daxpedda (Apr 03 2024 at 13:14): daxpedda (Apr 03 2024 at 13:14):I was looking into module poisoning for Wasm and saw that apparently WASI already implements something that prevents module re-entrance.
Following the code from Rustc into wasi-libc I can't find anything in this regard. Is this part of the spec and handled by the execution environment or how exactly does WASI deal with this?
IFcoltransG (Apr 04 2024 at 03:53):WASI 0.2 targets the Component Model, and one of the proposed invariants in the Component Model MVP prevents re-entrance.
See https://github.com/WebAssembly/component-model/blob/main/design/mvp/Explainer.md#component-invariants
IFcoltransG (Apr 04 2024 at 03:55):The issue you linked also links to this issue discussing the differences between targeting plain WASM versus the Component Model: https://github.com/rustwasm/wasm-bindgen/issues/3687
daxpedda (Apr 04 2024 at 07:31):I take it then that WASI without the component model proposal does not prevent re-entrance?
Isn't that something Rust should care about as well?
daxpedda (Apr 04 2024 at 07:32):The idea here is that if Rust Wasm implements module poisoning it can extend that to WASI (without the component model proposal) as well.
Alex Crichton (Apr 04 2024 at 15:05):Yes the wasm32-wasip1/wasm32-wasi targets would need reentrance protection, but the wasm32-wasip2 targets could be exempted. I'm not aware of any reentrance preotection in wasi-libc myself.
Dan Gohman (Apr 04 2024 at 15:59):WASIp1 / core modules don't really have the ability to distrust the outside environment. They export their linear memory, which means the outside world could trivially induce "Undefined Behavior" in the code inside the module, and there's no way to stop it.
Dan Gohman (Apr 04 2024 at 16:01):Core modules inherently have to have an unenforced convention with the outside world, and "don't reenter me" can be part of that convention.
Last updated: Nov 22 2024 at 16:03 UTC