Rust bindings (unsafe execution) #566
Conversation
axic
force-pushed
the
rust
branch
10 times, most recently
from
dc15f97 to
49ef6bb
Compare
Codecov Report
@@ Coverage Diff @@
## master #566 +/- ##
=======================================
Coverage 98.38% 98.38%
=======================================
Files 69 69
Lines 9712 9712
=======================================
Hits 9555 9555
Misses 157 157
Flags with carried forward coverage won't be shown. Click here to find out more. |
bindings/rust/src/lib.rs
Outdated
|
|
||
| impl Module { | ||
| // TODO: support imported functions{ | ||
| pub fn instantiate(self) -> Option<Instance> { |
There was a problem hiding this comment.
This should probably return a Result, as failure to instantiate is more of an error condition. Also, question mark operator.
There was a problem hiding this comment.
Yeah, I was wondering if I could avoid defining error types (given nothing is returned), but the question mark operator is a good point.
There was a problem hiding this comment.
Need to have custom error type otherwise question mark operator won't work 😞
| @@ -4,8 +4,123 @@ | |||
|
|
|||
There was a problem hiding this comment.
The conventional file layout is:
<use statements>
<module declarations>
<trait declarations>
<struct declarations>
<struct methods>
<trait impls>
bindings/rust/src/lib.rs
Outdated
| pub type ExecutionResult = sys::FizzyExecutionResult; | ||
|
|
||
| impl Instance { | ||
| pub fn execute(&mut self, func_idx: u32, args: &[Value]) -> ExecutionResult { |
There was a problem hiding this comment.
Ergonomics could be better if func_idx was replaced with the name. Users will probably be looking to call an export by name anyway.
There was a problem hiding this comment.
The C API does not yet offer anything like that and this is a direct translation as of now.
There was a problem hiding this comment.
Added function to look it up (now that the underlying API has it). Since this function is called unsafe_execute, I think it is fine to keep func_idx as it already has unsafe inputs.
Will eventually have a properly wrapped safe execute function, similar to what it is in wasmi and others.
gumb0
force-pushed
the
capi_execute
branch
2 times, most recently
from
dfdbfbf to
6525b9d
Compare
axic
changed the base branch from
capi_execute
to
capi-execute-dynamic-module
gumb0
force-pushed
the
capi-execute-dynamic-module
branch
2 times, most recently
from
f38f7e5 to
59419bd
Compare
axic
force-pushed
the
rust
branch
2 times, most recently
from
54e4c4e to
d2e6a1f
Compare
bindings/rust/src/lib.rs
Outdated
|
|
||
| /// The optional return value. Only a single return value is allowed in WebAssembly 1.0. | ||
| pub fn value(&self) -> Option<Value> { | ||
| if !self.0.trapped && self.0.has_value { |
There was a problem hiding this comment.
Documentation says otherwise, but this is too defensive. It is guaranteed that has_value if false if trapped is true.
There was a problem hiding this comment.
@gumb0 suggested this. Where is it guaranteed?
There was a problem hiding this comment.
Documentation says otherwise, but this is too defensive. It is guaranteed that
has_valueiffalseiftrappedistrue.
Here it's the opposite - when trapped is false, we have to check has_value.
What I suggested was changing if has_value -> if !trapped && has_value
Yeah I see what you mean, perhaps could be changed back, with a change to C API documentation and some new asserts in tests.
There was a problem hiding this comment.
What I suggested was changing if has_value -> if !trapped && has_value
This is what the code has now.
There was a problem hiding this comment.
The ExecuteResult constructor guarantees it. If you want to keep it, swap the checks: has_value && !trapped.
There was a problem hiding this comment.
I can also add the trapped as an assertion, which is only present in debug builds:
pub fn value(&self) -> Option<Value> {
if self.0.has_value {
assert!(!self.0.trapped);
Some(self.0.value)
} else {
None
}
}There was a problem hiding this comment.
The ExecuteResult constructor guarantees it.
The C API has no constructor guarantee for it though?
There was a problem hiding this comment.
The ExecuteResult constructor guarantees it.
The C API has no constructor guarantee for it though?
No constructor guarantees but FizzyExecutionResult wrap(const fizzy::ExecutionResult&) just copies all three fields always.
There was a problem hiding this comment.
I can also add the trapped as an assertion, which is only present in debug builds:
This variant looks good.
There was a problem hiding this comment.
I'm ok with changing trapped check to assertion.
axic
force-pushed
the
rust
branch
4 times, most recently
from
e45448f to
4eb205c
Compare
bindings/rust/src/lib.rs
Outdated
|
|
||
| /// The optional return value. Only a single return value is allowed in WebAssembly 1.0. | ||
| pub fn value(&self) -> Option<Value> { | ||
| if !self.0.trapped && self.0.has_value { |
There was a problem hiding this comment.
I'm ok with changing trapped check to assertion.
TODO:
Fizzy error enum(will do this in a new PR)