This continues #788 and literally removes the type from the public API
of the `wasmtime` crate, making it inaccessible to the outside world.
Now it's purely an implementation detail, yay!
This commit refactors the `wasmtime-wast` crate to internally make it a
bit more concise with less repetition. Additionally it also improves the
error messages by guaranteeing that all failed tests have context
indicating where the test was defined.
It turns out there was also a bug in the previous implementation where
an `AssertMalformed` directive with a `quote` module would accidentally
skip all further tests. This has now been fixed, and all futher tests
continued to pass except for the `simd_const.wast` test. This test has
been disabled temporarily but once the `wasmparser` and `wast` crates
are updated (being worked on independently) this should be possible to
re-enable.
A few small updates to module creation in preparation for a future PR
which is a bit more invasive here with interface types.
* Move `read_imports_and_exports` to an instance method which configures
fields directly rather than returning a number of fields.
* Call between constructors as much as possible.
* Leverage `Rc::get_mut` which we know will work at module creation time
since we have the only reference.
* Only require `str` in `new_with_name`
It's a bit more idiomatic to have APIs require `&str` rather than
`String`, and the allocation doesn't matter much here since creating a
`Module` is pretty expensive anyway.
* Update a test
* Remove `HostRef` from the `wasmtime` public API
This commit removes all remaining usages of `HostRef` in the public API
of the `wasmtime` crate. This involved a number of API decisions such
as:
* None of `Func`, `Global`, `Table`, or `Memory` are wrapped in `HostRef`
* All of `Func`, `Global`, `Table`, and `Memory` implement `Clone` now.
* Methods called `type` are renamed to `ty` to avoid typing `r#type`.
* Methods requiring mutability for external items now no longer require
mutability. The mutable reference here is sort of a lie anyway since
the internals are aliased by the underlying module anyway. This
affects:
* `Table::set`
* `Table::grow`
* `Memory::grow`
* `Instance::set_signal_handler`
* The `Val::FuncRef` type is now no longer automatically coerced to
`AnyRef`. This is technically a breaking change which is pretty bad,
but I'm hoping that we can live with this interim state while we sort
out the `AnyRef` story in general.
* The implementation of the C API was refactored and updated in a few
locations to account for these changes:
* Accessing the exports of an instance are now cached to ensure we
always hand out the same `HostRef` values.
* `wasm_*_t` for external values no longer have internal cache,
instead they all wrap `wasm_external_t` and have an unchecked
accessor for the underlying variant (since the type is proof that
it's there). This makes casting back and forth much more trivial.
This is all related to #708 and while there's still more work to be done
in terms of documentation, this is the major bulk of the rest of the
implementation work on #708 I believe.
* More API updates
* Run rustfmt
* Fix a doc test
* More test updates
This commit fixes the `wasmtime::Instance` instantiation API when
imports have the same name but might be imported under different types.
This is handled in the API by listing imports as a list instead of as a
name map, but they were interpreted as a name map under the hood causing
collisions.
This commit now keeps track of the index used to define each import, and
the index is passed through in the `Resolver`. Existing implementaitons
of `Resolver` all ignore this, but the API now uses it exclusivley to
match up `Extern` definitions to imports.
This commit implements `fd_fdstat_set_flags` for Windows.
Additionally, it fixes a problem where `O_APPEND` was not working correctly
because `GENERIC_WRITE` was always being set; as a result, `FILE_WRITE_DATA`
could not be removed from the permission set to properly enable append-only
mode.
It also treats `O_TRUNC` with `O_APPEND` as an invalid argument error. This is
because Windows cannot support these two flags together. To support `O_TRUNC`,
the `GENERIC_WRITE` bit must be set for the file access flags. Setting this
bit will cause `FILE_WRITE_DATA` to be set, which will not properly treat the
file as append-only (it requires `FILE_APPEND_DATA` without `FILE_WRITE_DATA`).
* Update `CodeMemory` to be `Send + Sync`
This commit updates the `CodeMemory` type in wasmtime to be both `Send`
and `Sync` by updating the implementation of `Mmap` to not store raw
pointers. This avoids the need for an `unsafe impl` and leaves the
unsafety as it is currently.
* Run rustfmt
* Rename `offset` to `ptr`
* Fix path_open granting more rights than requested
* Add missing rights checks in: fd_fdstat_set_flags, fd_filestat_get, poll_oneoff
* Fix `open_scratch_directory` not requesting any rights.
* Properly request needed rights in various tests
* Add some extra trace-level logging
* Remove a no-op restriction of rights to the ones returned by
`determine_type_rights`. It was redundant, because `FdEntry:from`
internally also called `determine_type_rights` and only dropped some of them.
* Per Instance signal handler
* add custom signal handler test
* add instance signal handling to callable.rs
* extend signal handler test to test callable.rs
* test multiple instances, multiple signal handlers
* support more than one current instance
import_calling_export.rs is a good example of why this is needed:
execution switches from one instance to another before the first one has
finished running
* add another custom signal handler test case
* move and update custom signal handler tests
* fmt
* fix libc version to 0.2
* call the correct instance signal handler
We keep a stack of instances so should call last() not first().
* move custom signal handler test to top level dir
* windows/mac signal handling wip
* os-specific signal handling wip
* disable custom signal handler test on windows
* fmt
* unify signal handling on mac and linux
This commit continues previous work and also #708 by removing the need
to use `HostRef<Module>` in the API of the `wasmtime` crate. The API
changes performed here are:
* The `Module` type is now itself internally reference counted.
* The `Module::store` function now returns the `Store` that was used to
create a `Module`
* Documentation for `Module` and its methods have been expanded.
* Remove the need for `HostRef<Module>`
This commit continues previous work and also #708 by removing the need
to use `HostRef<Module>` in the API of the `wasmtime` crate. The API
changes performed here are:
* The `Module` type is now itself internally reference counted.
* The `Module::store` function now returns the `Store` that was used to
create a `Module`
* Documentation for `Module` and its methods have been expanded.
* Fix compliation of test programs harness
* Fix the python extension
* Update `CodeMemory` to be `Send + Sync`
This commit updates the `CodeMemory` type in wasmtime to be both `Send`
and `Sync` by updating the implementation of `Mmap` to not store raw
pointers. This avoids the need for an `unsafe impl` and leaves the
unsafety as it is currently.
* Fix a typo
* Remove unsafety from `Trap` API
This commit removes the `unsafe impl Send` for `Trap` by removing the
internal `HostRef` and leaving `HostRef` entirely as an implementation
detail of the C API.
cc #708
* Run rustfmt
* Clean up fd_filestat_get implementation
This commit does 4 things:
* Adds `yanix::file::fstat`, a wrapper around `libc::fstat`.
* It essentially reverts 89fbde2 for Unix hosts -- in other words,
it brings back the use of `fstat` to obtain `libc::stat` from a
file descriptor, rather than relying on `std::fs::Metadata`. This
way, we reuse `host_impl::filestat_from_nix` in
`hostcalls_impl::fd_filestat_get` implementation rather than
unnecessarily duplicate code for converting filestats into
`__wasi_filestat_t`.
* Moves `crate::helpers::systemtime_to_timestamp` to Windows `host_impl`
module. It does the same thing with helpers which assist in converting
`std::fs::Metadata` into `__wasi_filestat_t`. This should retain symmetry
between *nix and Windows impls.
* Makes timestamp conversions in `host_impl::filestat_from_nix` fallible.
* Backport changes to snapshot0
* Signal no overflow with `from` rather than `as` cast
* Remove the need for `HostRef<Store>`
This commit goes through the public API of the `wasmtime` crate and
removes the need for `HostRef<Store>`, as discussed in #708. This commit
is accompanied with a few changes:
* The `Store` type now also implements `Default`, creating a new
`Engine` with default settings and returning that.
* The `Store` type now implements `Clone`, and is documented as being a
"cheap clone" aka being reference counted. As before there is no
supported way to create a deep clone of a `Store`.
* All APIs take/return `&Store` or `Store` instead of `HostRef<Store>`,
and `HostRef<T>` is left as purely a detail of the C API.
* The `global_exports` function is tagged as `#[doc(hidden)]` for now
while we await its removal.
* The `Store` type is not yet `Send` nor `Sync` due to the usage of
`global_exports`, but it is intended to become so eventually.
* Touch up comments on some examples
* Run rustfmt
This commit refactors the Wasmtime CLI tools to use `structopt` instead of
`docopt`.
The `wasmtime` tool now has the following subcommands:
* `config new` - creates a new Wasmtime configuration file.
* `run` - runs a WebAssembly module.
* `wasm2obj` - translates a Wasm module to native object file.
* `wast` - runs a test script file.
If no subcommand is specified, the `run` subcommand is used. Thus,
`wasmtime foo.wasm` should continue to function as expected.
The `wasm2obj` and `wast` tools still exist, but delegate to the same
implementation as the `wasmtime` subcommands. The standalone `wasm2obj` and
`wast` tools may be removed in the future in favor of simply using `wasmtime`.
Included in this commit is a breaking change to the default Wasmtime
configuration file: it has been renamed from `wasmtime-cache-config.toml` to
simply `config.toml`. The new name is less specific which will allow for
additional (non-cache-related) settings in the future.
There are some breaking changes to improve command line UX:
* The `--cache-config` option has been renamed to `--config`.
* The `--create-config-file` option has moved to the `config new` subcommand.
As a result, the `wasm2obj` and `wast` tools cannot be used to create a new
config file.
* The short form of the `--optimize` option has changed from
`-o` to `-O` for consistency.
* The `wasm2obj` command takes the output object file as a
required positional argument rather than the former required output *option*
(e.g. `wasmtime wasm2obj foo.wasm foo.obj`).
* Build docs with the nightly toolchain so [foo::bar] links work by
default. This is a relatively new feature of rustdoc and I thought it
was stabilized at this point but apparently it's not!
* Tweak some API docs on `wasmtime::Strategy`
* Use `--all` to build all local crate documentation instead of trying
to list the number of local crates
* Tweak some documentation configuration to avoid warnings generated by
Cargo.
* Remove the `Flags` type from `Config` API
This commit removes the final foreign type from the `Config` API in the
`wasmtime` crate. The cranelift `Flags` type is now expanded into
various options on the `Config` structure itself, all prefixed with
`cranelift_` since they're only relevant to the Cranelift backend. The
various changes here were:
* The `avoid_div_traps` feature is enabled by default since it seemed
that was done anywhere anyway.
* Enabling the wasm SIMD feature enables the requisite features in
Cranelift as well.
* A method for enabling the debug verifier has been added.
* A method for configuring the Cranelift optimization level, as well as
a corresponding enumeration, has been added.
* Assert that `Config` is both `Send` and `Sync`
* Ensure `Trap` is returned for start function traps
Handle another case of errors coming out of instantiation, resolve a
FIXME, and remove an unneeded dependency from the wast testsuite crate.
* Run rustfmt
* Remove usage of `CompilationStrategy` from `Config`
This commit removes the public API usage of the internal
`CompilationStrategy` enumeration from the `Config` type in the
`wasmtime` crate. To do this the `enum` was copied locally into the
crate and renamed `Strategy`. The high-level description of this change
is:
* The `Config::strategy` method now takes a locally-defined `Strategy`
enumeration instead of an internal type.
* The contents of `Strategy` are always the same, not relying on Cargo
features to indicate which variants are present. This avoids
unnecessary downstream `#[cfg]`.
* A `lightbeam` feature was added to the `wasmtime` crate itself to
lightbeam compilation support.
* The `Config::strategy` method is now fallible. It returns a runtime
error if support for the selected strategy wasn't compiled in.
* The `Strategy` enum is listed as `#[non_exhaustive]` so we can safely
add variants over time to it.
This reduces the public crate dependencies of the `wasmtime` crate
itself, removing the need to reach into internal crates even more!
cc #708
* Fix fuzz targets
* Update nightly used to build releases
* Run rustfmt
Instead expose a number of boolean accessors which doesn't require users
to construct a foreign `Features` type and allows us to decouple the API
of the `wasmtime` crate from the underlying implementation detail.
This commit removes the need to use `HostRef<Engine>` in the Rust API.
Usage is retained in the C API in one location, but otherwise `Engine`
can always be used directly.
This is the first step of progress on #708 for the `Engine` type.
Changes here include:
* `Engine` is now `Clone`, and is documented as being cheap. It's not
intended that cloning an engine creates a deep copy.
* `Engine` is now both `Send` and `Sync`, and asserted to be so.
* Usage of `Engine` in APIs no longer requires or uses `HostRef`.
* Use thiserror proc macros for auto From impls
This commit refactors `wasi_common::error::Error` by using `#[from]`
proc macro to autoderive `From` for wrapped errors.
* Back port changes to snapshot0
* Auto impl Display for WasiError
* Fix stack overflow when auto generating Display for WasiError
* Initial support for securing tty I/O.
* Update the tests.
* Fix warnings
* Update crates/wasi-common/src/fdentry.rs
Co-Authored-By: Jakub Konka <jakub.konka@golem.network>
* Properly sandbox stderr.
* Document why the scratch buffer is 4 elements long.
* Update crates/wasi-common/src/sandboxed_tty_writer.rs
Co-Authored-By: Jakub Konka <jakub.konka@golem.network>
* Update crates/wasi-common/src/sandboxed_tty_writer.rs
Co-Authored-By: Jakub Konka <jakub.konka@golem.network>
* Add comments explaining how we report the number of bytes written.
* Always sanitize stderr.
* Port the changes to the snapshot_0 directory.
* Fix snapshot_0 compilation error.
* Replace the scratch buffer with a temporary buffer.
* Update crates/wasi-common/src/sandboxed_tty_writer.rs
Co-Authored-By: bjorn3 <bjorn3@users.noreply.github.com>
* Format with latest stable rustfmt.
Co-authored-by: Jakub Konka <kubkon@jakubkonka.com>
Co-authored-by: bjorn3 <bjorn3@users.noreply.github.com>
* Add unimplemented stubs for Cranelift interfaces
Cranelift changes to FuncEnvironment, TargetEnvironment, and GlobalInit (see https://github.com/bytecodealliance/cranelift/pull/1073) require these changes to compile wasmtime.
* Upgrade Cranelift to 0.52.0
This commit updates _all_ WASI test programs to use the latest
version of the `wasi` crate (`v0.9.0`). While at it, it also
unifies asserting error conditions across all test programs.
* Update the `*.wast` runner to use the `wasmtime` API
This commit migrates the `wasmtime-wast` crate, which executes `*.wast`
test suites, to use the `wasmtime` crate exclusively instead of the raw
support provided by the `wasmtime-*` family of crates.
The primary motivation for this change is to use `*.wast` test to test
the support for interface types, but interface types is only being added
in the `wasmtime` crate for now rather than all throughout the core
crates. This means that without this transition it's much more difficult
to write tests for wasm interface types!
A secondary motivation for this is that it's testing the support we
provide to users through the `wasmtime` crate, since that's the
expectation of what most users would use rather than the raw
`wasmtime-*` crates.
* Run rustfmt
* Fix the multi example
* Handle v128 values in the `wasmtime` crate
Ensure that we allocate 128-bit stack slots instead of 64-bit stack
slots.
* Update to master
* Add comment
This commit uses the `*.witx` files describing the current wasi API to
reduce the boilerplate used to define implementations in the
`wasmtime-wasi` crate. Eventually I'd like to remove lots of boilerplate
in the `wasi-common` crate too, but this should at least be a good start!
The boilerplate removed here is:
* No need to list each function to add it to the
`wasmtime_runtime::Module` being created
* No need to list the signature of the function in a separate
`syscalls.rs` file.
Instead the `*.witx` file is processed in a single-use macro inside the
`wasmtime-wasi` crate. This macro uses the signatures known from
`*.witx` to automatically register with the right type in the wasm
module as well as define a wrapper that the wasm module will call into.
Functionally this is all the same as before, it's just defined in a
different way now!
The shim generated by this macro which wasmtime calls into only uses
`i32`/`i64`/etc wasm types, and it internally uses `as` casts to convert
to the right wasi types when delegating into the `wasi-common` crate.
One change was necessary to get this implemented, however. The functions
in `wasi-common` sometimes took `WasiCtx` and sometimes took a slice of
memory. After this PR they uniformly all require both `WasiCtx` and
memory so the wrappers can be auto-generated. The arguments are ignored
if they weren't previously required.
* Correctly handle possibly misaligned pointers in readdir
This reapplies #615, which was inadvertently reverted.
* Tidy up unneeded `self::` qualifiers.
* Make Dir's contents private.
Also remove the `unsafe` from `impl_iter`. With `Dir`'s field being
private, we can rely on the pointer being only what we've assigned to
it.
* Make `poll`'s timeout argument a `libc::c_int`.
This clarifies that there are no subsequent conversions before calling the
underlying libc API.
* Use clock_gettime instead of clock_getres to get the time.
* Mark FileType::from_raw as safe.
It handles unknown values, so it can be marked safe.
