_unchecked<T>(
2432 engine: &Engine,
2433 ty: FuncType,
2434 func: impl Fn(Caller<'_, T>, &mut [ValRaw]) -> Result<()> + Send + Sync + 'static,
2435 ) -> Self {
2436 assert!(ty.comes_from_same_engine(engine));
2437 let func = move |caller_vmctx, values: &mut [ValRaw]| {
2438 Caller::<T>::with(caller_vmctx, |mut caller| {
2439 caller.store.0.call_hook(CallHook::CallingHost)?;
2440 let result = func(caller.sub_caller(), values)?;
2441 caller.store.0.call_hook(CallHook::ReturningFromHost)?;
2442 Ok(result)
2443 })
2444 };
2445 let ctx = crate::trampoline::create_array_call_function(&ty, func)
2446 .expect("failed to create function");
2447 HostFunc::_new(engine, ctx.into())
2448 }
2449
2450 /// Analog of [`Func::wrap_inner`]
2451 #[cfg(any(feature = "component-model", feature = "async"))]
2452 pub fn wrap_inner<F, T, Params, Results>(engine: &Engine, func: F) -> Self
2453 where
2454 F: Fn(Caller<'_, T>, Params) -> Results + Send + Sync + 'static,
2455 Params: WasmTyList,
2456 Results: WasmRet,
2457 {
2458 let ctx = HostContext::from_closure(engine, func);
2459 HostFunc::_new(engine, ctx)
2460 }
2461
2462 /// Analog of [`Func::wrap`]
2463 pub fn wrap<T, Params, Results>(
2464 engine: &Engine,
2465 func: impl IntoFunc<T, Params, Results>,
2466 ) -> Self {
2467 let ctx = func.into_func(engine);
2468 HostFunc::_new(engine, ctx)
2469 }
2470
2471 /// Requires that this function's signature is already registered within
2472 /// `Engine`. This happens automatically during the above two constructors.
2473 fn _new(engine: &Engine, ctx: HostContext) -> Self {
2474 HostFunc {
2475 ctx,
2476 engine: engine.clone(),
2477 }
2478 }
2479
2480 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2481 /// it.
2482 ///
2483 /// # Unsafety
2484 ///
2485 /// Can only be inserted into stores with a matching `T` relative to when
2486 /// this `HostFunc` was first created.
2487 pub unsafe fn to_func(self: &Arc<Self>, store: &mut StoreOpaque) -> Func {
2488 self.validate_store(store);
2489 let me = self.clone();
2490 Func::from_func_kind(FuncKind::SharedHost(me), store)
2491 }
2492
2493 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2494 /// it.
2495 ///
2496 /// This function is similar to, but not equivalent, to `HostFunc::to_func`.
2497 /// Notably this function requires that the `Arc<Self>` pointer is otherwise
2498 /// rooted within the `StoreOpaque` via another means. When in doubt use
2499 /// `to_func` above as it's safer.
2500 ///
2501 /// # Unsafety
2502 ///
2503 /// Can only be inserted into stores with a matching `T` relative to when
2504 /// this `HostFunc` was first created.
2505 ///
2506 /// Additionally the `&Arc<Self>` is not cloned in this function. Instead a
2507 /// raw pointer to `Self` is stored within the `Store` for this function.
2508 /// The caller must arrange for the `Arc<Self>` to be "rooted" in the store
2509 /// provided via another means, probably by pushing to
2510 /// `StoreOpaque::rooted_host_funcs`.
2511 ///
2512 /// Similarly, the caller must arrange for `rooted_func_ref` to be rooted in
2513 /// the same store.
2514 pub unsafe fn to_func_store_rooted(
2515 self: &Arc<Self>,
2516 store: &mut StoreOpaque,
2517 rooted_func_ref: Option<NonNull<VMFuncRef>>,
2518 ) -> Func {
2519 self.validate_store(store);
2520
2521 if rooted_func_ref.is_some() {
2522 debug_assert!(self.func_ref().wasm_call.is_none());
2523 debug_assert!(matches!(self.ctx, HostContext::Array(_)));
2524 }
2525
2526 Func::from_func_kind(
2527 FuncKind::RootedHost(RootedHostFunc::new(self, rooted_func_ref)),
2528 store,
2529 )
2530 }
2531
2532 /// Same as [`HostFunc::to_func`], different ownership.
2533 unsafe fn into_func(self, store: &mut StoreOpaque) -> Func {
2534 self.validate_store(store);
2535 Func::from_func_kind(FuncKind::Host(Box::new(self)), store)
2536 }
2537
2538 fn validate_store(&self, store: &mut StoreOpaque) {
2539 // This assert is required to ensure that we can indeed safely insert
2540 // `self` into the `store` provided, otherwise the type information we
2541 // have listed won't be correct. This is possible to hit with the public
2542 // API of Wasmtime, and should be documented in relevant functions.
2543 assert!(
2544 Engine::same(&self.engine, store.engine()),
2545 "cannot use a store with a different engine than a linker was created with",
2546 );
2547 }
2548
2549 pub(crate) fn sig_index(&self) -> VMSharedTypeIndex {
2550 self.func_ref().type_index
2551 }
2552
2553 pub(crate) fn func_ref(&self) -> &VMFuncRef {
2554 match &self.ctx {
2555 HostContext::Array(ctx) => unsafe { ctx.get().as_ref().func_ref() },
2556 }
2557 }
2558
2559 pub(crate) fn host_ctx(&self) -> &HostContext {
2560 &self.ctx
2561 }
2562
2563 fn export_func(&self) -> ExportFunction {
2564 ExportFunction {
2565 func_ref: NonNull::from(self.func_ref()),
2566 }
2567 }
2568}
2569
2570impl FuncData {
2571 #[inline]
2572 fn export(&self) -> ExportFunction {
2573 self.kind.export()
2574 }
2575
2576 pub(crate) fn sig_index(&self) -> VMSharedTypeIndex {
2577 unsafe { self.export().func_ref.as_ref().type_index }
2578 }
2579}
2580
2581impl FuncKind {
2582 #[inline]
2583 fn export(&self) -> ExportFunction {
2584 match self {
2585 FuncKind::StoreOwned { export, .. } => *export,
2586 FuncKind::SharedHost(host) => host.export_func(),
2587 FuncKind::RootedHost(rooted) => ExportFunction {
2588 func_ref: NonNull::from(rooted.func_ref()),
2589 },
2590 FuncKind::Host(host) => host.export_func(),
2591 }
2592 }
2593}
2594
2595use self::rooted::*;
2596
2597/// An inner module is used here to force unsafe construction of
2598/// `RootedHostFunc` instead of accidentally safely allowing access to its
2599/// constructor.
2600mod rooted {
2601 use super::HostFunc;
2602 use crate::runtime::vm::{SendSyncPtr, VMFuncRef};
2603 use alloc::sync::Arc;
2604 use core::ptr::NonNull;
2605
2606 /// A variant of a pointer-to-a-host-function used in `FuncKind::RootedHost`
2607 /// above.
2608 ///
2609 /// For more documentation see `FuncKind::RootedHost`, `InstancePre`, and
2610 /// `HostFunc::to_func_store_rooted`.
2611 pub(crate) struct RootedHostFunc {
2612 func: SendSyncPtr<HostFunc>,
2613 func_ref: Option<SendSyncPtr<VMFuncRef>>,
2614 }
2615
2616 impl RootedHostFunc {
2617 /// Note that this is `unsafe` because this wrapper type allows safe
2618 /// access to the pointer given at any time, including outside the
2619 /// window of validity of `func`, so callers must not use the return
2620 /// value past the lifetime of the provided `func`.
2621 ///
2622 /// Similarly, callers must ensure that the given `func_ref` is valid
2623 /// for the lifetime of the return value.
2624 pub(crate) unsafe fn new(
2625 func: &Arc<HostFunc>,
2626 func_ref: Option<NonNull<VMFuncRef>>,
2627 ) -> RootedHostFunc {
2628 RootedHostFunc {
2629 func: NonNull::from(&**func).into(),
2630 func_ref: func_ref.map(|p| p.into()),
2631 }
2632 }
2633
2634 pub(crate) fn func(&self) -> &HostFunc {
2635 // Safety invariants are upheld by the `RootedHostFunc::new` caller.
2636 unsafe { self.func.as_ref() }
2637 }
2638
2639 pub(crate) fn func_ref(&self) -> &VMFuncRef {
2640 if let Some(f) = self.func_ref {
2641 // Safety invariants are upheld by the `RootedHostFunc::new` caller.
2642 unsafe { f.as_ref() }
2643 } else {
2644 self.func().func_ref()
2645 }
2646 }
2647 }
2648}
2649
2650#[cfg(test)]
2651mod tests {
2652 use super::*;
2653 use crate::Store;
2654
2655 #[test]
2656 fn hash_key_is_stable_across_duplicate_store_data_entries() -> Result<()> {
2657 let mut store = Store::<()>::default();
2658 let module = Module::new(
2659 store.engine(),
2660 r#"
2661 (module
2662 (func (export "f")
2663 nop
2664 )
2665 )
2666 "#,
2667 )?;
2668 let instance = Instance::new(&mut store, &module, &[])?;
2669
2670 // Each time we `get_func`, we call `Func::from_wasmtime` which adds a
2671 // new entry to `StoreData`, so `f1` and `f2` will have different
2672 // indices into `StoreData`.
2673 let f1 = instance.get_func(&mut store, "f").unwrap();
2674 let f2 = instance.get_func(&mut store, "f").unwrap();
2675
2676 // But their hash keys are the same.
2677 assert!(
2678 f1.hash_key(&mut store.as_context_mut().0)
2679 == f2.hash_key(&mut store.as_context_mut().0)
2680 );
2681
2682 // But the hash keys are different from different funcs.
2683 let instance2 = Instance::new(&mut store, &module, &[])?;
2684 let f3 = instance2.get_func(&mut store, "f").unwrap();
2685 assert!(
2686 f1.hash_key(&mut store.as_context_mut().0)
2687 != f3.hash_key(&mut store.as_context_mut().0)
2688 );
2689
2690 Ok(())
2691 }
2692}