T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
2697a18d2f6907ab957ca6578389030b55cc55a9
wasmtime/tests/all/pooling_allocator.rs
Alex Crichton 2697a18d2f Redo the statically typed Func API (#2719) 
* Redo the statically typed `Func` API

This commit reimplements the `Func` API with respect to statically typed
dispatch. Previously `Func` had a `getN` and `getN_async` family of
methods which were implemented for 0 to 16 parameters. The return value
of these functions was an `impl Fn(..)` closure with the appropriate
parameters and return values.

There are a number of downsides with this approach that have become
apparent over time:

* The addition of `*_async` doubled the API surface area (which is quite
  large here due to one-method-per-number-of-parameters).
* The [documentation of `Func`][old-docs] are quite verbose and feel
  "polluted" with all these getters, making it harder to understand the
  other methods that can be used to interact with a `Func`.
* These methods unconditionally pay the cost of returning an owned `impl
  Fn` with a `'static` lifetime. While cheap, this is still paying the
  cost for cloning the `Store` effectively and moving data into the
  closed-over environment.
* Storage of the return value into a struct, for example, always
  requires `Box`-ing the returned closure since it otherwise cannot be
  named.
* Recently I had the desire to implement an "unchecked" path for
  invoking wasm where you unsafely assert the type signature of a wasm
  function. Doing this with today's scheme would require doubling
  (again) the API surface area for both async and synchronous calls,
  further polluting the documentation.

The main benefit of the previous scheme is that by returning a `impl Fn`
it was quite easy and ergonomic to actually invoke the function. In
practice, though, examples would often have something akin to
`.get0::<()>()?()?` which is a lot of things to interpret all at once.
Note that `get0` means "0 parameters" yet a type parameter is passed.
There's also a double function invocation which looks like a lot of
characters all lined up in a row.

Overall, I think that the previous design is starting to show too many
cracks and deserves a rewrite. This commit is that rewrite.

The new design in this commit is to delete the `getN{,_async}` family of
functions and instead have a new API:

    impl Func {
        fn typed<P, R>(&self) -> Result<&Typed<P, R>>;
    }

    impl Typed<P, R> {
        fn call(&self, params: P) -> Result<R, Trap>;
        async fn call_async(&self, params: P) -> Result<R, Trap>;
    }

This should entirely replace the current scheme, albeit by slightly
losing ergonomics use cases. The idea behind the API is that the
existence of `Typed<P, R>` is a "proof" that the underlying function
takes `P` and returns `R`. The `Func::typed` method peforms a runtime
type-check to ensure that types all match up, and if successful you get
a `Typed` value. Otherwise an error is returned.

Once you have a `Typed` then, like `Func`, you can either `call` or
`call_async`. The difference with a `Typed`, however, is that the
params/results are statically known and hence these calls can be much
more efficient.

This is a much smaller API surface area from before and should greatly
simplify the `Func` documentation. There's still a problem where
`Func::wrapN_async` produces a lot of functions to document, but that's
now the sole offender. It's a nice benefit that the
statically-typed-async verisons are now expressed with an `async`
function rather than a function-returning-a-future which makes it both
more efficient and easier to understand.

The type `P` and `R` are intended to either be bare types (e.g. `i32`)
or tuples of any length (including 0). At this time `R` is only allowed
to be `()` or a bare `i32`-style type because multi-value is not
supported with a native ABI (yet). The `P`, however, can be any size of
tuples of parameters. This is also where some ergonomics are lost
because instead of `f(1, 2)` you now have to write `f.call((1, 2))`
(note the double-parens). Similarly `f()` becomes `f.call(())`.

Overall I feel that this is a better tradeoff than before. While not
universally better due to the loss in ergonomics I feel that this design
is much more flexible in terms of what you can do with the return value
and also understanding the API surface area (just less to take in).

[old-docs]: https://docs.rs/wasmtime/0.24.0/wasmtime/struct.Func.html#method.get0

* Rename Typed to TypedFunc

* Implement multi-value returns through `Func::typed`

* Fix examples in docs

* Fix some more errors

* More test fixes

* Rebasing and adding `get_typed_func`

* Updating tests

* Fix typo

* More doc tweaks

* Tweak visibility on `Func::invoke`

* Fix tests again
2021-03-11 14:43:34 -06:00

437 lines
13 KiB
Rust
Raw Blame History

use anyhow::Result;
use wasmtime::*;
#[test]
fn successful_instantiation() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 1,
table_elements: 10,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
memory_reservation_size: 1,
},
});
let engine = Engine::new(&config)?;
let module = Module::new(&engine, r#"(module (memory 1) (table 10 funcref))"#)?;
// Module should instantiate
let store = Store::new(&engine);
Instance::new(&store, &module, &[])?;
Ok(())
}
#[test]
fn memory_limit() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 3,
table_elements: 10,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
memory_reservation_size: 196608,
},
});
let engine = Engine::new(&config)?;
// Module should fail to validate because the minimum is greater than the configured limit
match Module::new(&engine, r#"(module (memory 4))"#) {
Ok(_) => panic!("module compilation should fail"),
Err(e) => assert_eq!(
e.to_string(),
"memory index 0 has a minimum page size of 4 which exceeds the limit of 3"
),
}
let module = Module::new(
&engine,
r#"(module (memory (export "m") 0) (func (export "f") (result i32) (memory.grow (i32.const 1))))"#,
)?;
// Instantiate the module and grow the memory via the `f` function
{
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let f = instance.get_typed_func::<(), i32>("f")?;
assert_eq!(f.call(()).expect("function should not trap"), 0);
assert_eq!(f.call(()).expect("function should not trap"), 1);
assert_eq!(f.call(()).expect("function should not trap"), 2);
assert_eq!(f.call(()).expect("function should not trap"), -1);
assert_eq!(f.call(()).expect("function should not trap"), -1);
}
// Instantiate the module and grow the memory via the Wasmtime API
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let memory = instance.get_memory("m").unwrap();
assert_eq!(memory.size(), 0);
assert_eq!(memory.grow(1).expect("memory should grow"), 0);
assert_eq!(memory.size(), 1);
assert_eq!(memory.grow(1).expect("memory should grow"), 1);
assert_eq!(memory.size(), 2);
assert_eq!(memory.grow(1).expect("memory should grow"), 2);
assert_eq!(memory.size(), 3);
assert!(memory.grow(1).is_err());
Ok(())
}
#[test]
fn memory_init() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 2,
table_elements: 0,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
..Default::default()
},
});
let engine = Engine::new(&config)?;
let module = Module::new(
&engine,
r#"(module (memory (export "m") 2) (data (i32.const 65530) "this data spans multiple pages") (data (i32.const 10) "hello world"))"#,
)?;
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let memory = instance.get_memory("m").unwrap();
unsafe {
assert_eq!(
&memory.data_unchecked()[65530..65560],
b"this data spans multiple pages"
);
assert_eq!(&memory.data_unchecked()[10..21], b"hello world");
}
Ok(())
}
#[test]
fn memory_guard_page_trap() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 2,
table_elements: 0,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
..Default::default()
},
});
let engine = Engine::new(&config)?;
let module = Module::new(
&engine,
r#"(module (memory (export "m") 0) (func (export "f") (param i32) local.get 0 i32.load drop))"#,
)?;
// Instantiate the module and check for out of bounds trap
for _ in 0..10 {
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let m = instance.get_memory("m").unwrap();
let f = instance.get_typed_func::<i32, ()>("f")?;
let trap = f.call(0).expect_err("function should trap");
assert!(trap.to_string().contains("out of bounds"));
let trap = f.call(1).expect_err("function should trap");
assert!(trap.to_string().contains("out of bounds"));
m.grow(1).expect("memory should grow");
f.call(0).expect("function should not trap");
let trap = f.call(65536).expect_err("function should trap");
assert!(trap.to_string().contains("out of bounds"));
let trap = f.call(65537).expect_err("function should trap");
assert!(trap.to_string().contains("out of bounds"));
m.grow(1).expect("memory should grow");
f.call(65536).expect("function should not trap");
m.grow(1).expect_err("memory should be at the limit");
}
Ok(())
}
#[test]
#[cfg_attr(target_arch = "aarch64", ignore)] // https://github.com/bytecodealliance/wasmtime/pull/2518#issuecomment-747280133
fn memory_zeroed() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 1,
table_elements: 0,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
memory_reservation_size: 1,
},
});
let engine = Engine::new(&config)?;
let module = Module::new(&engine, r#"(module (memory (export "m") 1))"#)?;
// Instantiate the module repeatedly after writing data to the entire memory
for _ in 0..10 {
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let memory = instance.get_memory("m").unwrap();
assert_eq!(memory.size(), 1);
assert_eq!(memory.data_size(), 65536);
let ptr = memory.data_ptr();
unsafe {
for i in 0..8192 {
assert_eq!(*ptr.cast::<u64>().offset(i), 0);
}
std::ptr::write_bytes(ptr, 0xFE, memory.data_size());
}
}
Ok(())
}
#[test]
fn table_limit() -> Result<()> {
const TABLE_ELEMENTS: u32 = 10;
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 1,
table_elements: TABLE_ELEMENTS,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
memory_reservation_size: 1,
},
});
let engine = Engine::new(&config)?;
// Module should fail to validate because the minimum is greater than the configured limit
match Module::new(&engine, r#"(module (table 31 funcref))"#) {
Ok(_) => panic!("module compilation should fail"),
Err(e) => assert_eq!(
e.to_string(),
"table index 0 has a minimum element size of 31 which exceeds the limit of 10"
),
}
let module = Module::new(
&engine,
r#"(module (table (export "t") 0 funcref) (func (export "f") (result i32) (table.grow (ref.null func) (i32.const 1))))"#,
)?;
// Instantiate the module and grow the table via the `f` function
{
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let f = instance.get_typed_func::<(), i32>("f")?;
for i in 0..TABLE_ELEMENTS {
assert_eq!(f.call(()).expect("function should not trap"), i as i32);
}
assert_eq!(f.call(()).expect("function should not trap"), -1);
assert_eq!(f.call(()).expect("function should not trap"), -1);
}
// Instantiate the module and grow the table via the Wasmtime API
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let table = instance.get_table("t").unwrap();
for i in 0..TABLE_ELEMENTS {
assert_eq!(table.size(), i);
assert_eq!(
table
.grow(1, Val::FuncRef(None))
.expect("table should grow"),
i
);
}
assert_eq!(table.size(), TABLE_ELEMENTS);
assert!(table.grow(1, Val::FuncRef(None)).is_err());
Ok(())
}
#[test]
fn table_init() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 0,
table_elements: 6,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
..Default::default()
},
});
let engine = Engine::new(&config)?;
let module = Module::new(
&engine,
r#"(module (table (export "t") 6 funcref) (elem (i32.const 1) 1 2 3 4) (elem (i32.const 0) 0) (func) (func (param i32)) (func (param i32 i32)) (func (param i32 i32 i32)) (func (param i32 i32 i32 i32)))"#,
)?;
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let table = instance.get_table("t").unwrap();
for i in 0..5 {
let v = table.get(i).expect("table should have entry");
let f = v
.funcref()
.expect("expected funcref")
.expect("expected non-null value");
assert_eq!(f.ty().params().len(), i as usize);
}
assert!(
table
.get(5)
.expect("table should have entry")
.funcref()
.expect("expected funcref")
.is_none(),
"funcref should be null"
);
Ok(())
}
#[test]
#[cfg_attr(target_arch = "aarch64", ignore)] // https://github.com/bytecodealliance/wasmtime/pull/2518#issuecomment-747280133
fn table_zeroed() -> Result<()> {
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 1,
table_elements: 10,
..Default::default()
},
instance_limits: InstanceLimits {
count: 1,
memory_reservation_size: 1,
},
});
let engine = Engine::new(&config)?;
let module = Module::new(&engine, r#"(module (table (export "t") 10 funcref))"#)?;
// Instantiate the module repeatedly after filling table elements
for _ in 0..10 {
let store = Store::new(&engine);
let instance = Instance::new(&store, &module, &[])?;
let table = instance.get_table("t").unwrap();
let f = Func::wrap(&store, || {});
assert_eq!(table.size(), 10);
for i in 0..10 {
match table.get(i).unwrap() {
Val::FuncRef(r) => assert!(r.is_none()),
_ => panic!("expected a funcref"),
}
table.set(i, Val::FuncRef(Some(f.clone()))).unwrap();
}
}
Ok(())
}
#[test]
fn instantiation_limit() -> Result<()> {
const INSTANCE_LIMIT: u32 = 10;
let mut config = Config::new();
config.allocation_strategy(InstanceAllocationStrategy::Pooling {
strategy: PoolingAllocationStrategy::NextAvailable,
module_limits: ModuleLimits {
memory_pages: 1,
table_elements: 10,
..Default::default()
},
instance_limits: InstanceLimits {
count: INSTANCE_LIMIT,
memory_reservation_size: 1,
},
});
let engine = Engine::new(&config)?;
let module = Module::new(&engine, r#"(module)"#)?;
// Instantiate to the limit
{
let store = Store::new(&engine);
for _ in 0..INSTANCE_LIMIT {
Instance::new(&store, &module, &[])?;
}
match Instance::new(&store, &module, &[]) {
Ok(_) => panic!("instantiation should fail"),
Err(e) => assert_eq!(
e.to_string(),
format!(
"Limit of {} concurrent instances has been reached",
INSTANCE_LIMIT
)
),
}
}
// With the above store dropped, ensure instantiations can be made
let store = Store::new(&engine);
for _ in 0..INSTANCE_LIMIT {
Instance::new(&store, &module, &[])?;
}
Ok(())
}
Reference in New Issue View Git Blame Copy Permalink