wasmtime/runtime/func.rs
1use crate::prelude::*;
2use crate::runtime::Uninhabited;
3use crate::runtime::vm::{
4 self, InterpreterRef, SendSyncPtr, StoreBox, VMArrayCallHostFuncContext,
5 VMCommonStackInformation, VMContext, VMFuncRef, VMFunctionImport, VMOpaqueContext,
6 VMStoreContext,
7};
8use crate::store::{AutoAssertNoGc, InstanceId, StoreId, StoreOpaque};
9use crate::type_registry::RegisteredType;
10use crate::{
11 AsContext, AsContextMut, CallHook, Engine, Extern, FuncType, Instance, ModuleExport, Ref,
12 StoreContext, StoreContextMut, Val, ValRaw, ValType,
13};
14use alloc::sync::Arc;
15use core::ffi::c_void;
16#[cfg(feature = "async")]
17use core::future::Future;
18use core::mem::{self, MaybeUninit};
19use core::ptr::NonNull;
20use wasmtime_environ::VMSharedTypeIndex;
21
22/// A reference to the abstract `nofunc` heap value.
23///
24/// The are no instances of `(ref nofunc)`: it is an uninhabited type.
25///
26/// There is precisely one instance of `(ref null nofunc)`, aka `nullfuncref`:
27/// the null reference.
28///
29/// This `NoFunc` Rust type's sole purpose is for use with [`Func::wrap`]- and
30/// [`Func::typed`]-style APIs for statically typing a function as taking or
31/// returning a `(ref null nofunc)` (aka `Option<NoFunc>`) which is always
32/// `None`.
33///
34/// # Example
35///
36/// ```
37/// # use wasmtime::*;
38/// # fn _foo() -> Result<()> {
39/// let mut config = Config::new();
40/// config.wasm_function_references(true);
41/// let engine = Engine::new(&config)?;
42///
43/// let module = Module::new(
44/// &engine,
45/// r#"
46/// (module
47/// (func (export "f") (param (ref null nofunc))
48/// ;; If the reference is null, return.
49/// local.get 0
50/// ref.is_null nofunc
51/// br_if 0
52///
53/// ;; If the reference was not null (which is impossible)
54/// ;; then raise a trap.
55/// unreachable
56/// )
57/// )
58/// "#,
59/// )?;
60///
61/// let mut store = Store::new(&engine, ());
62/// let instance = Instance::new(&mut store, &module, &[])?;
63/// let f = instance.get_func(&mut store, "f").unwrap();
64///
65/// // We can cast a `(ref null nofunc)`-taking function into a typed function that
66/// // takes an `Option<NoFunc>` via the `Func::typed` method.
67/// let f = f.typed::<Option<NoFunc>, ()>(&store)?;
68///
69/// // We can call the typed function, passing the null `nofunc` reference.
70/// let result = f.call(&mut store, NoFunc::null());
71///
72/// // The function should not have trapped, because the reference we gave it was
73/// // null (as it had to be, since `NoFunc` is uninhabited).
74/// assert!(result.is_ok());
75/// # Ok(())
76/// # }
77/// ```
78#[derive(Copy, Clone, Debug, PartialEq, Eq)]
79pub struct NoFunc {
80 _inner: Uninhabited,
81}
82
83impl NoFunc {
84 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference.
85 #[inline]
86 pub fn null() -> Option<NoFunc> {
87 None
88 }
89
90 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
91 /// [`Ref`].
92 #[inline]
93 pub fn null_ref() -> Ref {
94 Ref::Func(None)
95 }
96
97 /// Get the null `(ref null nofunc)` (aka `nullfuncref`) reference as a
98 /// [`Val`].
99 #[inline]
100 pub fn null_val() -> Val {
101 Val::FuncRef(None)
102 }
103}
104
105/// A WebAssembly function which can be called.
106///
107/// This type typically represents an exported function from a WebAssembly
108/// module instance. In this case a [`Func`] belongs to an [`Instance`] and is
109/// loaded from there. A [`Func`] may also represent a host function as well in
110/// some cases, too.
111///
112/// Functions can be called in a few different ways, either synchronous or async
113/// and either typed or untyped (more on this below). Note that host functions
114/// are normally inserted directly into a [`Linker`](crate::Linker) rather than
115/// using this directly, but both options are available.
116///
117/// # `Func` and `async`
118///
119/// Functions from the perspective of WebAssembly are always synchronous. You
120/// might have an `async` function in Rust, however, which you'd like to make
121/// available from WebAssembly. Wasmtime supports asynchronously calling
122/// WebAssembly through native stack switching. You can get some more
123/// information about [asynchronous configs](crate::Config::async_support), but
124/// from the perspective of `Func` it's important to know that whether or not
125/// your [`Store`](crate::Store) is asynchronous will dictate whether you call
126/// functions through [`Func::call`] or [`Func::call_async`] (or the typed
127/// wrappers such as [`TypedFunc::call`] vs [`TypedFunc::call_async`]).
128///
129/// # To `Func::call` or to `Func::typed().call()`
130///
131/// There's a 2x2 matrix of methods to call [`Func`]. Invocations can either be
132/// asynchronous or synchronous. They can also be statically typed or not.
133/// Whether or not an invocation is asynchronous is indicated via the method
134/// being `async` and [`call_async`](Func::call_async) being the entry point.
135/// Otherwise for statically typed or not your options are:
136///
137/// * Dynamically typed - if you don't statically know the signature of the
138/// function that you're calling you'll be using [`Func::call`] or
139/// [`Func::call_async`]. These functions take a variable-length slice of
140/// "boxed" arguments in their [`Val`] representation. Additionally the
141/// results are returned as an owned slice of [`Val`]. These methods are not
142/// optimized due to the dynamic type checks that must occur, in addition to
143/// some dynamic allocations for where to put all the arguments. While this
144/// allows you to call all possible wasm function signatures, if you're
145/// looking for a speedier alternative you can also use...
146///
147/// * Statically typed - if you statically know the type signature of the wasm
148/// function you're calling, then you'll want to use the [`Func::typed`]
149/// method to acquire an instance of [`TypedFunc`]. This structure is static proof
150/// that the underlying wasm function has the ascripted type, and type
151/// validation is only done once up-front. The [`TypedFunc::call`] and
152/// [`TypedFunc::call_async`] methods are much more efficient than [`Func::call`]
153/// and [`Func::call_async`] because the type signature is statically known.
154/// This eschews runtime checks as much as possible to get into wasm as fast
155/// as possible.
156///
157/// # Examples
158///
159/// One way to get a `Func` is from an [`Instance`] after you've instantiated
160/// it:
161///
162/// ```
163/// # use wasmtime::*;
164/// # fn main() -> anyhow::Result<()> {
165/// let engine = Engine::default();
166/// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
167/// let mut store = Store::new(&engine, ());
168/// let instance = Instance::new(&mut store, &module, &[])?;
169/// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
170///
171/// // Work with `foo` as a `Func` at this point, such as calling it
172/// // dynamically...
173/// match foo.call(&mut store, &[], &mut []) {
174/// Ok(()) => { /* ... */ }
175/// Err(trap) => {
176/// panic!("execution of `foo` resulted in a wasm trap: {}", trap);
177/// }
178/// }
179/// foo.call(&mut store, &[], &mut [])?;
180///
181/// // ... or we can make a static assertion about its signature and call it.
182/// // Our first call here can fail if the signatures don't match, and then the
183/// // second call can fail if the function traps (like the `match` above).
184/// let foo = foo.typed::<(), ()>(&store)?;
185/// foo.call(&mut store, ())?;
186/// # Ok(())
187/// # }
188/// ```
189///
190/// You can also use the [`wrap` function](Func::wrap) to create a
191/// `Func`
192///
193/// ```
194/// # use wasmtime::*;
195/// # fn main() -> anyhow::Result<()> {
196/// let mut store = Store::<()>::default();
197///
198/// // Create a custom `Func` which can execute arbitrary code inside of the
199/// // closure.
200/// let add = Func::wrap(&mut store, |a: i32, b: i32| -> i32 { a + b });
201///
202/// // Next we can hook that up to a wasm module which uses it.
203/// let module = Module::new(
204/// store.engine(),
205/// r#"
206/// (module
207/// (import "" "" (func $add (param i32 i32) (result i32)))
208/// (func (export "call_add_twice") (result i32)
209/// i32.const 1
210/// i32.const 2
211/// call $add
212/// i32.const 3
213/// i32.const 4
214/// call $add
215/// i32.add))
216/// "#,
217/// )?;
218/// let instance = Instance::new(&mut store, &module, &[add.into()])?;
219/// let call_add_twice = instance.get_typed_func::<(), i32>(&mut store, "call_add_twice")?;
220///
221/// assert_eq!(call_add_twice.call(&mut store, ())?, 10);
222/// # Ok(())
223/// # }
224/// ```
225///
226/// Or you could also create an entirely dynamic `Func`!
227///
228/// ```
229/// # use wasmtime::*;
230/// # fn main() -> anyhow::Result<()> {
231/// let mut store = Store::<()>::default();
232///
233/// // Here we need to define the type signature of our `Double` function and
234/// // then wrap it up in a `Func`
235/// let double_type = wasmtime::FuncType::new(
236/// store.engine(),
237/// [wasmtime::ValType::I32].iter().cloned(),
238/// [wasmtime::ValType::I32].iter().cloned(),
239/// );
240/// let double = Func::new(&mut store, double_type, |_, params, results| {
241/// let mut value = params[0].unwrap_i32();
242/// value *= 2;
243/// results[0] = value.into();
244/// Ok(())
245/// });
246///
247/// let module = Module::new(
248/// store.engine(),
249/// r#"
250/// (module
251/// (import "" "" (func $double (param i32) (result i32)))
252/// (func $start
253/// i32.const 1
254/// call $double
255/// drop)
256/// (start $start))
257/// "#,
258/// )?;
259/// let instance = Instance::new(&mut store, &module, &[double.into()])?;
260/// // .. work with `instance` if necessary
261/// # Ok(())
262/// # }
263/// ```
264#[derive(Copy, Clone, Debug)]
265#[repr(C)] // here for the C API
266pub struct Func {
267 /// The store that the below pointer belongs to.
268 ///
269 /// It's only safe to look at the contents of the pointer below when the
270 /// `StoreOpaque` matching this id is in-scope.
271 store: StoreId,
272
273 /// The raw `VMFuncRef`, whose lifetime is bound to the store this func
274 /// belongs to.
275 ///
276 /// Note that this field has an `unsafe_*` prefix to discourage use of it.
277 /// This is only safe to read/use if `self.store` is validated to belong to
278 /// an ambiently provided `StoreOpaque` or similar. Use the
279 /// `self.func_ref()` method instead of this field to perform this check.
280 unsafe_func_ref: SendSyncPtr<VMFuncRef>,
281}
282
283// Double-check that the C representation in `extern.h` matches our in-Rust
284// representation here in terms of size/alignment/etc.
285const _: () = {
286 #[repr(C)]
287 struct C(u64, *mut u8);
288 assert!(core::mem::size_of::<C>() == core::mem::size_of::<Func>());
289 assert!(core::mem::align_of::<C>() == core::mem::align_of::<Func>());
290 assert!(core::mem::offset_of!(Func, store) == 0);
291};
292
293macro_rules! for_each_function_signature {
294 ($mac:ident) => {
295 $mac!(0);
296 $mac!(1 A1);
297 $mac!(2 A1 A2);
298 $mac!(3 A1 A2 A3);
299 $mac!(4 A1 A2 A3 A4);
300 $mac!(5 A1 A2 A3 A4 A5);
301 $mac!(6 A1 A2 A3 A4 A5 A6);
302 $mac!(7 A1 A2 A3 A4 A5 A6 A7);
303 $mac!(8 A1 A2 A3 A4 A5 A6 A7 A8);
304 $mac!(9 A1 A2 A3 A4 A5 A6 A7 A8 A9);
305 $mac!(10 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10);
306 $mac!(11 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11);
307 $mac!(12 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12);
308 $mac!(13 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13);
309 $mac!(14 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14);
310 $mac!(15 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15);
311 $mac!(16 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16);
312 $mac!(17 A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15 A16 A17);
313 };
314}
315
316mod typed;
317use crate::runtime::vm::VMStackChain;
318pub use typed::*;
319
320impl Func {
321 /// Creates a new `Func` with the given arguments, typically to create a
322 /// host-defined function to pass as an import to a module.
323 ///
324 /// * `store` - the store in which to create this [`Func`], which will own
325 /// the return value.
326 ///
327 /// * `ty` - the signature of this function, used to indicate what the
328 /// inputs and outputs are.
329 ///
330 /// * `func` - the native code invoked whenever this `Func` will be called.
331 /// This closure is provided a [`Caller`] as its first argument to learn
332 /// information about the caller, and then it's passed a list of
333 /// parameters as a slice along with a mutable slice of where to write
334 /// results.
335 ///
336 /// Note that the implementation of `func` must adhere to the `ty` signature
337 /// given, error or traps may occur if it does not respect the `ty`
338 /// signature. For example if the function type declares that it returns one
339 /// i32 but the `func` closures does not write anything into the results
340 /// slice then a trap may be generated.
341 ///
342 /// Additionally note that this is quite a dynamic function since signatures
343 /// are not statically known. For a more performant and ergonomic `Func`
344 /// it's recommended to use [`Func::wrap`] if you can because with
345 /// statically known signatures Wasmtime can optimize the implementation
346 /// much more.
347 ///
348 /// For more information about `Send + Sync + 'static` requirements on the
349 /// `func`, see [`Func::wrap`](#why-send--sync--static).
350 ///
351 /// # Errors
352 ///
353 /// The host-provided function here returns a
354 /// [`Result<()>`](anyhow::Result). If the function returns `Ok(())` then
355 /// that indicates that the host function completed successfully and wrote
356 /// the result into the `&mut [Val]` argument.
357 ///
358 /// If the function returns `Err(e)`, however, then this is equivalent to
359 /// the host function triggering a trap for wasm. WebAssembly execution is
360 /// immediately halted and the original caller of [`Func::call`], for
361 /// example, will receive the error returned here (possibly with
362 /// [`WasmBacktrace`](crate::WasmBacktrace) context information attached).
363 ///
364 /// For more information about errors in Wasmtime see the [`Trap`]
365 /// documentation.
366 ///
367 /// [`Trap`]: crate::Trap
368 ///
369 /// # Panics
370 ///
371 /// Panics if the given function type is not associated with this store's
372 /// engine.
373 pub fn new<T: 'static>(
374 store: impl AsContextMut<Data = T>,
375 ty: FuncType,
376 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
377 ) -> Self {
378 assert!(ty.comes_from_same_engine(store.as_context().engine()));
379 let ty_clone = ty.clone();
380 unsafe {
381 Func::new_unchecked(store, ty, move |caller, values| {
382 Func::invoke_host_func_for_wasm(caller, &ty_clone, values, &func)
383 })
384 }
385 }
386
387 /// Creates a new [`Func`] with the given arguments, although has fewer
388 /// runtime checks than [`Func::new`].
389 ///
390 /// This function takes a callback of a different signature than
391 /// [`Func::new`], instead receiving a raw pointer with a list of [`ValRaw`]
392 /// structures. These values have no type information associated with them
393 /// so it's up to the caller to provide a function that will correctly
394 /// interpret the list of values as those coming from the `ty` specified.
395 ///
396 /// If you're calling this from Rust it's recommended to either instead use
397 /// [`Func::new`] or [`Func::wrap`]. The [`Func::wrap`] API, in particular,
398 /// is both safer and faster than this API.
399 ///
400 /// # Errors
401 ///
402 /// See [`Func::new`] for the behavior of returning an error from the host
403 /// function provided here.
404 ///
405 /// # Unsafety
406 ///
407 /// This function is not safe because it's not known at compile time that
408 /// the `func` provided correctly interprets the argument types provided to
409 /// it, or that the results it produces will be of the correct type.
410 ///
411 /// # Panics
412 ///
413 /// Panics if the given function type is not associated with this store's
414 /// engine.
415 pub unsafe fn new_unchecked<T: 'static>(
416 mut store: impl AsContextMut<Data = T>,
417 ty: FuncType,
418 func: impl Fn(Caller<'_, T>, &mut [ValRaw]) -> Result<()> + Send + Sync + 'static,
419 ) -> Self {
420 assert!(ty.comes_from_same_engine(store.as_context().engine()));
421 let store = store.as_context_mut().0;
422
423 // SAFETY: the contract required by `new_unchecked` is the same as the
424 // contract required by this function itself.
425 let host = unsafe { HostFunc::new_unchecked(store.engine(), ty, func) };
426
427 // SAFETY: the `T` used by `func` matches the `T` of the store we're
428 // inserting into via this function's type signature.
429 unsafe { host.into_func(store) }
430 }
431
432 /// Creates a new host-defined WebAssembly function which, when called,
433 /// will run the asynchronous computation defined by `func` to completion
434 /// and then return the result to WebAssembly.
435 ///
436 /// This function is the asynchronous analogue of [`Func::new`] and much of
437 /// that documentation applies to this as well. The key difference is that
438 /// `func` returns a future instead of simply a `Result`. Note that the
439 /// returned future can close over any of the arguments, but it cannot close
440 /// over the state of the closure itself. It's recommended to store any
441 /// necessary async state in the `T` of the [`Store<T>`](crate::Store) which
442 /// can be accessed through [`Caller::data`] or [`Caller::data_mut`].
443 ///
444 /// For more information on `Send + Sync + 'static`, see
445 /// [`Func::wrap`](#why-send--sync--static).
446 ///
447 /// # Panics
448 ///
449 /// This function will panic if `store` is not associated with an [async
450 /// config](crate::Config::async_support).
451 ///
452 /// Panics if the given function type is not associated with this store's
453 /// engine.
454 ///
455 /// # Errors
456 ///
457 /// See [`Func::new`] for the behavior of returning an error from the host
458 /// function provided here.
459 ///
460 /// # Examples
461 ///
462 /// ```
463 /// # use wasmtime::*;
464 /// # fn main() -> anyhow::Result<()> {
465 /// // Simulate some application-specific state as well as asynchronous
466 /// // functions to query that state.
467 /// struct MyDatabase {
468 /// // ...
469 /// }
470 ///
471 /// impl MyDatabase {
472 /// async fn get_row_count(&self) -> u32 {
473 /// // ...
474 /// # 100
475 /// }
476 /// }
477 ///
478 /// let my_database = MyDatabase {
479 /// // ...
480 /// };
481 ///
482 /// // Using `new_async` we can hook up into calling our async
483 /// // `get_row_count` function.
484 /// let engine = Engine::new(Config::new().async_support(true))?;
485 /// let mut store = Store::new(&engine, MyDatabase {
486 /// // ...
487 /// });
488 /// let get_row_count_type = wasmtime::FuncType::new(
489 /// &engine,
490 /// None,
491 /// Some(wasmtime::ValType::I32),
492 /// );
493 /// let get = Func::new_async(&mut store, get_row_count_type, |caller, _params, results| {
494 /// Box::new(async move {
495 /// let count = caller.data().get_row_count().await;
496 /// results[0] = Val::I32(count as i32);
497 /// Ok(())
498 /// })
499 /// });
500 /// // ...
501 /// # Ok(())
502 /// # }
503 /// ```
504 #[cfg(all(feature = "async", feature = "cranelift"))]
505 pub fn new_async<T, F>(store: impl AsContextMut<Data = T>, ty: FuncType, func: F) -> Func
506 where
507 F: for<'a> Fn(
508 Caller<'a, T>,
509 &'a [Val],
510 &'a mut [Val],
511 ) -> Box<dyn Future<Output = Result<()>> + Send + 'a>
512 + Send
513 + Sync
514 + 'static,
515 T: 'static,
516 {
517 assert!(
518 store.as_context().async_support(),
519 "cannot use `new_async` without enabling async support in the config"
520 );
521 assert!(ty.comes_from_same_engine(store.as_context().engine()));
522 return Func::new(
523 store,
524 ty,
525 move |Caller { store, caller }, params, results| {
526 store.with_blocking(|store, cx| {
527 cx.block_on(core::pin::Pin::from(func(
528 Caller { store, caller },
529 params,
530 results,
531 )))
532 })?
533 },
534 );
535 }
536
537 /// Creates a new `Func` from a store and a funcref within that store.
538 ///
539 /// # Safety
540 ///
541 /// The safety of this function requires that `func_ref` is a valid function
542 /// pointer owned by `store`.
543 pub(crate) unsafe fn from_vm_func_ref(store: StoreId, func_ref: NonNull<VMFuncRef>) -> Func {
544 // SAFETY: given the contract of this function it's safe to read the
545 // `type_index` field.
546 unsafe {
547 debug_assert!(func_ref.as_ref().type_index != VMSharedTypeIndex::default());
548 }
549 Func {
550 store,
551 unsafe_func_ref: func_ref.into(),
552 }
553 }
554
555 /// Creates a new `Func` from the given Rust closure.
556 ///
557 /// This function will create a new `Func` which, when called, will
558 /// execute the given Rust closure. Unlike [`Func::new`] the target
559 /// function being called is known statically so the type signature can
560 /// be inferred. Rust types will map to WebAssembly types as follows:
561 ///
562 /// | Rust Argument Type | WebAssembly Type |
563 /// |-----------------------------------|-------------------------------------------|
564 /// | `i32` | `i32` |
565 /// | `u32` | `i32` |
566 /// | `i64` | `i64` |
567 /// | `u64` | `i64` |
568 /// | `f32` | `f32` |
569 /// | `f64` | `f64` |
570 /// | `V128` on x86-64 and aarch64 only | `v128` |
571 /// | `Option<Func>` | `funcref` aka `(ref null func)` |
572 /// | `Func` | `(ref func)` |
573 /// | `Option<Nofunc>` | `nullfuncref` aka `(ref null nofunc)` |
574 /// | `NoFunc` | `(ref nofunc)` |
575 /// | `Option<Rooted<ExternRef>>` | `externref` aka `(ref null extern)` |
576 /// | `Rooted<ExternRef>` | `(ref extern)` |
577 /// | `Option<NoExtern>` | `nullexternref` aka `(ref null noextern)` |
578 /// | `NoExtern` | `(ref noextern)` |
579 /// | `Option<Rooted<AnyRef>>` | `anyref` aka `(ref null any)` |
580 /// | `Rooted<AnyRef>` | `(ref any)` |
581 /// | `Option<Rooted<EqRef>>` | `eqref` aka `(ref null eq)` |
582 /// | `Rooted<EqRef>` | `(ref eq)` |
583 /// | `Option<I31>` | `i31ref` aka `(ref null i31)` |
584 /// | `I31` | `(ref i31)` |
585 /// | `Option<Rooted<StructRef>>` | `(ref null struct)` |
586 /// | `Rooted<StructRef>` | `(ref struct)` |
587 /// | `Option<Rooted<ArrayRef>>` | `(ref null array)` |
588 /// | `Rooted<ArrayRef>` | `(ref array)` |
589 /// | `Option<NoneRef>` | `nullref` aka `(ref null none)` |
590 /// | `NoneRef` | `(ref none)` |
591 ///
592 /// Note that anywhere a `Rooted<T>` appears, a `ManuallyRooted<T>` may also
593 /// be used.
594 ///
595 /// Any of the Rust types can be returned from the closure as well, in
596 /// addition to some extra types
597 ///
598 /// | Rust Return Type | WebAssembly Return Type | Meaning |
599 /// |-------------------|-------------------------|-----------------------|
600 /// | `()` | nothing | no return value |
601 /// | `T` | `T` | a single return value |
602 /// | `(T1, T2, ...)` | `T1 T2 ...` | multiple returns |
603 ///
604 /// Note that all return types can also be wrapped in `Result<_>` to
605 /// indicate that the host function can generate a trap as well as possibly
606 /// returning a value.
607 ///
608 /// Finally you can also optionally take [`Caller`] as the first argument of
609 /// your closure. If inserted then you're able to inspect the caller's
610 /// state, for example the [`Memory`](crate::Memory) it has exported so you
611 /// can read what pointers point to.
612 ///
613 /// Note that when using this API, the intention is to create as thin of a
614 /// layer as possible for when WebAssembly calls the function provided. With
615 /// sufficient inlining and optimization the WebAssembly will call straight
616 /// into `func` provided, with no extra fluff entailed.
617 ///
618 /// # Why `Send + Sync + 'static`?
619 ///
620 /// All host functions defined in a [`Store`](crate::Store) (including
621 /// those from [`Func::new`] and other constructors) require that the
622 /// `func` provided is `Send + Sync + 'static`. Additionally host functions
623 /// always are `Fn` as opposed to `FnMut` or `FnOnce`. This can at-a-glance
624 /// feel restrictive since the closure cannot close over as many types as
625 /// before. The reason for this, though, is to ensure that
626 /// [`Store<T>`](crate::Store) can implement both the `Send` and `Sync`
627 /// traits.
628 ///
629 /// Fear not, however, because this isn't as restrictive as it seems! Host
630 /// functions are provided a [`Caller<'_, T>`](crate::Caller) argument which
631 /// allows access to the host-defined data within the
632 /// [`Store`](crate::Store). The `T` type is not required to be any of
633 /// `Send`, `Sync`, or `'static`! This means that you can store whatever
634 /// you'd like in `T` and have it accessible by all host functions.
635 /// Additionally mutable access to `T` is allowed through
636 /// [`Caller::data_mut`].
637 ///
638 /// Most host-defined [`Func`] values provide closures that end up not
639 /// actually closing over any values. These zero-sized types will use the
640 /// context from [`Caller`] for host-defined information.
641 ///
642 /// # Errors
643 ///
644 /// The closure provided here to `wrap` can optionally return a
645 /// [`Result<T>`](anyhow::Result). Returning `Ok(t)` represents the host
646 /// function successfully completing with the `t` result. Returning
647 /// `Err(e)`, however, is equivalent to raising a custom wasm trap.
648 /// Execution of WebAssembly does not resume and the stack is unwound to the
649 /// original caller of the function where the error is returned.
650 ///
651 /// For more information about errors in Wasmtime see the [`Trap`]
652 /// documentation.
653 ///
654 /// [`Trap`]: crate::Trap
655 ///
656 /// # Examples
657 ///
658 /// First up we can see how simple wasm imports can be implemented, such
659 /// as a function that adds its two arguments and returns the result.
660 ///
661 /// ```
662 /// # use wasmtime::*;
663 /// # fn main() -> anyhow::Result<()> {
664 /// # let mut store = Store::<()>::default();
665 /// let add = Func::wrap(&mut store, |a: i32, b: i32| a + b);
666 /// let module = Module::new(
667 /// store.engine(),
668 /// r#"
669 /// (module
670 /// (import "" "" (func $add (param i32 i32) (result i32)))
671 /// (func (export "foo") (param i32 i32) (result i32)
672 /// local.get 0
673 /// local.get 1
674 /// call $add))
675 /// "#,
676 /// )?;
677 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
678 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
679 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
680 /// # Ok(())
681 /// # }
682 /// ```
683 ///
684 /// We can also do the same thing, but generate a trap if the addition
685 /// overflows:
686 ///
687 /// ```
688 /// # use wasmtime::*;
689 /// # fn main() -> anyhow::Result<()> {
690 /// # let mut store = Store::<()>::default();
691 /// let add = Func::wrap(&mut store, |a: i32, b: i32| {
692 /// match a.checked_add(b) {
693 /// Some(i) => Ok(i),
694 /// None => anyhow::bail!("overflow"),
695 /// }
696 /// });
697 /// let module = Module::new(
698 /// store.engine(),
699 /// r#"
700 /// (module
701 /// (import "" "" (func $add (param i32 i32) (result i32)))
702 /// (func (export "foo") (param i32 i32) (result i32)
703 /// local.get 0
704 /// local.get 1
705 /// call $add))
706 /// "#,
707 /// )?;
708 /// let instance = Instance::new(&mut store, &module, &[add.into()])?;
709 /// let foo = instance.get_typed_func::<(i32, i32), i32>(&mut store, "foo")?;
710 /// assert_eq!(foo.call(&mut store, (1, 2))?, 3);
711 /// assert!(foo.call(&mut store, (i32::max_value(), 1)).is_err());
712 /// # Ok(())
713 /// # }
714 /// ```
715 ///
716 /// And don't forget all the wasm types are supported!
717 ///
718 /// ```
719 /// # use wasmtime::*;
720 /// # fn main() -> anyhow::Result<()> {
721 /// # let mut store = Store::<()>::default();
722 /// let debug = Func::wrap(&mut store, |a: i32, b: u32, c: f32, d: i64, e: u64, f: f64| {
723 ///
724 /// println!("a={}", a);
725 /// println!("b={}", b);
726 /// println!("c={}", c);
727 /// println!("d={}", d);
728 /// println!("e={}", e);
729 /// println!("f={}", f);
730 /// });
731 /// let module = Module::new(
732 /// store.engine(),
733 /// r#"
734 /// (module
735 /// (import "" "" (func $debug (param i32 i32 f32 i64 i64 f64)))
736 /// (func (export "foo")
737 /// i32.const -1
738 /// i32.const 1
739 /// f32.const 2
740 /// i64.const -3
741 /// i64.const 3
742 /// f64.const 4
743 /// call $debug))
744 /// "#,
745 /// )?;
746 /// let instance = Instance::new(&mut store, &module, &[debug.into()])?;
747 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
748 /// foo.call(&mut store, ())?;
749 /// # Ok(())
750 /// # }
751 /// ```
752 ///
753 /// Finally if you want to get really fancy you can also implement
754 /// imports that read/write wasm module's memory
755 ///
756 /// ```
757 /// use std::str;
758 ///
759 /// # use wasmtime::*;
760 /// # fn main() -> anyhow::Result<()> {
761 /// # let mut store = Store::default();
762 /// let log_str = Func::wrap(&mut store, |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
763 /// let mem = match caller.get_export("memory") {
764 /// Some(Extern::Memory(mem)) => mem,
765 /// _ => anyhow::bail!("failed to find host memory"),
766 /// };
767 /// let data = mem.data(&caller)
768 /// .get(ptr as u32 as usize..)
769 /// .and_then(|arr| arr.get(..len as u32 as usize));
770 /// let string = match data {
771 /// Some(data) => match str::from_utf8(data) {
772 /// Ok(s) => s,
773 /// Err(_) => anyhow::bail!("invalid utf-8"),
774 /// },
775 /// None => anyhow::bail!("pointer/length out of bounds"),
776 /// };
777 /// assert_eq!(string, "Hello, world!");
778 /// println!("{}", string);
779 /// Ok(())
780 /// });
781 /// let module = Module::new(
782 /// store.engine(),
783 /// r#"
784 /// (module
785 /// (import "" "" (func $log_str (param i32 i32)))
786 /// (func (export "foo")
787 /// i32.const 4 ;; ptr
788 /// i32.const 13 ;; len
789 /// call $log_str)
790 /// (memory (export "memory") 1)
791 /// (data (i32.const 4) "Hello, world!"))
792 /// "#,
793 /// )?;
794 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
795 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
796 /// foo.call(&mut store, ())?;
797 /// # Ok(())
798 /// # }
799 /// ```
800 pub fn wrap<T, Params, Results>(
801 mut store: impl AsContextMut<Data = T>,
802 func: impl IntoFunc<T, Params, Results>,
803 ) -> Func
804 where
805 T: 'static,
806 {
807 let store = store.as_context_mut().0;
808 let host = HostFunc::wrap(store.engine(), func);
809
810 // SAFETY: The `T` the closure takes is the same as the `T` of the store
811 // we're inserting into via the type signature above.
812 unsafe { host.into_func(store) }
813 }
814
815 #[cfg(feature = "async")]
816 fn wrap_inner<F, T, Params, Results>(mut store: impl AsContextMut<Data = T>, func: F) -> Func
817 where
818 F: Fn(Caller<'_, T>, Params) -> Results + Send + Sync + 'static,
819 Params: WasmTyList,
820 Results: WasmRet,
821 T: 'static,
822 {
823 let store = store.as_context_mut().0;
824 let host = HostFunc::wrap_inner(store.engine(), func);
825
826 // SAFETY: The `T` the closure takes is the same as the `T` of the store
827 // we're inserting into via the type signature above.
828 unsafe { host.into_func(store) }
829 }
830
831 /// Same as [`Func::wrap`], except the closure asynchronously produces the
832 /// result and the arguments are passed within a tuple. For more information
833 /// see the [`Func`] documentation.
834 ///
835 /// # Panics
836 ///
837 /// This function will panic if called with a non-asynchronous store.
838 #[cfg(feature = "async")]
839 pub fn wrap_async<T, F, P, R>(store: impl AsContextMut<Data = T>, func: F) -> Func
840 where
841 F: for<'a> Fn(Caller<'a, T>, P) -> Box<dyn Future<Output = R> + Send + 'a>
842 + Send
843 + Sync
844 + 'static,
845 P: WasmTyList,
846 R: WasmRet,
847 T: 'static,
848 {
849 assert!(
850 store.as_context().async_support(),
851 concat!("cannot use `wrap_async` without enabling async support on the config")
852 );
853 Func::wrap_inner(store, move |Caller { store, caller }, args| {
854 match store.block_on(|store| func(Caller { store, caller }, args).into()) {
855 Ok(ret) => ret.into_fallible(),
856 Err(e) => R::fallible_from_error(e),
857 }
858 })
859 }
860
861 /// Returns the underlying wasm type that this `Func` has.
862 ///
863 /// # Panics
864 ///
865 /// Panics if `store` does not own this function.
866 pub fn ty(&self, store: impl AsContext) -> FuncType {
867 self.load_ty(&store.as_context().0)
868 }
869
870 /// Forcibly loads the type of this function from the `Engine`.
871 ///
872 /// Note that this is a somewhat expensive method since it requires taking a
873 /// lock as well as cloning a type.
874 pub(crate) fn load_ty(&self, store: &StoreOpaque) -> FuncType {
875 FuncType::from_shared_type_index(store.engine(), self.type_index(store))
876 }
877
878 /// Does this function match the given type?
879 ///
880 /// That is, is this function's type a subtype of the given type?
881 ///
882 /// # Panics
883 ///
884 /// Panics if this function is not associated with the given store or if the
885 /// function type is not associated with the store's engine.
886 pub fn matches_ty(&self, store: impl AsContext, func_ty: &FuncType) -> bool {
887 self._matches_ty(store.as_context().0, func_ty)
888 }
889
890 pub(crate) fn _matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> bool {
891 let actual_ty = self.load_ty(store);
892 actual_ty.matches(func_ty)
893 }
894
895 pub(crate) fn ensure_matches_ty(&self, store: &StoreOpaque, func_ty: &FuncType) -> Result<()> {
896 if !self.comes_from_same_store(store) {
897 bail!("function used with wrong store");
898 }
899 if self._matches_ty(store, func_ty) {
900 Ok(())
901 } else {
902 let actual_ty = self.load_ty(store);
903 bail!("type mismatch: expected {func_ty}, found {actual_ty}")
904 }
905 }
906
907 pub(crate) fn type_index(&self, data: &StoreOpaque) -> VMSharedTypeIndex {
908 unsafe { self.vm_func_ref(data).as_ref().type_index }
909 }
910
911 /// Invokes this function with the `params` given and writes returned values
912 /// to `results`.
913 ///
914 /// The `params` here must match the type signature of this `Func`, or an
915 /// error will occur. Additionally `results` must have the same
916 /// length as the number of results for this function. Calling this function
917 /// will synchronously execute the WebAssembly function referenced to get
918 /// the results.
919 ///
920 /// This function will return `Ok(())` if execution completed without a trap
921 /// or error of any kind. In this situation the results will be written to
922 /// the provided `results` array.
923 ///
924 /// # Errors
925 ///
926 /// Any error which occurs throughout the execution of the function will be
927 /// returned as `Err(e)`. The [`Error`](anyhow::Error) type can be inspected
928 /// for the precise error cause such as:
929 ///
930 /// * [`Trap`] - indicates that a wasm trap happened and execution was
931 /// halted.
932 /// * [`WasmBacktrace`] - optionally included on errors for backtrace
933 /// information of the trap/error.
934 /// * Other string-based errors to indicate issues such as type errors with
935 /// `params`.
936 /// * Any host-originating error originally returned from a function defined
937 /// via [`Func::new`], for example.
938 ///
939 /// Errors typically indicate that execution of WebAssembly was halted
940 /// mid-way and did not complete after the error condition happened.
941 ///
942 /// [`Trap`]: crate::Trap
943 ///
944 /// # Panics
945 ///
946 /// This function will panic if called on a function belonging to an async
947 /// store. Asynchronous stores must always use `call_async`. Also panics if
948 /// `store` does not own this function.
949 ///
950 /// [`WasmBacktrace`]: crate::WasmBacktrace
951 pub fn call(
952 &self,
953 mut store: impl AsContextMut,
954 params: &[Val],
955 results: &mut [Val],
956 ) -> Result<()> {
957 assert!(
958 !store.as_context().async_support(),
959 "must use `call_async` when async support is enabled on the config",
960 );
961 let mut store = store.as_context_mut();
962
963 self.call_impl_check_args(&mut store, params, results)?;
964
965 unsafe { self.call_impl_do_call(&mut store, params, results) }
966 }
967
968 /// Invokes this function in an "unchecked" fashion, reading parameters and
969 /// writing results to `params_and_returns`.
970 ///
971 /// This function is the same as [`Func::call`] except that the arguments
972 /// and results both use a different representation. If possible it's
973 /// recommended to use [`Func::call`] if safety isn't necessary or to use
974 /// [`Func::typed`] in conjunction with [`TypedFunc::call`] since that's
975 /// both safer and faster than this method of invoking a function.
976 ///
977 /// Note that if this function takes `externref` arguments then it will
978 /// **not** automatically GC unlike the [`Func::call`] and
979 /// [`TypedFunc::call`] functions. This means that if this function is
980 /// invoked many times with new `ExternRef` values and no other GC happens
981 /// via any other means then no values will get collected.
982 ///
983 /// # Errors
984 ///
985 /// For more information about errors see the [`Func::call`] documentation.
986 ///
987 /// # Unsafety
988 ///
989 /// This function is unsafe because the `params_and_returns` argument is not
990 /// validated at all. It must uphold invariants such as:
991 ///
992 /// * It's a valid pointer to an array
993 /// * It has enough space to store all parameters
994 /// * It has enough space to store all results (not at the same time as
995 /// parameters)
996 /// * Parameters are initially written to the array and have the correct
997 /// types and such.
998 /// * Reference types like `externref` and `funcref` are valid at the
999 /// time of this call and for the `store` specified.
1000 ///
1001 /// These invariants are all upheld for you with [`Func::call`] and
1002 /// [`TypedFunc::call`].
1003 pub unsafe fn call_unchecked(
1004 &self,
1005 mut store: impl AsContextMut,
1006 params_and_returns: *mut [ValRaw],
1007 ) -> Result<()> {
1008 let mut store = store.as_context_mut();
1009 let func_ref = self.vm_func_ref(store.0);
1010 let params_and_returns = NonNull::new(params_and_returns).unwrap_or(NonNull::from(&mut []));
1011
1012 // SAFETY: the safety of this function call is the same as the contract
1013 // of this function.
1014 unsafe { Self::call_unchecked_raw(&mut store, func_ref, params_and_returns) }
1015 }
1016
1017 pub(crate) unsafe fn call_unchecked_raw<T>(
1018 store: &mut StoreContextMut<'_, T>,
1019 func_ref: NonNull<VMFuncRef>,
1020 params_and_returns: NonNull<[ValRaw]>,
1021 ) -> Result<()> {
1022 // SAFETY: the safety of this function call is the same as the contract
1023 // of this function.
1024 invoke_wasm_and_catch_traps(store, |caller, vm| unsafe {
1025 VMFuncRef::array_call(func_ref, vm, caller, params_and_returns)
1026 })
1027 }
1028
1029 /// Converts the raw representation of a `funcref` into an `Option<Func>`
1030 ///
1031 /// This is intended to be used in conjunction with [`Func::new_unchecked`],
1032 /// [`Func::call_unchecked`], and [`ValRaw`] with its `funcref` field. This
1033 /// is the dual of [`Func::to_raw`].
1034 ///
1035 /// # Unsafety
1036 ///
1037 /// This function is not safe because `raw` is not validated at all. The
1038 /// caller must guarantee that `raw` is owned by the `store` provided and is
1039 /// valid within the `store`.
1040 pub unsafe fn from_raw(mut store: impl AsContextMut, raw: *mut c_void) -> Option<Func> {
1041 // SAFETY: this function's own contract is that `raw` is owned by store
1042 // to make this safe.
1043 unsafe { Self::_from_raw(store.as_context_mut().0, raw) }
1044 }
1045
1046 /// Same as `from_raw`, but with the internal `StoreOpaque` type.
1047 pub(crate) unsafe fn _from_raw(store: &mut StoreOpaque, raw: *mut c_void) -> Option<Func> {
1048 // SAFETY: this function's own contract is that `raw` is owned by store
1049 // to make this safe.
1050 unsafe {
1051 Some(Func::from_vm_func_ref(
1052 store.id(),
1053 NonNull::new(raw.cast())?,
1054 ))
1055 }
1056 }
1057
1058 /// Extracts the raw value of this `Func`, which is owned by `store`.
1059 ///
1060 /// This function returns a value that's suitable for writing into the
1061 /// `funcref` field of the [`ValRaw`] structure.
1062 ///
1063 /// # Safety
1064 ///
1065 /// The returned value is only valid for as long as the store is alive.
1066 /// This value is safe to pass to [`Func::from_raw`] so long as the same
1067 /// `store` is provided.
1068 pub fn to_raw(&self, mut store: impl AsContextMut) -> *mut c_void {
1069 self.vm_func_ref(store.as_context_mut().0).as_ptr().cast()
1070 }
1071
1072 /// Invokes this function with the `params` given, returning the results
1073 /// asynchronously.
1074 ///
1075 /// This function is the same as [`Func::call`] except that it is
1076 /// asynchronous. This is only compatible with stores associated with an
1077 /// [asynchronous config](crate::Config::async_support).
1078 ///
1079 /// It's important to note that the execution of WebAssembly will happen
1080 /// synchronously in the `poll` method of the future returned from this
1081 /// function. Wasmtime does not manage its own thread pool or similar to
1082 /// execute WebAssembly in. Future `poll` methods are generally expected to
1083 /// resolve quickly, so it's recommended that you run or poll this future
1084 /// in a "blocking context".
1085 ///
1086 /// For more information see the documentation on [asynchronous
1087 /// configs](crate::Config::async_support).
1088 ///
1089 /// # Errors
1090 ///
1091 /// For more information on errors see the [`Func::call`] documentation.
1092 ///
1093 /// # Panics
1094 ///
1095 /// Panics if this is called on a function in a synchronous store. This
1096 /// only works with functions defined within an asynchronous store. Also
1097 /// panics if `store` does not own this function.
1098 #[cfg(feature = "async")]
1099 pub async fn call_async(
1100 &self,
1101 mut store: impl AsContextMut<Data: Send>,
1102 params: &[Val],
1103 results: &mut [Val],
1104 ) -> Result<()> {
1105 let mut store = store.as_context_mut();
1106 assert!(
1107 store.0.async_support(),
1108 "cannot use `call_async` without enabling async support in the config",
1109 );
1110
1111 self.call_impl_check_args(&mut store, params, results)?;
1112
1113 let result = store
1114 .on_fiber(|store| unsafe { self.call_impl_do_call(store, params, results) })
1115 .await??;
1116 Ok(result)
1117 }
1118
1119 /// Perform dynamic checks that the arguments given to us match
1120 /// the signature of this function and are appropriate to pass to this
1121 /// function.
1122 ///
1123 /// This involves checking to make sure we have the right number and types
1124 /// of arguments as well as making sure everything is from the same `Store`.
1125 ///
1126 /// This must be called just before `call_impl_do_call`.
1127 fn call_impl_check_args<T>(
1128 &self,
1129 store: &mut StoreContextMut<'_, T>,
1130 params: &[Val],
1131 results: &mut [Val],
1132 ) -> Result<()> {
1133 let ty = self.load_ty(store.0);
1134 if ty.params().len() != params.len() {
1135 bail!(
1136 "expected {} arguments, got {}",
1137 ty.params().len(),
1138 params.len()
1139 );
1140 }
1141 if ty.results().len() != results.len() {
1142 bail!(
1143 "expected {} results, got {}",
1144 ty.results().len(),
1145 results.len()
1146 );
1147 }
1148
1149 for (ty, arg) in ty.params().zip(params) {
1150 arg.ensure_matches_ty(store.0, &ty)
1151 .context("argument type mismatch")?;
1152 if !arg.comes_from_same_store(store.0) {
1153 bail!("cross-`Store` values are not currently supported");
1154 }
1155 }
1156
1157 Ok(())
1158 }
1159
1160 /// Do the actual call into Wasm.
1161 ///
1162 /// # Safety
1163 ///
1164 /// You must have type checked the arguments by calling
1165 /// `call_impl_check_args` immediately before calling this function. It is
1166 /// only safe to call this function if that one did not return an error.
1167 unsafe fn call_impl_do_call<T>(
1168 &self,
1169 store: &mut StoreContextMut<'_, T>,
1170 params: &[Val],
1171 results: &mut [Val],
1172 ) -> Result<()> {
1173 // Store the argument values into `values_vec`.
1174 let ty = self.load_ty(store.0);
1175 let values_vec_size = params.len().max(ty.results().len());
1176 let mut values_vec = store.0.take_wasm_val_raw_storage();
1177 debug_assert!(values_vec.is_empty());
1178 values_vec.resize_with(values_vec_size, || ValRaw::v128(0));
1179 for (arg, slot) in params.iter().cloned().zip(&mut values_vec) {
1180 *slot = arg.to_raw(&mut *store)?;
1181 }
1182
1183 unsafe {
1184 self.call_unchecked(
1185 &mut *store,
1186 core::ptr::slice_from_raw_parts_mut(values_vec.as_mut_ptr(), values_vec_size),
1187 )?;
1188 }
1189
1190 for ((i, slot), val) in results.iter_mut().enumerate().zip(&values_vec) {
1191 let ty = ty.results().nth(i).unwrap();
1192 *slot = unsafe { Val::from_raw(&mut *store, *val, ty) };
1193 }
1194 values_vec.truncate(0);
1195 store.0.save_wasm_val_raw_storage(values_vec);
1196 Ok(())
1197 }
1198
1199 #[inline]
1200 pub(crate) fn vm_func_ref(&self, store: &StoreOpaque) -> NonNull<VMFuncRef> {
1201 self.store.assert_belongs_to(store.id());
1202 self.unsafe_func_ref.as_non_null()
1203 }
1204
1205 pub(crate) fn vmimport(&self, store: &StoreOpaque) -> VMFunctionImport {
1206 unsafe {
1207 let f = self.vm_func_ref(store);
1208 VMFunctionImport {
1209 // Note that this is a load-bearing `unwrap` here, but is
1210 // never expected to trip at runtime. The general problem is
1211 // that host functions do not have a `wasm_call` function so
1212 // the `VMFuncRef` type has an optional pointer there. This is
1213 // only able to be filled out when a function is "paired" with
1214 // a module where trampolines are present to fill out
1215 // `wasm_call` pointers.
1216 //
1217 // This pairing of modules doesn't happen explicitly but is
1218 // instead managed lazily throughout Wasmtime. Specifically the
1219 // way this works is one of:
1220 //
1221 // * When a host function is created the store's list of
1222 // modules are searched for a wasm trampoline. If not found
1223 // the `wasm_call` field is left blank.
1224 //
1225 // * When a module instantiation happens, which uses this
1226 // function, the module will be used to fill any outstanding
1227 // holes that it has trampolines for.
1228 //
1229 // This means that by the time we get to this point any
1230 // relevant holes should be filled out. Thus if this panic
1231 // actually triggers then it's indicative of a missing `fill`
1232 // call somewhere else.
1233 wasm_call: f.as_ref().wasm_call.unwrap(),
1234 array_call: f.as_ref().array_call,
1235 vmctx: f.as_ref().vmctx,
1236 }
1237 }
1238 }
1239
1240 pub(crate) fn comes_from_same_store(&self, store: &StoreOpaque) -> bool {
1241 self.store == store.id()
1242 }
1243
1244 fn invoke_host_func_for_wasm<T>(
1245 mut caller: Caller<'_, T>,
1246 ty: &FuncType,
1247 values_vec: &mut [ValRaw],
1248 func: &dyn Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()>,
1249 ) -> Result<()> {
1250 // Translate the raw JIT arguments in `values_vec` into a `Val` which
1251 // we'll be passing as a slice. The storage for our slice-of-`Val` we'll
1252 // be taking from the `Store`. We preserve our slice back into the
1253 // `Store` after the hostcall, ideally amortizing the cost of allocating
1254 // the storage across wasm->host calls.
1255 //
1256 // Note that we have a dynamic guarantee that `values_vec` is the
1257 // appropriate length to both read all arguments from as well as store
1258 // all results into.
1259 let mut val_vec = caller.store.0.take_hostcall_val_storage();
1260 debug_assert!(val_vec.is_empty());
1261 let nparams = ty.params().len();
1262 val_vec.reserve(nparams + ty.results().len());
1263 for (i, ty) in ty.params().enumerate() {
1264 val_vec.push(unsafe { Val::from_raw(&mut caller.store, values_vec[i], ty) })
1265 }
1266
1267 val_vec.extend((0..ty.results().len()).map(|_| Val::null_func_ref()));
1268 let (params, results) = val_vec.split_at_mut(nparams);
1269 func(caller.sub_caller(), params, results)?;
1270
1271 // Unlike our arguments we need to dynamically check that the return
1272 // values produced are correct. There could be a bug in `func` that
1273 // produces the wrong number, wrong types, or wrong stores of
1274 // values, and we need to catch that here.
1275 for (i, (ret, ty)) in results.iter().zip(ty.results()).enumerate() {
1276 ret.ensure_matches_ty(caller.store.0, &ty)
1277 .context("function attempted to return an incompatible value")?;
1278 values_vec[i] = ret.to_raw(&mut caller.store)?;
1279 }
1280
1281 // Restore our `val_vec` back into the store so it's usable for the next
1282 // hostcall to reuse our own storage.
1283 val_vec.truncate(0);
1284 caller.store.0.save_hostcall_val_storage(val_vec);
1285 Ok(())
1286 }
1287
1288 /// Attempts to extract a typed object from this `Func` through which the
1289 /// function can be called.
1290 ///
1291 /// This function serves as an alternative to [`Func::call`] and
1292 /// [`Func::call_async`]. This method performs a static type check (using
1293 /// the `Params` and `Results` type parameters on the underlying wasm
1294 /// function. If the type check passes then a `TypedFunc` object is returned,
1295 /// otherwise an error is returned describing the typecheck failure.
1296 ///
1297 /// The purpose of this relative to [`Func::call`] is that it's much more
1298 /// efficient when used to invoke WebAssembly functions. With the types
1299 /// statically known far less setup/teardown is required when invoking
1300 /// WebAssembly. If speed is desired then this function is recommended to be
1301 /// used instead of [`Func::call`] (which is more general, hence its
1302 /// slowdown).
1303 ///
1304 /// The `Params` type parameter is used to describe the parameters of the
1305 /// WebAssembly function. This can either be a single type (like `i32`), or
1306 /// a tuple of types representing the list of parameters (like `(i32, f32,
1307 /// f64)`). Additionally you can use `()` to represent that the function has
1308 /// no parameters.
1309 ///
1310 /// The `Results` type parameter is used to describe the results of the
1311 /// function. This behaves the same way as `Params`, but just for the
1312 /// results of the function.
1313 ///
1314 /// # Translating Between WebAssembly and Rust Types
1315 ///
1316 /// Translation between Rust types and WebAssembly types looks like:
1317 ///
1318 /// | WebAssembly | Rust |
1319 /// |-------------------------------------------|---------------------------------------|
1320 /// | `i32` | `i32` or `u32` |
1321 /// | `i64` | `i64` or `u64` |
1322 /// | `f32` | `f32` |
1323 /// | `f64` | `f64` |
1324 /// | `externref` aka `(ref null extern)` | `Option<Rooted<ExternRef>>` |
1325 /// | `(ref extern)` | `Rooted<ExternRef>` |
1326 /// | `nullexternref` aka `(ref null noextern)` | `Option<NoExtern>` |
1327 /// | `(ref noextern)` | `NoExtern` |
1328 /// | `anyref` aka `(ref null any)` | `Option<Rooted<AnyRef>>` |
1329 /// | `(ref any)` | `Rooted<AnyRef>` |
1330 /// | `eqref` aka `(ref null eq)` | `Option<Rooted<EqRef>>` |
1331 /// | `(ref eq)` | `Rooted<EqRef>` |
1332 /// | `i31ref` aka `(ref null i31)` | `Option<I31>` |
1333 /// | `(ref i31)` | `I31` |
1334 /// | `structref` aka `(ref null struct)` | `Option<Rooted<StructRef>>` |
1335 /// | `(ref struct)` | `Rooted<StructRef>` |
1336 /// | `arrayref` aka `(ref null array)` | `Option<Rooted<ArrayRef>>` |
1337 /// | `(ref array)` | `Rooted<ArrayRef>` |
1338 /// | `nullref` aka `(ref null none)` | `Option<NoneRef>` |
1339 /// | `(ref none)` | `NoneRef` |
1340 /// | `funcref` aka `(ref null func)` | `Option<Func>` |
1341 /// | `(ref func)` | `Func` |
1342 /// | `(ref null <func type index>)` | `Option<Func>` |
1343 /// | `(ref <func type index>)` | `Func` |
1344 /// | `nullfuncref` aka `(ref null nofunc)` | `Option<NoFunc>` |
1345 /// | `(ref nofunc)` | `NoFunc` |
1346 /// | `v128` | `V128` on `x86-64` and `aarch64` only |
1347 ///
1348 /// (Note that this mapping is the same as that of [`Func::wrap`], and that
1349 /// anywhere a `Rooted<T>` appears, a `ManuallyRooted<T>` may also appear).
1350 ///
1351 /// Note that once the [`TypedFunc`] return value is acquired you'll use either
1352 /// [`TypedFunc::call`] or [`TypedFunc::call_async`] as necessary to actually invoke
1353 /// the function. This method does not invoke any WebAssembly code, it
1354 /// simply performs a typecheck before returning the [`TypedFunc`] value.
1355 ///
1356 /// This method also has a convenience wrapper as
1357 /// [`Instance::get_typed_func`](crate::Instance::get_typed_func) to
1358 /// directly get a typed function value from an
1359 /// [`Instance`](crate::Instance).
1360 ///
1361 /// ## Subtyping
1362 ///
1363 /// For result types, you can always use a supertype of the WebAssembly
1364 /// function's actual declared result type. For example, if the WebAssembly
1365 /// function was declared with type `(func (result nullfuncref))` you could
1366 /// successfully call `f.typed::<(), Option<Func>>()` because `Option<Func>`
1367 /// corresponds to `funcref`, which is a supertype of `nullfuncref`.
1368 ///
1369 /// For parameter types, you can always use a subtype of the WebAssembly
1370 /// function's actual declared parameter type. For example, if the
1371 /// WebAssembly function was declared with type `(func (param (ref null
1372 /// func)))` you could successfully call `f.typed::<Func, ()>()` because
1373 /// `Func` corresponds to `(ref func)`, which is a subtype of `(ref null
1374 /// func)`.
1375 ///
1376 /// Additionally, for functions which take a reference to a concrete type as
1377 /// a parameter, you can also use the concrete type's supertype. Consider a
1378 /// WebAssembly function that takes a reference to a function with a
1379 /// concrete type: `(ref null <func type index>)`. In this scenario, there
1380 /// is no static `wasmtime::Foo` Rust type that corresponds to that
1381 /// particular Wasm-defined concrete reference type because Wasm modules are
1382 /// loaded dynamically at runtime. You *could* do `f.typed::<Option<NoFunc>,
1383 /// ()>()`, and while that is correctly typed and valid, it is often overly
1384 /// restrictive. The only value you could call the resulting typed function
1385 /// with is the null function reference, but we'd like to call it with
1386 /// non-null function references that happen to be of the correct
1387 /// type. Therefore, `f.typed<Option<Func>, ()>()` is also allowed in this
1388 /// case, even though `Option<Func>` represents `(ref null func)` which is
1389 /// the supertype, not subtype, of `(ref null <func type index>)`. This does
1390 /// imply some minimal dynamic type checks in this case, but it is supported
1391 /// for better ergonomics, to enable passing non-null references into the
1392 /// function.
1393 ///
1394 /// # Errors
1395 ///
1396 /// This function will return an error if `Params` or `Results` does not
1397 /// match the native type of this WebAssembly function.
1398 ///
1399 /// # Panics
1400 ///
1401 /// This method will panic if `store` does not own this function.
1402 ///
1403 /// # Examples
1404 ///
1405 /// An end-to-end example of calling a function which takes no parameters
1406 /// and has no results:
1407 ///
1408 /// ```
1409 /// # use wasmtime::*;
1410 /// # fn main() -> anyhow::Result<()> {
1411 /// let engine = Engine::default();
1412 /// let mut store = Store::new(&engine, ());
1413 /// let module = Module::new(&engine, r#"(module (func (export "foo")))"#)?;
1414 /// let instance = Instance::new(&mut store, &module, &[])?;
1415 /// let foo = instance.get_func(&mut store, "foo").expect("export wasn't a function");
1416 ///
1417 /// // Note that this call can fail due to the typecheck not passing, but
1418 /// // in our case we statically know the module so we know this should
1419 /// // pass.
1420 /// let typed = foo.typed::<(), ()>(&store)?;
1421 ///
1422 /// // Note that this can fail if the wasm traps at runtime.
1423 /// typed.call(&mut store, ())?;
1424 /// # Ok(())
1425 /// # }
1426 /// ```
1427 ///
1428 /// You can also pass in multiple parameters and get a result back
1429 ///
1430 /// ```
1431 /// # use wasmtime::*;
1432 /// # fn foo(add: &Func, mut store: Store<()>) -> anyhow::Result<()> {
1433 /// let typed = add.typed::<(i32, i64), f32>(&store)?;
1434 /// assert_eq!(typed.call(&mut store, (1, 2))?, 3.0);
1435 /// # Ok(())
1436 /// # }
1437 /// ```
1438 ///
1439 /// and similarly if a function has multiple results you can bind that too
1440 ///
1441 /// ```
1442 /// # use wasmtime::*;
1443 /// # fn foo(add_with_overflow: &Func, mut store: Store<()>) -> anyhow::Result<()> {
1444 /// let typed = add_with_overflow.typed::<(u32, u32), (u32, i32)>(&store)?;
1445 /// let (result, overflow) = typed.call(&mut store, (u32::max_value(), 2))?;
1446 /// assert_eq!(result, 1);
1447 /// assert_eq!(overflow, 1);
1448 /// # Ok(())
1449 /// # }
1450 /// ```
1451 pub fn typed<Params, Results>(
1452 &self,
1453 store: impl AsContext,
1454 ) -> Result<TypedFunc<Params, Results>>
1455 where
1456 Params: WasmParams,
1457 Results: WasmResults,
1458 {
1459 // Type-check that the params/results are all valid
1460 let store = store.as_context().0;
1461 let ty = self.load_ty(store);
1462 Params::typecheck(store.engine(), ty.params(), TypeCheckPosition::Param)
1463 .context("type mismatch with parameters")?;
1464 Results::typecheck(store.engine(), ty.results(), TypeCheckPosition::Result)
1465 .context("type mismatch with results")?;
1466
1467 // and then we can construct the typed version of this function
1468 // (unsafely), which should be safe since we just did the type check above.
1469 unsafe { Ok(TypedFunc::_new_unchecked(store, *self)) }
1470 }
1471
1472 /// Get a stable hash key for this function.
1473 ///
1474 /// Even if the same underlying function is added to the `StoreData`
1475 /// multiple times and becomes multiple `wasmtime::Func`s, this hash key
1476 /// will be consistent across all of these functions.
1477 #[cfg_attr(
1478 not(test),
1479 expect(dead_code, reason = "Not used yet, but added for consistency")
1480 )]
1481 pub(crate) fn hash_key(&self, store: &mut StoreOpaque) -> impl core::hash::Hash + Eq + use<> {
1482 self.vm_func_ref(store).as_ptr().addr()
1483 }
1484}
1485
1486/// Prepares for entrance into WebAssembly.
1487///
1488/// This function will set up context such that `closure` is allowed to call a
1489/// raw trampoline or a raw WebAssembly function. This *must* be called to do
1490/// things like catch traps and set up GC properly.
1491///
1492/// The `closure` provided receives a default "caller" `VMContext` parameter it
1493/// can pass to the called wasm function, if desired.
1494pub(crate) fn invoke_wasm_and_catch_traps<T>(
1495 store: &mut StoreContextMut<'_, T>,
1496 closure: impl FnMut(NonNull<VMContext>, Option<InterpreterRef<'_>>) -> bool,
1497) -> Result<()> {
1498 unsafe {
1499 // The `enter_wasm` call below will reset the store context's
1500 // `stack_chain` to a new `InitialStack`, pointing to the
1501 // stack-allocated `initial_stack_csi`.
1502 let mut initial_stack_csi = VMCommonStackInformation::running_default();
1503 // Stores some state of the runtime just before entering Wasm. Will be
1504 // restored upon exiting Wasm. Note that the `CallThreadState` that is
1505 // created by the `catch_traps` call below will store a pointer to this
1506 // stack-allocated `previous_runtime_state`.
1507 let mut previous_runtime_state =
1508 EntryStoreContext::enter_wasm(store, &mut initial_stack_csi);
1509
1510 if let Err(trap) = store.0.call_hook(CallHook::CallingWasm) {
1511 // `previous_runtime_state` implicitly dropped here
1512 return Err(trap);
1513 }
1514 let result = crate::runtime::vm::catch_traps(store, &mut previous_runtime_state, closure);
1515 core::mem::drop(previous_runtime_state);
1516 store.0.call_hook(CallHook::ReturningFromWasm)?;
1517 result
1518 }
1519}
1520
1521/// This type helps managing the state of the runtime when entering and exiting
1522/// Wasm. To this end, it contains a subset of the data in `VMStoreContext`.
1523/// Upon entering Wasm, it updates various runtime fields and their
1524/// original values saved in this struct. Upon exiting Wasm, the previous values
1525/// are restored.
1526pub(crate) struct EntryStoreContext {
1527 /// If set, contains value of `stack_limit` field to restore in
1528 /// `VMStoreContext` when exiting Wasm.
1529 pub stack_limit: Option<usize>,
1530 /// Contains value of `last_wasm_exit_pc` field to restore in
1531 /// `VMStoreContext` when exiting Wasm.
1532 pub last_wasm_exit_pc: usize,
1533 /// Contains value of `last_wasm_exit_trampoline_fp` field to restore in
1534 /// `VMStoreContext` when exiting Wasm.
1535 pub last_wasm_exit_trampoline_fp: usize,
1536 /// Contains value of `last_wasm_entry_fp` field to restore in
1537 /// `VMStoreContext` when exiting Wasm.
1538 pub last_wasm_entry_fp: usize,
1539 /// Contains value of `stack_chain` field to restore in
1540 /// `VMStoreContext` when exiting Wasm.
1541 pub stack_chain: VMStackChain,
1542
1543 /// We need a pointer to the runtime limits, so we can update them from
1544 /// `drop`/`exit_wasm`.
1545 vm_store_context: *const VMStoreContext,
1546}
1547
1548impl EntryStoreContext {
1549 /// This function is called to update and save state when
1550 /// WebAssembly is entered within the `Store`.
1551 ///
1552 /// This updates various fields such as:
1553 ///
1554 /// * The stack limit. This is what ensures that we limit the stack space
1555 /// allocated by WebAssembly code and it's relative to the initial stack
1556 /// pointer that called into wasm.
1557 ///
1558 /// It also saves the different last_wasm_* values in the `VMStoreContext`.
1559 pub fn enter_wasm<T>(
1560 store: &mut StoreContextMut<'_, T>,
1561 initial_stack_information: *mut VMCommonStackInformation,
1562 ) -> Self {
1563 let stack_limit;
1564
1565 // If this is a recursive call, e.g. our stack limit is already set, then
1566 // we may be able to skip this function.
1567 //
1568 // For synchronous stores there's nothing else to do because all wasm calls
1569 // happen synchronously and on the same stack. This means that the previous
1570 // stack limit will suffice for the next recursive call.
1571 //
1572 // For asynchronous stores then each call happens on a separate native
1573 // stack. This means that the previous stack limit is no longer relevant
1574 // because we're on a separate stack.
1575 if unsafe { *store.0.vm_store_context().stack_limit.get() } != usize::MAX
1576 && !store.0.async_support()
1577 {
1578 stack_limit = None;
1579 }
1580 // Ignore this stack pointer business on miri since we can't execute wasm
1581 // anyway and the concept of a stack pointer on miri is a bit nebulous
1582 // regardless.
1583 else if cfg!(miri) {
1584 stack_limit = None;
1585 } else {
1586 // When Cranelift has support for the host then we might be running native
1587 // compiled code meaning we need to read the actual stack pointer. If
1588 // Cranelift can't be used though then we're guaranteed to be running pulley
1589 // in which case this stack pointer isn't actually used as Pulley has custom
1590 // mechanisms for stack overflow.
1591 #[cfg(has_host_compiler_backend)]
1592 let stack_pointer = crate::runtime::vm::get_stack_pointer();
1593 #[cfg(not(has_host_compiler_backend))]
1594 let stack_pointer = {
1595 use wasmtime_environ::TripleExt;
1596 debug_assert!(store.engine().target().is_pulley());
1597 usize::MAX
1598 };
1599
1600 // Determine the stack pointer where, after which, any wasm code will
1601 // immediately trap. This is checked on the entry to all wasm functions.
1602 //
1603 // Note that this isn't 100% precise. We are requested to give wasm
1604 // `max_wasm_stack` bytes, but what we're actually doing is giving wasm
1605 // probably a little less than `max_wasm_stack` because we're
1606 // calculating the limit relative to this function's approximate stack
1607 // pointer. Wasm will be executed on a frame beneath this one (or next
1608 // to it). In any case it's expected to be at most a few hundred bytes
1609 // of slop one way or another. When wasm is typically given a MB or so
1610 // (a million bytes) the slop shouldn't matter too much.
1611 //
1612 // After we've got the stack limit then we store it into the `stack_limit`
1613 // variable.
1614 let wasm_stack_limit = stack_pointer
1615 .checked_sub(store.engine().config().max_wasm_stack)
1616 .unwrap();
1617 let prev_stack = unsafe {
1618 mem::replace(
1619 &mut *store.0.vm_store_context().stack_limit.get(),
1620 wasm_stack_limit,
1621 )
1622 };
1623 stack_limit = Some(prev_stack);
1624 }
1625
1626 unsafe {
1627 let last_wasm_exit_pc = *store.0.vm_store_context().last_wasm_exit_pc.get();
1628 let last_wasm_exit_trampoline_fp = *store
1629 .0
1630 .vm_store_context()
1631 .last_wasm_exit_trampoline_fp
1632 .get();
1633 let last_wasm_entry_fp = *store.0.vm_store_context().last_wasm_entry_fp.get();
1634
1635 let stack_chain = (*store.0.vm_store_context().stack_chain.get()).clone();
1636
1637 let new_stack_chain = VMStackChain::InitialStack(initial_stack_information);
1638 *store.0.vm_store_context().stack_chain.get() = new_stack_chain;
1639
1640 let vm_store_context = store.0.vm_store_context();
1641
1642 Self {
1643 stack_limit,
1644 last_wasm_exit_pc,
1645 last_wasm_exit_trampoline_fp,
1646 last_wasm_entry_fp,
1647 stack_chain,
1648 vm_store_context,
1649 }
1650 }
1651 }
1652
1653 /// This function restores the values stored in this struct. We invoke this
1654 /// function through this type's `Drop` implementation. This ensures that we
1655 /// even restore the values if we unwind the stack (e.g., because we are
1656 /// panicking out of a Wasm execution).
1657 #[inline]
1658 fn exit_wasm(&mut self) {
1659 unsafe {
1660 if let Some(limit) = self.stack_limit {
1661 *(&*self.vm_store_context).stack_limit.get() = limit;
1662 }
1663
1664 *(*self.vm_store_context).last_wasm_exit_trampoline_fp.get() =
1665 self.last_wasm_exit_trampoline_fp;
1666 *(*self.vm_store_context).last_wasm_exit_pc.get() = self.last_wasm_exit_pc;
1667 *(*self.vm_store_context).last_wasm_entry_fp.get() = self.last_wasm_entry_fp;
1668 *(*self.vm_store_context).stack_chain.get() = self.stack_chain.clone();
1669 }
1670 }
1671}
1672
1673impl Drop for EntryStoreContext {
1674 #[inline]
1675 fn drop(&mut self) {
1676 self.exit_wasm();
1677 }
1678}
1679
1680/// A trait implemented for types which can be returned from closures passed to
1681/// [`Func::wrap`] and friends.
1682///
1683/// This trait should not be implemented by user types. This trait may change at
1684/// any time internally. The types which implement this trait, however, are
1685/// stable over time.
1686///
1687/// For more information see [`Func::wrap`]
1688pub unsafe trait WasmRet {
1689 // Same as `WasmTy::compatible_with_store`.
1690 #[doc(hidden)]
1691 fn compatible_with_store(&self, store: &StoreOpaque) -> bool;
1692
1693 /// Stores this return value into the `ptr` specified using the rooted
1694 /// `store`.
1695 ///
1696 /// Traps are communicated through the `Result<_>` return value.
1697 ///
1698 /// # Unsafety
1699 ///
1700 /// This method is unsafe as `ptr` must have the correct length to store
1701 /// this result. This property is only checked in debug mode, not in release
1702 /// mode.
1703 #[doc(hidden)]
1704 unsafe fn store(
1705 self,
1706 store: &mut AutoAssertNoGc<'_>,
1707 ptr: &mut [MaybeUninit<ValRaw>],
1708 ) -> Result<()>;
1709
1710 #[doc(hidden)]
1711 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType;
1712 #[doc(hidden)]
1713 fn may_gc() -> bool;
1714
1715 // Utilities used to convert an instance of this type to a `Result`
1716 // explicitly, used when wrapping async functions which always bottom-out
1717 // in a function that returns a trap because futures can be cancelled.
1718 #[doc(hidden)]
1719 type Fallible: WasmRet;
1720 #[doc(hidden)]
1721 fn into_fallible(self) -> Self::Fallible;
1722 #[doc(hidden)]
1723 fn fallible_from_error(error: Error) -> Self::Fallible;
1724}
1725
1726unsafe impl<T> WasmRet for T
1727where
1728 T: WasmTy,
1729{
1730 type Fallible = Result<T>;
1731
1732 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1733 <Self as WasmTy>::compatible_with_store(self, store)
1734 }
1735
1736 unsafe fn store(
1737 self,
1738 store: &mut AutoAssertNoGc<'_>,
1739 ptr: &mut [MaybeUninit<ValRaw>],
1740 ) -> Result<()> {
1741 debug_assert!(ptr.len() > 0);
1742 // SAFETY: the contract of this function/trait combo is such that `ptr`
1743 // is valid to store this type's value, thus this lookup should be safe.
1744 unsafe { <Self as WasmTy>::store(self, store, ptr.get_unchecked_mut(0)) }
1745 }
1746
1747 fn may_gc() -> bool {
1748 T::may_gc()
1749 }
1750
1751 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1752 FuncType::new(engine, params, Some(<Self as WasmTy>::valtype()))
1753 }
1754
1755 fn into_fallible(self) -> Result<T> {
1756 Ok(self)
1757 }
1758
1759 fn fallible_from_error(error: Error) -> Result<T> {
1760 Err(error)
1761 }
1762}
1763
1764unsafe impl<T> WasmRet for Result<T>
1765where
1766 T: WasmRet,
1767{
1768 type Fallible = Self;
1769
1770 fn compatible_with_store(&self, store: &StoreOpaque) -> bool {
1771 match self {
1772 Ok(x) => <T as WasmRet>::compatible_with_store(x, store),
1773 Err(_) => true,
1774 }
1775 }
1776
1777 unsafe fn store(
1778 self,
1779 store: &mut AutoAssertNoGc<'_>,
1780 ptr: &mut [MaybeUninit<ValRaw>],
1781 ) -> Result<()> {
1782 // SAFETY: the safety of calling this function is the same as calling
1783 // the inner `store`.
1784 unsafe { self.and_then(|val| val.store(store, ptr)) }
1785 }
1786
1787 fn may_gc() -> bool {
1788 T::may_gc()
1789 }
1790
1791 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1792 T::func_type(engine, params)
1793 }
1794
1795 fn into_fallible(self) -> Result<T> {
1796 self
1797 }
1798
1799 fn fallible_from_error(error: Error) -> Result<T> {
1800 Err(error)
1801 }
1802}
1803
1804macro_rules! impl_wasm_host_results {
1805 ($n:tt $($t:ident)*) => (
1806 #[allow(non_snake_case, reason = "macro-generated code")]
1807 unsafe impl<$($t),*> WasmRet for ($($t,)*)
1808 where
1809 $($t: WasmTy,)*
1810 {
1811 type Fallible = Result<Self>;
1812
1813 #[inline]
1814 fn compatible_with_store(&self, _store: &StoreOpaque) -> bool {
1815 let ($($t,)*) = self;
1816 $( $t.compatible_with_store(_store) && )* true
1817 }
1818
1819 #[inline]
1820 unsafe fn store(
1821 self,
1822 _store: &mut AutoAssertNoGc<'_>,
1823 _ptr: &mut [MaybeUninit<ValRaw>],
1824 ) -> Result<()> {
1825 let ($($t,)*) = self;
1826 let mut _cur = 0;
1827 $(
1828 debug_assert!(_cur < _ptr.len());
1829 // SAFETY: `store`'s unsafe contract is that `_ptr` is
1830 // appropriately sized and additionally safe to call `store`
1831 // for sub-types.
1832 unsafe {
1833 let val = _ptr.get_unchecked_mut(_cur);
1834 _cur += 1;
1835 WasmTy::store($t, _store, val)?;
1836 }
1837 )*
1838 Ok(())
1839 }
1840
1841 #[doc(hidden)]
1842 fn may_gc() -> bool {
1843 $( $t::may_gc() || )* false
1844 }
1845
1846 fn func_type(engine: &Engine, params: impl Iterator<Item = ValType>) -> FuncType {
1847 FuncType::new(
1848 engine,
1849 params,
1850 IntoIterator::into_iter([$($t::valtype(),)*]),
1851 )
1852 }
1853
1854 #[inline]
1855 fn into_fallible(self) -> Result<Self> {
1856 Ok(self)
1857 }
1858
1859 #[inline]
1860 fn fallible_from_error(error: Error) -> Result<Self> {
1861 Err(error)
1862 }
1863 }
1864 )
1865}
1866
1867for_each_function_signature!(impl_wasm_host_results);
1868
1869/// Internal trait implemented for all arguments that can be passed to
1870/// [`Func::wrap`] and [`Linker::func_wrap`](crate::Linker::func_wrap).
1871///
1872/// This trait should not be implemented by external users, it's only intended
1873/// as an implementation detail of this crate.
1874pub trait IntoFunc<T, Params, Results>: Send + Sync + 'static {
1875 /// Convert this function into a `VM{Array,Native}CallHostFuncContext` and
1876 /// internal `VMFuncRef`.
1877 #[doc(hidden)]
1878 fn into_func(self, engine: &Engine) -> HostContext;
1879}
1880
1881macro_rules! impl_into_func {
1882 ($num:tt $arg:ident) => {
1883 // Implement for functions without a leading `&Caller` parameter,
1884 // delegating to the implementation below which does have the leading
1885 // `Caller` parameter.
1886 #[expect(non_snake_case, reason = "macro-generated code")]
1887 impl<T, F, $arg, R> IntoFunc<T, $arg, R> for F
1888 where
1889 F: Fn($arg) -> R + Send + Sync + 'static,
1890 $arg: WasmTy,
1891 R: WasmRet,
1892 T: 'static,
1893 {
1894 fn into_func(self, engine: &Engine) -> HostContext {
1895 let f = move |_: Caller<'_, T>, $arg: $arg| {
1896 self($arg)
1897 };
1898
1899 f.into_func(engine)
1900 }
1901 }
1902
1903 #[expect(non_snake_case, reason = "macro-generated code")]
1904 impl<T, F, $arg, R> IntoFunc<T, (Caller<'_, T>, $arg), R> for F
1905 where
1906 F: Fn(Caller<'_, T>, $arg) -> R + Send + Sync + 'static,
1907 $arg: WasmTy,
1908 R: WasmRet,
1909 T: 'static,
1910 {
1911 fn into_func(self, engine: &Engine) -> HostContext {
1912 HostContext::from_closure(engine, move |caller: Caller<'_, T>, ($arg,)| {
1913 self(caller, $arg)
1914 })
1915 }
1916 }
1917 };
1918 ($num:tt $($args:ident)*) => {
1919 // Implement for functions without a leading `&Caller` parameter,
1920 // delegating to the implementation below which does have the leading
1921 // `Caller` parameter.
1922 #[allow(non_snake_case, reason = "macro-generated code")]
1923 impl<T, F, $($args,)* R> IntoFunc<T, ($($args,)*), R> for F
1924 where
1925 F: Fn($($args),*) -> R + Send + Sync + 'static,
1926 $($args: WasmTy,)*
1927 R: WasmRet,
1928 T: 'static,
1929 {
1930 fn into_func(self, engine: &Engine) -> HostContext {
1931 let f = move |_: Caller<'_, T>, $($args:$args),*| {
1932 self($($args),*)
1933 };
1934
1935 f.into_func(engine)
1936 }
1937 }
1938
1939 #[allow(non_snake_case, reason = "macro-generated code")]
1940 impl<T, F, $($args,)* R> IntoFunc<T, (Caller<'_, T>, $($args,)*), R> for F
1941 where
1942 F: Fn(Caller<'_, T>, $($args),*) -> R + Send + Sync + 'static,
1943 $($args: WasmTy,)*
1944 R: WasmRet,
1945 T: 'static,
1946 {
1947 fn into_func(self, engine: &Engine) -> HostContext {
1948 HostContext::from_closure(engine, move |caller: Caller<'_, T>, ( $( $args ),* )| {
1949 self(caller, $( $args ),* )
1950 })
1951 }
1952 }
1953 }
1954}
1955
1956for_each_function_signature!(impl_into_func);
1957
1958/// Trait implemented for various tuples made up of types which implement
1959/// [`WasmTy`] that can be passed to [`Func::wrap_inner`] and
1960/// [`HostContext::from_closure`].
1961pub unsafe trait WasmTyList {
1962 /// Get the value type that each Type in the list represents.
1963 fn valtypes() -> impl Iterator<Item = ValType>;
1964
1965 // Load a version of `Self` from the `values` provided.
1966 //
1967 // # Safety
1968 //
1969 // This function is unsafe as it's up to the caller to ensure that `values` are
1970 // valid for this given type.
1971 #[doc(hidden)]
1972 unsafe fn load(store: &mut AutoAssertNoGc<'_>, values: &mut [MaybeUninit<ValRaw>]) -> Self;
1973
1974 #[doc(hidden)]
1975 fn may_gc() -> bool;
1976}
1977
1978macro_rules! impl_wasm_ty_list {
1979 ($num:tt $($args:ident)*) => (
1980 #[allow(non_snake_case, reason = "macro-generated code")]
1981 unsafe impl<$($args),*> WasmTyList for ($($args,)*)
1982 where
1983 $($args: WasmTy,)*
1984 {
1985 fn valtypes() -> impl Iterator<Item = ValType> {
1986 IntoIterator::into_iter([$($args::valtype(),)*])
1987 }
1988
1989 unsafe fn load(_store: &mut AutoAssertNoGc<'_>, _values: &mut [MaybeUninit<ValRaw>]) -> Self {
1990 let mut _cur = 0;
1991 ($({
1992 debug_assert!(_cur < _values.len());
1993 // SAFETY: this function's own contract means that `_values`
1994 // is appropriately sized/typed for the internal loads.
1995 unsafe {
1996 let ptr = _values.get_unchecked(_cur).assume_init_ref();
1997 _cur += 1;
1998 $args::load(_store, ptr)
1999 }
2000 },)*)
2001 }
2002
2003 fn may_gc() -> bool {
2004 $( $args::may_gc() || )* false
2005 }
2006 }
2007 );
2008}
2009
2010for_each_function_signature!(impl_wasm_ty_list);
2011
2012/// A structure representing the caller's context when creating a function
2013/// via [`Func::wrap`].
2014///
2015/// This structure can be taken as the first parameter of a closure passed to
2016/// [`Func::wrap`] or other constructors, and serves two purposes:
2017///
2018/// * First consumers can use [`Caller<'_, T>`](crate::Caller) to get access to
2019/// [`StoreContextMut<'_, T>`](crate::StoreContextMut) and/or get access to
2020/// `T` itself. This means that the [`Caller`] type can serve as a proxy to
2021/// the original [`Store`](crate::Store) itself and is used to satisfy
2022/// [`AsContext`] and [`AsContextMut`] bounds.
2023///
2024/// * Second a [`Caller`] can be used as the name implies, learning about the
2025/// caller's context, namely it's exported memory and exported functions. This
2026/// allows functions which take pointers as arguments to easily read the
2027/// memory the pointers point into, or if a function is expected to call
2028/// malloc in the wasm module to reserve space for the output you can do that.
2029///
2030/// Host functions which want access to [`Store`](crate::Store)-level state are
2031/// recommended to use this type.
2032pub struct Caller<'a, T: 'static> {
2033 pub(crate) store: StoreContextMut<'a, T>,
2034 caller: Instance,
2035}
2036
2037impl<T> Caller<'_, T> {
2038 #[cfg(feature = "async")]
2039 pub(crate) fn new(store: StoreContextMut<'_, T>, caller: Instance) -> Caller<'_, T> {
2040 Caller { store, caller }
2041 }
2042
2043 #[cfg(feature = "async")]
2044 pub(crate) fn caller(&self) -> Instance {
2045 self.caller
2046 }
2047
2048 /// Executes `f` with an appropriate `Caller`.
2049 ///
2050 /// This is the entrypoint for host functions in core wasm. The `store` and
2051 /// `instance` are created from `Instance::enter_host_from_wasm` and this
2052 /// will further invoke the host function that `f` refers to.
2053 fn with<F, R>(mut store: StoreContextMut<T>, caller: InstanceId, f: F) -> R
2054 where
2055 F: FnOnce(Caller<'_, T>) -> R,
2056 {
2057 let caller = Instance::from_wasmtime(caller, store.0);
2058
2059 let (gc_lifo_scope, ret) = {
2060 let gc_lifo_scope = store.0.gc_roots().enter_lifo_scope();
2061
2062 let ret = f(Caller {
2063 store: store.as_context_mut(),
2064 caller,
2065 });
2066
2067 (gc_lifo_scope, ret)
2068 };
2069
2070 store.0.exit_gc_lifo_scope(gc_lifo_scope);
2071
2072 ret
2073 }
2074
2075 fn sub_caller(&mut self) -> Caller<'_, T> {
2076 Caller {
2077 store: self.store.as_context_mut(),
2078 caller: self.caller,
2079 }
2080 }
2081
2082 /// Looks up an export from the caller's module by the `name` given.
2083 ///
2084 /// This is a low-level function that's typically used to implement passing
2085 /// of pointers or indices between core Wasm instances, where the callee
2086 /// needs to consult the caller's exports to perform memory management and
2087 /// resolve the references.
2088 ///
2089 /// For comparison, in components, the component model handles translating
2090 /// arguments from one component instance to another and managing memory, so
2091 /// that callees don't need to be aware of their callers, which promotes
2092 /// virtualizability of APIs.
2093 ///
2094 /// # Return
2095 ///
2096 /// If an export with the `name` provided was found, then it is returned as an
2097 /// `Extern`. There are a number of situations, however, where the export may not
2098 /// be available:
2099 ///
2100 /// * The caller instance may not have an export named `name`
2101 /// * There may not be a caller available, for example if `Func` was called
2102 /// directly from host code.
2103 ///
2104 /// It's recommended to take care when calling this API and gracefully
2105 /// handling a `None` return value.
2106 pub fn get_export(&mut self, name: &str) -> Option<Extern> {
2107 // All instances created have a `host_state` with a pointer pointing
2108 // back to themselves. If this caller doesn't have that `host_state`
2109 // then it probably means it was a host-created object like `Func::new`
2110 // which doesn't have any exports we want to return anyway.
2111 self.caller.get_export(&mut self.store, name)
2112 }
2113
2114 /// Looks up an exported [`Extern`] value by a [`ModuleExport`] value.
2115 ///
2116 /// This is similar to [`Self::get_export`] but uses a [`ModuleExport`] value to avoid
2117 /// string lookups where possible. [`ModuleExport`]s can be obtained by calling
2118 /// [`Module::get_export_index`] on the [`Module`] that an instance was instantiated with.
2119 ///
2120 /// This method will search the module for an export with a matching entity index and return
2121 /// the value, if found.
2122 ///
2123 /// Returns `None` if there was no export with a matching entity index.
2124 /// # Panics
2125 ///
2126 /// Panics if `store` does not own this instance.
2127 ///
2128 /// # Usage
2129 /// ```
2130 /// use std::str;
2131 ///
2132 /// # use wasmtime::*;
2133 /// # fn main() -> anyhow::Result<()> {
2134 /// # let mut store = Store::default();
2135 ///
2136 /// let module = Module::new(
2137 /// store.engine(),
2138 /// r#"
2139 /// (module
2140 /// (import "" "" (func $log_str (param i32 i32)))
2141 /// (func (export "foo")
2142 /// i32.const 4 ;; ptr
2143 /// i32.const 13 ;; len
2144 /// call $log_str)
2145 /// (memory (export "memory") 1)
2146 /// (data (i32.const 4) "Hello, world!"))
2147 /// "#,
2148 /// )?;
2149 ///
2150 /// let Some(module_export) = module.get_export_index("memory") else {
2151 /// anyhow::bail!("failed to find `memory` export in module");
2152 /// };
2153 ///
2154 /// let log_str = Func::wrap(&mut store, move |mut caller: Caller<'_, ()>, ptr: i32, len: i32| {
2155 /// let mem = match caller.get_module_export(&module_export) {
2156 /// Some(Extern::Memory(mem)) => mem,
2157 /// _ => anyhow::bail!("failed to find host memory"),
2158 /// };
2159 /// let data = mem.data(&caller)
2160 /// .get(ptr as u32 as usize..)
2161 /// .and_then(|arr| arr.get(..len as u32 as usize));
2162 /// let string = match data {
2163 /// Some(data) => match str::from_utf8(data) {
2164 /// Ok(s) => s,
2165 /// Err(_) => anyhow::bail!("invalid utf-8"),
2166 /// },
2167 /// None => anyhow::bail!("pointer/length out of bounds"),
2168 /// };
2169 /// assert_eq!(string, "Hello, world!");
2170 /// println!("{}", string);
2171 /// Ok(())
2172 /// });
2173 /// let instance = Instance::new(&mut store, &module, &[log_str.into()])?;
2174 /// let foo = instance.get_typed_func::<(), ()>(&mut store, "foo")?;
2175 /// foo.call(&mut store, ())?;
2176 /// # Ok(())
2177 /// # }
2178 /// ```
2179 pub fn get_module_export(&mut self, export: &ModuleExport) -> Option<Extern> {
2180 self.caller.get_module_export(&mut self.store, export)
2181 }
2182
2183 /// Access the underlying data owned by this `Store`.
2184 ///
2185 /// Same as [`Store::data`](crate::Store::data)
2186 pub fn data(&self) -> &T {
2187 self.store.data()
2188 }
2189
2190 /// Access the underlying data owned by this `Store`.
2191 ///
2192 /// Same as [`Store::data_mut`](crate::Store::data_mut)
2193 pub fn data_mut(&mut self) -> &mut T {
2194 self.store.data_mut()
2195 }
2196
2197 /// Returns the underlying [`Engine`] this store is connected to.
2198 pub fn engine(&self) -> &Engine {
2199 self.store.engine()
2200 }
2201
2202 /// Perform garbage collection.
2203 ///
2204 /// Same as [`Store::gc`](crate::Store::gc).
2205 #[cfg(feature = "gc")]
2206 pub fn gc(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>) {
2207 self.store.gc(why);
2208 }
2209
2210 /// Perform garbage collection asynchronously.
2211 ///
2212 /// Same as [`Store::gc_async`](crate::Store::gc_async).
2213 #[cfg(all(feature = "async", feature = "gc"))]
2214 pub async fn gc_async(&mut self, why: Option<&crate::GcHeapOutOfMemory<()>>)
2215 where
2216 T: Send + 'static,
2217 {
2218 self.store.gc_async(why).await;
2219 }
2220
2221 /// Returns the remaining fuel in the store.
2222 ///
2223 /// For more information see [`Store::get_fuel`](crate::Store::get_fuel)
2224 pub fn get_fuel(&self) -> Result<u64> {
2225 self.store.get_fuel()
2226 }
2227
2228 /// Set the amount of fuel in this store to be consumed when executing wasm code.
2229 ///
2230 /// For more information see [`Store::set_fuel`](crate::Store::set_fuel)
2231 pub fn set_fuel(&mut self, fuel: u64) -> Result<()> {
2232 self.store.set_fuel(fuel)
2233 }
2234
2235 /// Configures this `Store` to yield while executing futures every N units of fuel.
2236 ///
2237 /// For more information see
2238 /// [`Store::fuel_async_yield_interval`](crate::Store::fuel_async_yield_interval)
2239 pub fn fuel_async_yield_interval(&mut self, interval: Option<u64>) -> Result<()> {
2240 self.store.fuel_async_yield_interval(interval)
2241 }
2242}
2243
2244impl<T: 'static> AsContext for Caller<'_, T> {
2245 type Data = T;
2246 fn as_context(&self) -> StoreContext<'_, T> {
2247 self.store.as_context()
2248 }
2249}
2250
2251impl<T: 'static> AsContextMut for Caller<'_, T> {
2252 fn as_context_mut(&mut self) -> StoreContextMut<'_, T> {
2253 self.store.as_context_mut()
2254 }
2255}
2256
2257// State stored inside a `VMArrayCallHostFuncContext`.
2258struct HostFuncState<F> {
2259 // The actual host function.
2260 func: F,
2261
2262 // NB: We have to keep our `VMSharedTypeIndex` registered in the engine for
2263 // as long as this function exists.
2264 _ty: RegisteredType,
2265}
2266
2267#[doc(hidden)]
2268pub enum HostContext {
2269 Array(StoreBox<VMArrayCallHostFuncContext>),
2270}
2271
2272impl From<StoreBox<VMArrayCallHostFuncContext>> for HostContext {
2273 fn from(ctx: StoreBox<VMArrayCallHostFuncContext>) -> Self {
2274 HostContext::Array(ctx)
2275 }
2276}
2277
2278impl HostContext {
2279 fn from_closure<F, T, P, R>(engine: &Engine, func: F) -> Self
2280 where
2281 F: Fn(Caller<'_, T>, P) -> R + Send + Sync + 'static,
2282 P: WasmTyList,
2283 R: WasmRet,
2284 T: 'static,
2285 {
2286 let ty = R::func_type(engine, None::<ValType>.into_iter().chain(P::valtypes()));
2287 let type_index = ty.type_index();
2288
2289 let array_call = Self::array_call_trampoline::<T, F, P, R>;
2290
2291 let ctx = unsafe {
2292 VMArrayCallHostFuncContext::new(
2293 array_call,
2294 type_index,
2295 Box::new(HostFuncState {
2296 func,
2297 _ty: ty.into_registered_type(),
2298 }),
2299 )
2300 };
2301
2302 ctx.into()
2303 }
2304
2305 /// Raw entry trampoline for wasm for typed functions.
2306 ///
2307 /// # Safety
2308 ///
2309 /// The `callee_vmctx`, `caller_vmctx`, and `args` values must basically be
2310 /// "all valid" in the sense that they're from the same store, appropriately
2311 /// sized, appropriate to dereference, etc. This requires that `T` matches
2312 /// the type of the store that the vmctx values point to. The `F` parameter
2313 /// must match the state in `callee_vmctx`. The `P` and `R` type parameters
2314 /// must accurately describe the params/results store in `args`.
2315 unsafe extern "C" fn array_call_trampoline<T, F, P, R>(
2316 callee_vmctx: NonNull<VMOpaqueContext>,
2317 caller_vmctx: NonNull<VMContext>,
2318 args: NonNull<ValRaw>,
2319 args_len: usize,
2320 ) -> bool
2321 where
2322 F: Fn(Caller<'_, T>, P) -> R + 'static,
2323 P: WasmTyList,
2324 R: WasmRet,
2325 T: 'static,
2326 {
2327 // Note that this function is intentionally scoped into a
2328 // separate closure. Handling traps and panics will involve
2329 // longjmp-ing from this function which means we won't run
2330 // destructors. As a result anything requiring a destructor
2331 // should be part of this closure, and the long-jmp-ing
2332 // happens after the closure in handling the result.
2333 let run = move |mut caller: Caller<'_, T>| {
2334 let mut args =
2335 NonNull::slice_from_raw_parts(args.cast::<MaybeUninit<ValRaw>>(), args_len);
2336 // SAFETY: it's a safety contract of this function itself that
2337 // `callee_vmctx` is safe to read.
2338 let state = unsafe {
2339 let vmctx = VMArrayCallHostFuncContext::from_opaque(callee_vmctx);
2340 vmctx.as_ref().host_state()
2341 };
2342
2343 // Double-check ourselves in debug mode, but we control
2344 // the `Any` here so an unsafe downcast should also
2345 // work.
2346 //
2347 // SAFETY: all typed host functions use `HostFuncState<F>` as their
2348 // state so this should be safe to effectively do an unchecked
2349 // downcast.
2350 let state = unsafe {
2351 debug_assert!(state.is::<HostFuncState<F>>());
2352 &*(state as *const _ as *const HostFuncState<F>)
2353 };
2354 let func = &state.func;
2355
2356 let ret = 'ret: {
2357 if let Err(trap) = caller.store.0.call_hook(CallHook::CallingHost) {
2358 break 'ret R::fallible_from_error(trap);
2359 }
2360
2361 let mut store = if P::may_gc() {
2362 AutoAssertNoGc::new(caller.store.0)
2363 } else {
2364 unsafe { AutoAssertNoGc::disabled(caller.store.0) }
2365 };
2366 // SAFETY: this function requires `args` to be valid and the
2367 // `WasmTyList` trait means that everything should be correctly
2368 // ascribed/typed, making this valid to load from.
2369 let params = unsafe { P::load(&mut store, args.as_mut()) };
2370 let _ = &mut store;
2371 drop(store);
2372
2373 let r = func(caller.sub_caller(), params);
2374
2375 if let Err(trap) = caller.store.0.call_hook(CallHook::ReturningFromHost) {
2376 break 'ret R::fallible_from_error(trap);
2377 }
2378 r.into_fallible()
2379 };
2380
2381 if !ret.compatible_with_store(caller.store.0) {
2382 bail!("host function attempted to return cross-`Store` value to Wasm")
2383 } else {
2384 let mut store = if R::may_gc() {
2385 AutoAssertNoGc::new(caller.store.0)
2386 } else {
2387 unsafe { AutoAssertNoGc::disabled(caller.store.0) }
2388 };
2389 // SAFETY: this function requires that `args` is safe for this
2390 // type signature, and the guarantees of `WasmRet` means that
2391 // everything should be typed appropriately.
2392 let ret = unsafe { ret.store(&mut store, args.as_mut())? };
2393 Ok(ret)
2394 }
2395 };
2396
2397 // With nothing else on the stack move `run` into this
2398 // closure and then run it as part of `Caller::with`.
2399 //
2400 // SAFETY: this is an entrypoint of wasm which requires correct type
2401 // ascription of `T` itself, meaning that this should be safe to call
2402 // both `enter_host_from_wasm` as well as `unchecked_context_mut`.
2403 unsafe {
2404 vm::Instance::enter_host_from_wasm(caller_vmctx, |store, instance| {
2405 let store = store.unchecked_context_mut();
2406 Caller::with(store, instance, run)
2407 })
2408 }
2409 }
2410}
2411
2412/// Representation of a host-defined function.
2413///
2414/// This is used for `Func::new` but also for `Linker`-defined functions. For
2415/// `Func::new` this is stored within a `Store`, and for `Linker`-defined
2416/// functions they wrap this up in `Arc` to enable shared ownership of this
2417/// across many stores.
2418///
2419/// Technically this structure needs a `<T>` type parameter to connect to the
2420/// `Store<T>` itself, but that's an unsafe contract of using this for now
2421/// rather than part of the struct type (to avoid `Func<T>` in the API).
2422pub(crate) struct HostFunc {
2423 ctx: HostContext,
2424
2425 // Stored to unregister this function's signature with the engine when this
2426 // is dropped.
2427 engine: Engine,
2428}
2429
2430impl core::fmt::Debug for HostFunc {
2431 fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
2432 f.debug_struct("HostFunc").finish_non_exhaustive()
2433 }
2434}
2435
2436impl HostFunc {
2437 /// Analog of [`Func::new`]
2438 ///
2439 /// # Panics
2440 ///
2441 /// Panics if the given function type is not associated with the given
2442 /// engine.
2443 pub fn new<T>(
2444 engine: &Engine,
2445 ty: FuncType,
2446 func: impl Fn(Caller<'_, T>, &[Val], &mut [Val]) -> Result<()> + Send + Sync + 'static,
2447 ) -> Self
2448 where
2449 T: 'static,
2450 {
2451 assert!(ty.comes_from_same_engine(engine));
2452 let ty_clone = ty.clone();
2453 unsafe {
2454 HostFunc::new_unchecked(engine, ty, move |caller, values| {
2455 Func::invoke_host_func_for_wasm(caller, &ty_clone, values, &func)
2456 })
2457 }
2458 }
2459
2460 /// Analog of [`Func::new_unchecked`]
2461 ///
2462 /// # Panics
2463 ///
2464 /// Panics if the given function type is not associated with the given
2465 /// engine.
2466 ///
2467 /// # Safety
2468 ///
2469 /// The `func` provided must operate according to the `ty` provided to
2470 /// ensure it's reading the correctly-typed parameters and writing the
2471 /// correctly-typed results.
2472 pub unsafe fn new_unchecked<T>(
2473 engine: &Engine,
2474 ty: FuncType,
2475 func: impl Fn(Caller<'_, T>, &mut [ValRaw]) -> Result<()> + Send + Sync + 'static,
2476 ) -> Self
2477 where
2478 T: 'static,
2479 {
2480 assert!(ty.comes_from_same_engine(engine));
2481 let ctx = crate::trampoline::create_array_call_function(
2482 &ty,
2483 move |store, instance, values: &mut [ValRaw]| {
2484 // SAFETY: the later usage of `{,in}to_func` will connect `T` to
2485 // an actual store's `T` to ensure it's the same. This means
2486 // that the store this is invoked with always has `T` as a type
2487 // parameter which should make this cast safe.
2488 let store = unsafe { store.unchecked_context_mut::<T>() };
2489 Caller::with(store, instance, |mut caller| {
2490 caller.store.0.call_hook(CallHook::CallingHost)?;
2491 let result = func(caller.sub_caller(), values)?;
2492 caller.store.0.call_hook(CallHook::ReturningFromHost)?;
2493 Ok(result)
2494 })
2495 },
2496 )
2497 .expect("failed to create function");
2498 HostFunc::_new(engine, ctx.into())
2499 }
2500
2501 /// Analog of [`Func::wrap_inner`]
2502 #[cfg(any(feature = "component-model", feature = "async"))]
2503 pub fn wrap_inner<F, T, Params, Results>(engine: &Engine, func: F) -> Self
2504 where
2505 F: Fn(Caller<'_, T>, Params) -> Results + Send + Sync + 'static,
2506 Params: WasmTyList,
2507 Results: WasmRet,
2508 T: 'static,
2509 {
2510 let ctx = HostContext::from_closure(engine, func);
2511 HostFunc::_new(engine, ctx)
2512 }
2513
2514 /// Analog of [`Func::wrap`]
2515 pub fn wrap<T, Params, Results>(
2516 engine: &Engine,
2517 func: impl IntoFunc<T, Params, Results>,
2518 ) -> Self
2519 where
2520 T: 'static,
2521 {
2522 let ctx = func.into_func(engine);
2523 HostFunc::_new(engine, ctx)
2524 }
2525
2526 /// Requires that this function's signature is already registered within
2527 /// `Engine`. This happens automatically during the above two constructors.
2528 fn _new(engine: &Engine, ctx: HostContext) -> Self {
2529 HostFunc {
2530 ctx,
2531 engine: engine.clone(),
2532 }
2533 }
2534
2535 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2536 /// it.
2537 ///
2538 /// # Unsafety
2539 ///
2540 /// Can only be inserted into stores with a matching `T` relative to when
2541 /// this `HostFunc` was first created.
2542 pub unsafe fn to_func(self: &Arc<Self>, store: &mut StoreOpaque) -> Func {
2543 self.validate_store(store);
2544 let (funcrefs, modules) = store.func_refs_and_modules();
2545 let funcref = funcrefs.push_arc_host(self.clone(), modules);
2546 // SAFETY: this funcref was just pushed within the store, so it's safe
2547 // to say this store owns it.
2548 unsafe { Func::from_vm_func_ref(store.id(), funcref) }
2549 }
2550
2551 /// Inserts this `HostFunc` into a `Store`, returning the `Func` pointing to
2552 /// it.
2553 ///
2554 /// This function is similar to, but not equivalent, to `HostFunc::to_func`.
2555 /// Notably this function requires that the `Arc<Self>` pointer is otherwise
2556 /// rooted within the `StoreOpaque` via another means. When in doubt use
2557 /// `to_func` above as it's safer.
2558 ///
2559 /// # Unsafety
2560 ///
2561 /// Can only be inserted into stores with a matching `T` relative to when
2562 /// this `HostFunc` was first created.
2563 ///
2564 /// Additionally the `&Arc<Self>` is not cloned in this function. Instead a
2565 /// raw pointer to `Self` is stored within the `Store` for this function.
2566 /// The caller must arrange for the `Arc<Self>` to be "rooted" in the store
2567 /// provided via another means, probably by pushing to
2568 /// `StoreOpaque::rooted_host_funcs`.
2569 ///
2570 /// Similarly, the caller must arrange for `rooted_func_ref` to be rooted in
2571 /// the same store and additionally be a valid pointer.
2572 pub unsafe fn to_func_store_rooted(
2573 self: &Arc<Self>,
2574 store: &mut StoreOpaque,
2575 rooted_func_ref: Option<NonNull<VMFuncRef>>,
2576 ) -> Func {
2577 self.validate_store(store);
2578
2579 match rooted_func_ref {
2580 Some(funcref) => {
2581 // SAFETY: it's a contract of this function itself that
2582 // `funcref` is safe to read.
2583 unsafe {
2584 debug_assert!(funcref.as_ref().wasm_call.is_some());
2585 }
2586 // SAFETY: it's a contract of this function that `funcref` is
2587 // owned by `store`.
2588 unsafe { Func::from_vm_func_ref(store.id(), funcref) }
2589 }
2590 None => {
2591 debug_assert!(self.func_ref().wasm_call.is_some());
2592
2593 // SAFETY: it's an unsafe contract of this function that we are
2594 // rooted within the store to say that the store owns a copy of
2595 // this funcref.
2596 unsafe { Func::from_vm_func_ref(store.id(), self.func_ref().into()) }
2597 }
2598 }
2599 }
2600
2601 /// Same as [`HostFunc::to_func`], different ownership.
2602 unsafe fn into_func(self, store: &mut StoreOpaque) -> Func {
2603 self.validate_store(store);
2604 let (funcrefs, modules) = store.func_refs_and_modules();
2605 let funcref = funcrefs.push_box_host(Box::new(self), modules);
2606 // SAFETY: this funcref was just pushed within `store`, so it's safe to
2607 // say it's owned by the store's id.
2608 unsafe { Func::from_vm_func_ref(store.id(), funcref) }
2609 }
2610
2611 fn validate_store(&self, store: &mut StoreOpaque) {
2612 // This assert is required to ensure that we can indeed safely insert
2613 // `self` into the `store` provided, otherwise the type information we
2614 // have listed won't be correct. This is possible to hit with the public
2615 // API of Wasmtime, and should be documented in relevant functions.
2616 assert!(
2617 Engine::same(&self.engine, store.engine()),
2618 "cannot use a store with a different engine than a linker was created with",
2619 );
2620 }
2621
2622 pub(crate) fn sig_index(&self) -> VMSharedTypeIndex {
2623 self.func_ref().type_index
2624 }
2625
2626 pub(crate) fn func_ref(&self) -> &VMFuncRef {
2627 match &self.ctx {
2628 HostContext::Array(ctx) => unsafe { ctx.get().as_ref().func_ref() },
2629 }
2630 }
2631
2632 pub(crate) fn host_ctx(&self) -> &HostContext {
2633 &self.ctx
2634 }
2635}
2636
2637#[cfg(test)]
2638mod tests {
2639 use super::*;
2640 use crate::{Module, Store};
2641
2642 #[test]
2643 #[cfg_attr(miri, ignore)]
2644 fn hash_key_is_stable_across_duplicate_store_data_entries() -> Result<()> {
2645 let mut store = Store::<()>::default();
2646 let module = Module::new(
2647 store.engine(),
2648 r#"
2649 (module
2650 (func (export "f")
2651 nop
2652 )
2653 )
2654 "#,
2655 )?;
2656 let instance = Instance::new(&mut store, &module, &[])?;
2657
2658 // Each time we `get_func`, we call `Func::from_wasmtime` which adds a
2659 // new entry to `StoreData`, so `f1` and `f2` will have different
2660 // indices into `StoreData`.
2661 let f1 = instance.get_func(&mut store, "f").unwrap();
2662 let f2 = instance.get_func(&mut store, "f").unwrap();
2663
2664 // But their hash keys are the same.
2665 assert!(
2666 f1.hash_key(&mut store.as_context_mut().0)
2667 == f2.hash_key(&mut store.as_context_mut().0)
2668 );
2669
2670 // But the hash keys are different from different funcs.
2671 let instance2 = Instance::new(&mut store, &module, &[])?;
2672 let f3 = instance2.get_func(&mut store, "f").unwrap();
2673 assert!(
2674 f1.hash_key(&mut store.as_context_mut().0)
2675 != f3.hash_key(&mut store.as_context_mut().0)
2676 );
2677
2678 Ok(())
2679 }
2680}