pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-06-26 21:41:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f95408b346abff811ef6d68378ed4d5cdf4d4285
pezkuwi-subxt/substrate/client/executor/wasmtime/src/instance_wrapper.rs
T
Dmitry Kashitsyn 61606a0b3b Integrate Wasmer into Substrate sandbox environment (#5920) 
* Add comments and refactor Sandbox module

* Adds some comments

* Add wasmtime instance to the sandbox and delegate calls

* Adds module imports stub

* WIP state holder via *mut

* My take at the problem

* Brings back invoke and instantiate implementation details

* Removes redundant bound

* Code cleanup

* Fixes invoke closure

* Refactors FunctionExecutor to eliminate lifetime

* Wraps `FunctionExecutor::sandbox_store` in `RefCell`

* Renames `FunctionExecutor::heap` to `allocator`

* Wraps `FunctionExecutor::allocator` in `RefCell`

* Refactors FunctionExecutor to `Rc<Inner>` pattern

* Implements scoped TLS for FunctionExecutor

* Fixes wasmi instancing

* Fixes sandbox asserts

* Makes sandbox compile after wasmtime API change

* Uses Vurich/wasmtime for the Lightbeam backend

* Uses wasmtime instead of wasmi for sandbox API results

* Refactors sandbox to use one  of the execution backends at a time

* Fixes wasmtime module instantiation

* TEMP vurich branch stuff

* Adds wasmer impl stub

* Adds get global

* Fixes warnings

* Adds wasmer invoke impl

* Implements host function interface for wasmer

* Fixes wasmer instantiation result

* Adds workaround to remove debug_assert

* Fixes import object generation for wasmer

* Attempt to propagate wasmer::Store through sandbox::Store

* Wraps `sandbox::Store::memories` in `RefCell`

* Moves `sandbox::instantiate` to `sandbox::Store`

* Eliminate `RefCell<memories>`

* Implements `HostState::memory_get/set`, removes accidental `borrow_mut`

* Fixes sandbox memory handling for wasmi

* Fix memory allocation

* Resets Cargo.lock to match master

* Fixes compilation

* Refactors sandbox to use TLS for dispatch_thunk propagation to wasmer

* Pass dispatch thunk to the sandbox as a TLS

* Initialize dispatch thunk holder in `SandboxInstance`

* Comment out Wasmtime/Lightbeam sandbox backend

* Revert wasmtime back to mainstream

* Adds SandboxExecutionMethod enum for cli param

* Cleanup sandbox code

* Allow wasmi to access wasmer memory regions

* More cleanup

* Remove debug logging, replace asserts with runtime errors

* Revert "Adds SandboxExecutionMethod enum for cli param"

This reverts commit dcb2b1d3b54145ab51ad2e3fef0d980ba215b596.

* Fixes warnings

* Fixes indentation and line width

* Fix return types condition

* Puts everything related under the `wasmer-sandbox` feature flag

* Fixes warnings

* Address grumbles

* Split instantiate per backend

* More splits

* Refacmemory allocation

* Nitpicks

* Attempt to wrap wasmer memory in protoco enforcing type

* Revert renaming

* WIP wasm buffer proxy API

* Reimplement util::wasmer::MemoryRef to use buffers instead of memory slices

* Adds WasmiMemoryWrapper and MemoryTransfer trait

* Refactor naming

* Perform all memory transfers using MemoryTransfer

* Adds allocating `read`

* Adds comments

* Removes unused imports

* Removes now unused function

* Pulls Cargo.lock from origin/master

* Fix rustdoc

* Removes unused `TransferError`

* Update Cargo.lock

* Removes unused import

* cargo fmt

* Fix feature dependency graph

* Feature should flow from the top level crate
	* We should not assume a specific workspace structure
* sc-executor-wasmi does not use the feature
* sc-executor-wasmtime should not know about the feature

* Fix doc typo

* Enable wasmer-sandbox by default (for now)

It will be removed before merge. It is so that the benchbot
uses the wasmer sandbox.

* cargo run --quiet --release --features=runtime-benchmarks --manifest-path=bin/node/cli/Cargo.toml -- benchmark --chain=dev --steps=50 --repeat=20 --pallet=pallet_contracts --extrinsic=* --execution=wasm --wasm-execution=compiled --heap-pages=4096 --output=./frame/contracts/src/weights.rs --template=./.maintain/frame-weight-template.hbs

* Revert "cargo run --quiet --release --features=runtime-benchmarks --manifest-path=bin/node/cli/Cargo.toml -- benchmark --chain=dev --steps=50 --repeat=20 --pallet=pallet_contracts --extrinsic=* --execution=wasm --wasm-execution=compiled --heap-pages=4096 --output=./frame/contracts/src/weights.rs --template=./.maintain/frame-weight-template.hbs"

This reverts commit d713590ba45387c4204b2ad97c8bd6f6ebabda4e.

* cargo fmt

* Add ci-check to prevent wasmer sandbox build breaking

* Run tests with wasmer-sandbox enabled

* Revert "Run tests with wasmer-sandbox enabled"

This reverts commit cff63156a162f9ffdab23e7cb94a30f44e320f8a.

Co-authored-by: Sergei Shulepov <s.pepyakin@gmail.com>
Co-authored-by: Andrew Jones <ascjones@gmail.com>
Co-authored-by: Alexander Theißen <alex.theissen@me.com>
Co-authored-by: Parity Benchmarking Bot <admin@parity.io>
2021-08-19 13:04:13 +00:00

470 lines
14 KiB
Rust
Raw Blame History

// This file is part of Substrate.
// Copyright (C) 2020-2021 Parity Technologies (UK) Ltd.
// SPDX-License-Identifier: GPL-3.0-or-later WITH Classpath-exception-2.0
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
//! Defines data and logic needed for interaction with an WebAssembly instance of a substrate
//! runtime module.
use crate::{
imports::Imports,
util::{from_wasmtime_val, into_wasmtime_val},
};
use sc_executor_common::{
error::{Error, Result},
runtime_blob,
util::checked_range,
wasm_runtime::InvokeMethod,
};
use sp_wasm_interface::{Pointer, Value, WordSize};
use std::{marker, slice};
use wasmtime::{Extern, Func, Global, Instance, Memory, Module, Store, Table, Val};
/// Invoked entrypoint format.
pub enum EntryPointType {
/// Direct call.
///
/// Call is made by providing only payload reference and length.
Direct { entrypoint: wasmtime::TypedFunc<(u32, u32), u64> },
/// Indirect call.
///
/// Call is made by providing payload reference and length, and extra argument
/// for advanced routing.
Wrapped {
/// The extra argument passed to the runtime. It is typically a wasm function pointer.
func: u32,
dispatcher: wasmtime::TypedFunc<(u32, u32, u32), u64>,
},
}
/// Wasm blob entry point.
pub struct EntryPoint {
call_type: EntryPointType,
}
impl EntryPoint {
/// Call this entry point.
pub fn call(&self, data_ptr: Pointer<u8>, data_len: WordSize) -> Result<u64> {
let data_ptr = u32::from(data_ptr);
let data_len = u32::from(data_len);
fn handle_trap(err: wasmtime::Trap) -> Error {
Error::from(format!("Wasm execution trapped: {}", err))
}
match self.call_type {
EntryPointType::Direct { ref entrypoint } =>
entrypoint.call((data_ptr, data_len)).map_err(handle_trap),
EntryPointType::Wrapped { func, ref dispatcher } =>
dispatcher.call((func, data_ptr, data_len)).map_err(handle_trap),
}
}
pub fn direct(func: wasmtime::Func) -> std::result::Result<Self, &'static str> {
let entrypoint = func
.typed::<(u32, u32), u64>()
.map_err(|_| "Invalid signature for direct entry point")?
.clone();
Ok(Self { call_type: EntryPointType::Direct { entrypoint } })
}
pub fn wrapped(
dispatcher: wasmtime::Func,
func: u32,
) -> std::result::Result<Self, &'static str> {
let dispatcher = dispatcher
.typed::<(u32, u32, u32), u64>()
.map_err(|_| "Invalid signature for wrapped entry point")?
.clone();
Ok(Self { call_type: EntryPointType::Wrapped { func, dispatcher } })
}
}
/// Wrap the given WebAssembly Instance of a wasm module with Substrate-runtime.
///
/// This struct is a handy wrapper around a wasmtime `Instance` that provides substrate specific
/// routines.
pub struct InstanceWrapper {
instance: Instance,
// The memory instance of the `instance`.
//
// It is important to make sure that we don't make any copies of this to make it easier to
// proof See `memory_as_slice` and `memory_as_slice_mut`.
memory: Memory,
/// Indirect functions table of the module
table: Option<Table>,
// Make this struct explicitly !Send & !Sync.
_not_send_nor_sync: marker::PhantomData<*const ()>,
}
fn extern_memory(extern_: &Extern) -> Option<&Memory> {
match extern_ {
Extern::Memory(mem) => Some(mem),
_ => None,
}
}
fn extern_global(extern_: &Extern) -> Option<&Global> {
match extern_ {
Extern::Global(glob) => Some(glob),
_ => None,
}
}
fn extern_table(extern_: &Extern) -> Option<&Table> {
match extern_ {
Extern::Table(table) => Some(table),
_ => None,
}
}
fn extern_func(extern_: &Extern) -> Option<&Func> {
match extern_ {
Extern::Func(func) => Some(func),
_ => None,
}
}
impl InstanceWrapper {
/// Create a new instance wrapper from the given wasm module.
pub fn new(store: &Store, module: &Module, imports: &Imports, heap_pages: u32) -> Result<Self> {
let instance = Instance::new(store, module, &imports.externs)
.map_err(|e| Error::from(format!("cannot instantiate: {}", e)))?;
let memory = match imports.memory_import_index {
Some(memory_idx) => extern_memory(&imports.externs[memory_idx])
.expect("only memory can be at the `memory_idx`; qed")
.clone(),
None => {
let memory = get_linear_memory(&instance)?;
if !memory.grow(heap_pages).is_ok() {
return Err("failed to increase the linear memory size".into())
}
memory
},
};
Ok(Self {
table: get_table(&instance),
instance,
memory,
_not_send_nor_sync: marker::PhantomData,
})
}
/// Resolves a substrate entrypoint by the given name.
///
/// An entrypoint must have a signature `(i32, i32) -> i64`, otherwise this function will return
/// an error.
pub fn resolve_entrypoint(&self, method: InvokeMethod) -> Result<EntryPoint> {
Ok(match method {
InvokeMethod::Export(method) => {
// Resolve the requested method and verify that it has a proper signature.
let export = self.instance.get_export(method).ok_or_else(|| {
Error::from(format!("Exported method {} is not found", method))
})?;
let func = extern_func(&export)
.ok_or_else(|| Error::from(format!("Export {} is not a function", method)))?
.clone();
EntryPoint::direct(func).map_err(|_| {
Error::from(format!("Exported function '{}' has invalid signature.", method))
})?
},
InvokeMethod::Table(func_ref) => {
let table =
self.instance.get_table("__indirect_function_table").ok_or(Error::NoTable)?;
let val = table.get(func_ref).ok_or(Error::NoTableEntryWithIndex(func_ref))?;
let func = val
.funcref()
.ok_or(Error::TableElementIsNotAFunction(func_ref))?
.ok_or(Error::FunctionRefIsNull(func_ref))?
.clone();
EntryPoint::direct(func).map_err(|_| {
Error::from(format!(
"Function @{} in exported table has invalid signature for direct call.",
func_ref,
))
})?
},
InvokeMethod::TableWithWrapper { dispatcher_ref, func } => {
let table =
self.instance.get_table("__indirect_function_table").ok_or(Error::NoTable)?;
let val = table
.get(dispatcher_ref)
.ok_or(Error::NoTableEntryWithIndex(dispatcher_ref))?;
let dispatcher = val
.funcref()
.ok_or(Error::TableElementIsNotAFunction(dispatcher_ref))?
.ok_or(Error::FunctionRefIsNull(dispatcher_ref))?
.clone();
EntryPoint::wrapped(dispatcher, func).map_err(|_| {
Error::from(format!(
"Function @{} in exported table has invalid signature for wrapped call.",
dispatcher_ref,
))
})?
},
})
}
/// Returns an indirect function table of this instance.
pub fn table(&self) -> Option<&Table> {
self.table.as_ref()
}
/// Reads `__heap_base: i32` global variable and returns it.
///
/// If it doesn't exist, not a global or of not i32 type returns an error.
pub fn extract_heap_base(&self) -> Result<u32> {
let heap_base_export = self
.instance
.get_export("__heap_base")
.ok_or_else(|| Error::from("__heap_base is not found"))?;
let heap_base_global = extern_global(&heap_base_export)
.ok_or_else(|| Error::from("__heap_base is not a global"))?;
let heap_base = heap_base_global
.get()
.i32()
.ok_or_else(|| Error::from("__heap_base is not a i32"))?;
Ok(heap_base as u32)
}
/// Get the value from a global with the given `name`.
pub fn get_global_val(&self, name: &str) -> Result<Option<Value>> {
let global = match self.instance.get_export(name) {
Some(global) => global,
None => return Ok(None),
};
let global = extern_global(&global).ok_or_else(|| format!("`{}` is not a global", name))?;
match global.get() {
Val::I32(val) => Ok(Some(Value::I32(val))),
Val::I64(val) => Ok(Some(Value::I64(val))),
Val::F32(val) => Ok(Some(Value::F32(val))),
Val::F64(val) => Ok(Some(Value::F64(val))),
_ => Err("Unknown value type".into()),
}
}
}
/// Extract linear memory instance from the given instance.
fn get_linear_memory(instance: &Instance) -> Result<Memory> {
let memory_export = instance
.get_export("memory")
.ok_or_else(|| Error::from("memory is not exported under `memory` name"))?;
let memory = extern_memory(&memory_export)
.ok_or_else(|| Error::from("the `memory` export should have memory type"))?
.clone();
Ok(memory)
}
/// Extract the table from the given instance if any.
fn get_table(instance: &Instance) -> Option<Table> {
instance
.get_export("__indirect_function_table")
.as_ref()
.and_then(extern_table)
.cloned()
}
/// Functions related to memory.
impl InstanceWrapper {
/// Read data from a slice of memory into a newly allocated buffer.
///
/// Returns an error if the read would go out of the memory bounds.
pub fn read_memory(&self, source_addr: Pointer<u8>, size: usize) -> Result<Vec<u8>> {
let range = checked_range(source_addr.into(), size, self.memory.data_size())
.ok_or_else(|| Error::Other("memory read is out of bounds".into()))?;
let mut buffer = vec![0; range.len()];
self.read_memory_into(source_addr, &mut buffer)?;
Ok(buffer)
}
/// Read data from the instance memory into a slice.
///
/// Returns an error if the read would go out of the memory bounds.
pub fn read_memory_into(&self, source_addr: Pointer<u8>, dest: &mut [u8]) -> Result<()> {
unsafe {
// This should be safe since we don't grow up memory while caching this reference and
// we give up the reference before returning from this function.
let memory = self.memory_as_slice();
let range = checked_range(source_addr.into(), dest.len(), memory.len())
.ok_or_else(|| Error::Other("memory read is out of bounds".into()))?;
dest.copy_from_slice(&memory[range]);
Ok(())
}
}
/// Write data to the instance memory from a slice.
///
/// Returns an error if the write would go out of the memory bounds.
pub fn write_memory_from(&self, dest_addr: Pointer<u8>, data: &[u8]) -> Result<()> {
unsafe {
// This should be safe since we don't grow up memory while caching this reference and
// we give up the reference before returning from this function.
let memory = self.memory_as_slice_mut();
let range = checked_range(dest_addr.into(), data.len(), memory.len())
.ok_or_else(|| Error::Other("memory write is out of bounds".into()))?;
memory[range].copy_from_slice(data);
Ok(())
}
}
/// Allocate some memory of the given size. Returns pointer to the allocated memory region.
///
/// Returns `Err` in case memory cannot be allocated. Refer to the allocator documentation
/// to get more details.
pub fn allocate(
&self,
allocator: &mut sc_allocator::FreeingBumpHeapAllocator,
size: WordSize,
) -> Result<Pointer<u8>> {
unsafe {
// This should be safe since we don't grow up memory while caching this reference and
// we give up the reference before returning from this function.
let memory = self.memory_as_slice_mut();
allocator.allocate(memory, size).map_err(Into::into)
}
}
/// Deallocate the memory pointed by the given pointer.
///
/// Returns `Err` in case the given memory region cannot be deallocated.
pub fn deallocate(
&self,
allocator: &mut sc_allocator::FreeingBumpHeapAllocator,
ptr: Pointer<u8>,
) -> Result<()> {
unsafe {
// This should be safe since we don't grow up memory while caching this reference and
// we give up the reference before returning from this function.
let memory = self.memory_as_slice_mut();
allocator.deallocate(memory, ptr).map_err(Into::into)
}
}
/// Returns linear memory of the wasm instance as a slice.
///
/// # Safety
///
/// Wasmtime doesn't provide comprehensive documentation about the exact behavior of the data
/// pointer. If a dynamic style heap is used the base pointer of the heap can change. Since
/// growing, we cannot guarantee the lifetime of the returned slice reference.
unsafe fn memory_as_slice(&self) -> &[u8] {
let ptr = self.memory.data_ptr() as *const _;
let len = self.memory.data_size();
if len == 0 {
&[]
} else {
slice::from_raw_parts(ptr, len)
}
}
/// Returns linear memory of the wasm instance as a slice.
///
/// # Safety
///
/// See `[memory_as_slice]`. In addition to those requirements, since a mutable reference is
/// returned it must be ensured that only one mutable and no shared references to memory exists
/// at the same time.
unsafe fn memory_as_slice_mut(&self) -> &mut [u8] {
let ptr = self.memory.data_ptr();
let len = self.memory.data_size();
if len == 0 {
&mut []
} else {
slice::from_raw_parts_mut(ptr, len)
}
}
/// Returns the pointer to the first byte of the linear memory for this instance.
pub fn base_ptr(&self) -> *const u8 {
self.memory.data_ptr()
}
/// Removes physical backing from the allocated linear memory. This leads to returning the
/// memory back to the system. While the memory is zeroed this is considered as a side-effect
/// and is not relied upon. Thus this function acts as a hint.
pub fn decommit(&self) {
if self.memory.data_size() == 0 {
return
}
cfg_if::cfg_if! {
if #[cfg(target_os = "linux")] {
use std::sync::Once;
unsafe {
let ptr = self.memory.data_ptr();
let len = self.memory.data_size();
// Linux handles MADV_DONTNEED reliably. The result is that the given area
// is unmapped and will be zeroed on the next pagefault.
if libc::madvise(ptr as _, len, libc::MADV_DONTNEED) != 0 {
static LOGGED: Once = Once::new();
LOGGED.call_once(|| {
log::warn!(
"madvise(MADV_DONTNEED) failed: {}",
std::io::Error::last_os_error(),
);
});
}
}
}
}
}
}
impl runtime_blob::InstanceGlobals for InstanceWrapper {
type Global = wasmtime::Global;
fn get_global(&self, export_name: &str) -> Self::Global {
self.instance
.get_global(export_name)
.expect("get_global is guaranteed to be called with an export name of a global; qed")
}
fn get_global_value(&self, global: &Self::Global) -> Value {
from_wasmtime_val(global.get())
}
fn set_global_value(&self, global: &Self::Global, value: Value) {
global.set(into_wasmtime_val(value)).expect(
"the value is guaranteed to be of the same value; the global is guaranteed to be mutable; qed",
);
}
}
Reference in New Issue View Git Blame Copy Permalink