Stream: git-wasmtime

Topic: wasmtime / PR #3841 Panic on resetting image slots back t...

Wasmtime GitHub notifications bot (Feb 23 2022 at 16:35):

alexcrichton opened PR #3841 from panic-on-error to main:

This commit updates Drop for MemoryImageSlot to panic instead of
ignoring errors when resetting memory back to a clean slate. On reading
some of this code again for a different change I realized that if an
error happens in reset_with_anon_memory it would be possible,
depending on where another error happened, to leak memory from one image
to another.

For example if clear_and_remain_ready failed its madvise (for
whatever reason) and didn't actually reset any memory, then if Drop for MemoryImageSlot also hit an error trying to remap memory (for whatever
reason), then nothing about memory has changed and when the
MemoryImageSlot is recreated it'll think that it's 0-length when
actually it's a bit larger and may leak data.

I don't think this is a serious problem since we don't know any
situation under which the madvise would fail and/or the resetting with
anonymous memory, but given that these aren't expected to fail I figure
it's best to be a bit more defensive here and/or loud about failures.

<!--

Please ensure that the following steps are all taken care of before submitting
the PR.

• [ ] This has been discussed in issue #..., or if not, please tell us why
  here.

• [ ] A short description of what this does, why it is needed; if the
  description becomes long, the matter should probably be discussed in an issue
  first.

• [ ] This PR contains test cases, if meaningful.

• [ ] A reviewer from the core maintainer team has been assigned for this PR.
  If you don't know who could review this, please indicate so. The list of
  suggested reviewers on the right can help you.

Please ensure all communication adheres to the code of conduct.
-->

Wasmtime GitHub notifications bot (Feb 23 2022 at 16:35):

alexcrichton requested cfallin for a review on PR #3841.

Wasmtime GitHub notifications bot (Feb 23 2022 at 17:27):

cfallin submitted PR review.

Wasmtime GitHub notifications bot (Feb 23 2022 at 17:27):

cfallin submitted PR review.

Wasmtime GitHub notifications bot (Feb 23 2022 at 17:27):

cfallin created PR review comment:

pre-existing but this is unmap_on_drop while a few lines below we say clear_on_drop -- would you mind updating the comment while we're here?

Wasmtime GitHub notifications bot (Feb 23 2022 at 19:03):

alexcrichton updated PR #3841 from panic-on-error to main.

Wasmtime GitHub notifications bot (Feb 23 2022 at 20:00):

alexcrichton merged PR #3841.

Last updated: Oct 23 2024 at 20:03 UTC