Jakub Konka (Apr 02 2020 at 15:14): Jakub Konka (Apr 02 2020 at 15:14):Do we have API exposed for limiting guest's memory? I know we have MemoryPlans and there we can specify some max but how do we actually use it? Or is it reserved for use from within the Wasm module? What I'm getting at here is this hypothetical use case: imagine we've got an embedded device and we'd like to limit the memory the runtime can allocate to the guest module. Can we do that? If not, do we want to figure out a mechanism to do it?
Dan Gohman (Apr 02 2020 at 20:15):@Jakub Konka I'm not aware of anything. Right now the max field is just derived from the wasm module, but it wouldn't be unreasonable for us to impose a stricter maximum as an option
Jakub Konka (Apr 02 2020 at 20:16):Mhm, that's what I worked out from our codebase. Ok then, I'll try and figure out an attack plan and report back with ideas or blockers (or possibly both!).
Alex Crichton (Apr 02 2020 at 20:18):@Jakub Konka https://github.com/bytecodealliance/wasmtime/pull/1400 may help in this regard?
Jakub Konka (Apr 02 2020 at 23:14):@Alex Crichton Ah yes, that's probably a good start, thanks!
Maciej Kot (Apr 03 2020 at 06:35):Putting a global memory limit is possible with this PR, however it requires to provide an actual implementation for memory creation/allocation.
This could be avoided if we let people reuse the default MemoryCreator/LinearMemory from wasmtime_runtime - then it would be possible to create a simple wrapper on these structs and insert additional checks there. Unfortunately this would require exposing MemoryPlan in the api. What may be an option here is to create some struct like MemorySpec which would mirror full contents of MemoryPlan but change memory_style (dynamic/static) field to memory_style_hint and offset_guard_size to offset_guard_size_hint and allow for these params to be ignored by custom memory creators. I don't know if it's feasible though.
Last updated: Oct 23 2024 at 20:03 UTC