T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
d9dfc44c32d47c9627858075dfa02e3190e8b876
wasmtime/crates/runtime/src/lib.rs
Alex Crichton 15bb0c6903 Remove the ModuleLimits pooling configuration structure (#3837) 
* Remove the `ModuleLimits` pooling configuration structure

This commit is an attempt to improve the usability of the pooling
allocator by removing the need to configure a `ModuleLimits` structure.
Internally this structure has limits on all forms of wasm constructs but
this largely bottoms out in the size of an allocation for an instance in
the instance pooling allocator. Maintaining this list of limits can be
cumbersome as modules may get tweaked over time and there's otherwise no
real reason to limit the number of globals in a module since the main
goal is to limit the memory consumption of a `VMContext` which can be
done with a memory allocation limit rather than fine-tuned control over
each maximum and minimum.

The new approach taken in this commit is to remove `ModuleLimits`. Some
fields, such as `tables`, `table_elements` , `memories`, and
`memory_pages` are moved to `InstanceLimits` since they're still
enforced at runtime. A new field `size` is added to `InstanceLimits`
which indicates, in bytes, the maximum size of the `VMContext`
allocation. If the size of a `VMContext` for a module exceeds this value
then instantiation will fail.

This involved adding a few more checks to `{Table, Memory}::new_static`
to ensure that the minimum size is able to fit in the allocation, since
previously modules were validated at compile time of the module that
everything fit and that validation no longer happens (it happens at
runtime).

A consequence of this commit is that Wasmtime will have no built-in way
to reject modules at compile time if they'll fail to be instantiated
within a particular pooling allocator configuration. Instead a module
must attempt instantiation see if a failure happens.

* Fix benchmark compiles

* Fix some doc links

* Fix a panic by ensuring modules have limited tables/memories

* Review comments

* Add back validation at `Module` time instantiation is possible

This allows for getting an early signal at compile time that a module
will never be instantiable in an engine with matching settings.

* Provide a better error message when sizes are exceeded

Improve the error message when an instance size exceeds the maximum by
providing a breakdown of where the bytes are all going and why the large
size is being requested.

* Try to fix test in qemu

* Flag new test as 64-bit only

Sizes are all specific to 64-bit right now
2022-02-25 09:11:51 -06:00

198 lines
7.4 KiB
Rust
Raw Blame History

//! Runtime library support for Wasmtime.
#![deny(missing_docs, trivial_numeric_casts, unused_extern_crates)]
#![warn(unused_import_braces)]
#![cfg_attr(feature = "clippy", plugin(clippy(conf_file = "../../clippy.toml")))]
#![cfg_attr(
feature = "cargo-clippy",
allow(clippy::new_without_default, clippy::new_without_default)
)]
#![cfg_attr(
feature = "cargo-clippy",
warn(
clippy::float_arithmetic,
clippy::mut_mut,
clippy::nonminimal_bool,
clippy::map_unwrap_or,
clippy::clippy::print_stdout,
clippy::unicode_not_nfc,
clippy::use_self
)
)]
#![cfg_attr(not(memory_init_cow), allow(unused_variables, unreachable_code))]
use std::sync::atomic::AtomicU64;
use std::sync::Arc;
use anyhow::Error;
use wasmtime_environ::DefinedFuncIndex;
use wasmtime_environ::DefinedMemoryIndex;
use wasmtime_environ::FunctionInfo;
use wasmtime_environ::SignatureIndex;
mod export;
mod externref;
mod imports;
mod instance;
mod memory;
mod mmap;
mod mmap_vec;
mod table;
mod traphandlers;
mod vmcontext;
pub mod debug_builtins;
pub mod libcalls;
pub use wasmtime_jit_debug::gdb_jit_int::GdbJitImageRegistration;
pub use crate::export::*;
pub use crate::externref::*;
pub use crate::imports::Imports;
pub use crate::instance::{
InstanceAllocationRequest, InstanceAllocator, InstanceHandle, InstantiationError, LinkError,
OnDemandInstanceAllocator, StorePtr,
};
#[cfg(feature = "pooling-allocator")]
pub use crate::instance::{InstanceLimits, PoolingAllocationStrategy, PoolingInstanceAllocator};
pub use crate::memory::{DefaultMemoryCreator, Memory, RuntimeLinearMemory, RuntimeMemoryCreator};
pub use crate::mmap::Mmap;
pub use crate::mmap_vec::MmapVec;
pub use crate::table::{Table, TableElement};
pub use crate::traphandlers::{
catch_traps, init_traps, raise_lib_trap, raise_user_trap, resume_panic, tls_eager_initialize,
SignalHandler, TlsRestore, Trap,
};
pub use crate::vmcontext::{
VMCallerCheckedAnyfunc, VMContext, VMFunctionBody, VMFunctionImport, VMGlobalDefinition,
VMGlobalImport, VMInterrupts, VMInvokeArgument, VMMemoryDefinition, VMMemoryImport,
VMSharedSignatureIndex, VMTableDefinition, VMTableImport, VMTrampoline, ValRaw,
};
mod module_id;
pub use module_id::{CompiledModuleId, CompiledModuleIdAllocator};
#[cfg(memory_init_cow)]
mod cow;
#[cfg(memory_init_cow)]
pub use crate::cow::{MemoryImage, MemoryImageSlot, ModuleMemoryImages};
#[cfg(not(memory_init_cow))]
mod cow_disabled;
#[cfg(not(memory_init_cow))]
pub use crate::cow_disabled::{MemoryImage, MemoryImageSlot, ModuleMemoryImages};
/// Version number of this crate.
pub const VERSION: &str = env!("CARGO_PKG_VERSION");
/// Dynamic runtime functionality needed by this crate throughout the execution
/// of a wasm instance.
///
/// This trait is used to store a raw pointer trait object within each
/// `VMContext`. This raw pointer trait object points back to the
/// `wasmtime::Store` internally but is type-erased so this `wasmtime_runtime`
/// crate doesn't need the entire `wasmtime` crate to build.
///
/// Note that this is an extra-unsafe trait because no heed is paid to the
/// lifetime of this store or the Send/Sync-ness of this store. All of that must
/// be respected by embedders (e.g. the `wasmtime::Store` structure). The theory
/// is that `wasmtime::Store` handles all this correctly.
pub unsafe trait Store {
/// Returns the raw pointer in memory where this store's shared
/// `VMInterrupts` structure is located.
///
/// Used to configure `VMContext` initialization and store the right pointer
/// in the `VMContext`.
fn vminterrupts(&self) -> *mut VMInterrupts;
/// Returns a pointer to the global epoch counter.
///
/// Used to configure the `VMContext` on initialization.
fn epoch_ptr(&self) -> *const AtomicU64;
/// Returns the externref management structures necessary for this store.
///
/// The first element returned is the table in which externrefs are stored
/// throughout wasm execution, and the second element is how to look up
/// module information for gc requests.
fn externref_activations_table(
&mut self,
) -> (&mut VMExternRefActivationsTable, &dyn ModuleInfoLookup);
/// Callback invoked to allow the store's resource limiter to reject a
/// memory grow operation.
fn memory_growing(
&mut self,
current: usize,
desired: usize,
maximum: Option<usize>,
) -> Result<bool, Error>;
/// Callback invoked to notify the store's resource limiter that a memory
/// grow operation has failed.
fn memory_grow_failed(&mut self, error: &Error);
/// Callback invoked to allow the store's resource limiter to reject a
/// table grow operation.
fn table_growing(
&mut self,
current: u32,
desired: u32,
maximum: Option<u32>,
) -> Result<bool, Error>;
/// Callback invoked to notify the store's resource limiter that a table
/// grow operation has failed.
fn table_grow_failed(&mut self, error: &Error);
/// Callback invoked whenever fuel runs out by a wasm instance. If an error
/// is returned that's raised as a trap. Otherwise wasm execution will
/// continue as normal.
fn out_of_gas(&mut self) -> Result<(), Error>;
/// Callback invoked whenever an instance observes a new epoch
/// number. Cannot fail; cooperative epoch-based yielding is
/// completely semantically transparent. Returns the new deadline.
fn new_epoch(&mut self) -> Result<u64, Error>;
}
/// Functionality required by this crate for a particular module. This
/// is chiefly needed for lazy initialization of various bits of
/// instance state.
///
/// When an instance is created, it holds an Arc<dyn ModuleRuntimeInfo>
/// so that it can get to signatures, metadata on functions, memory and
/// funcref-table images, etc. All of these things are ordinarily known
/// by the higher-level layers of Wasmtime. Specifically, the main
/// implementation of this trait is provided by
/// `wasmtime::module::ModuleInner`. Since the runtime crate sits at
/// the bottom of the dependence DAG though, we don't know or care about
/// that; we just need some implementor of this trait for each
/// allocation request.
pub trait ModuleRuntimeInfo: Send + Sync + 'static {
/// The underlying Module.
fn module(&self) -> &Arc<wasmtime_environ::Module>;
/// The signatures.
fn signature(&self, index: SignatureIndex) -> VMSharedSignatureIndex;
/// The base address of where JIT functions are located.
fn image_base(&self) -> usize;
/// Descriptors about each compiled function, such as the offset from
/// `image_base`.
fn function_info(&self, func_index: DefinedFuncIndex) -> &FunctionInfo;
/// Returns the `MemoryImage` structure used for copy-on-write
/// initialization of the memory, if it's applicable.
fn memory_image(&self, memory: DefinedMemoryIndex)
-> anyhow::Result<Option<&Arc<MemoryImage>>>;
/// A unique ID for this particular module. This can be used to
/// allow for fastpaths to optimize a "re-instantiate the same
/// module again" case.
fn unique_id(&self) -> Option<CompiledModuleId>;
/// A slice pointing to all data that is referenced by this instance.
fn wasm_data(&self) -> &[u8];
/// Returns an array, indexed by `SignatureIndex` of all
/// `VMSharedSignatureIndex` entries corresponding to the `SignatureIndex`.
fn signature_ids(&self) -> &[VMSharedSignatureIndex];
}
Reference in New Issue View Git Blame Copy Permalink