Stream: git-wasmtime

Topic: wasmtime / PR #9022 Add an unsafe API to unload process t...


view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:29):

alexcrichton requested fitzgen for a review on PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:29):

alexcrichton opened PR #9022 from alexcrichton:deinit-traps to bytecodealliance:main:

This commit adds a new unsafe API Engine::unload_process_handlers which can be used to de-initialize trap-handling state in a process. In general this is an unsafe operation that we have no means of making safe, hence the unsafe. There are particular situations where this can be done safely though and this is provided for such situations. The safety conditions rely on invariants that Wasmtime itself cannot maintain so the burden is on callers to ensure that this is invoked in a safe manner.

This is inspired by discussion [on Zulip][zulip] where Wasmtime's trap handling infrastructure prevented unloading a DLL with Wasmtime in it. There's possibly other reasons that unloading DLLs are unsafe in Rust but it feels appropriate to at least provide this knob to embedders to be able to turn if they like.

[zulip]: https://bytecodealliance.zulipchat.com/#narrow/stream/206238-general/topic/How.20to.20safely.20drop.20wasmtime.3F/near/453366905

<!--
Please make sure you include the following information:

Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.html

Please ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:29):

alexcrichton requested wasmtime-core-reviewers for a review on PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann submitted PR review:

Given how specialized this you can consider all the functional comments just questions.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann created PR review comment:

I'm not sure exactly what "for this Wasmtime DLL" means; maybe just drop it?

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann submitted PR review:

Given how specialized this you can consider all the functional comments just questions.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann created PR review comment:

    /// * There must be no other instances of `Engine` anywhere for this Wasmtime

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann created PR review comment:

    /// the process will be aborted if the current signal handlers are not

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann created PR review comment:

"no other" or just "conflicting"? I guess you don't want to commit to specific handlers being installed but this is already pretty unstable... :shrug:

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:50):

lann created PR review comment:

Would it make sense to explicitly poison this copy of wasmtime with a global or is that already effectively happening?

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 16:51):

lann submitted PR review:

Given how specialized this is, consider all the functional comments just questions.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 17:20):

alexcrichton updated PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 17:20):

alexcrichton submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 17:20):

alexcrichton created PR review comment:

I'm hesitant to go out of our way to do that as it might slow down other parts for this niche unsafe part, so I'd lean towards making this part of the unsafe contract rather than trying to add more guard rails.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 26 2024 at 17:21):

alexcrichton commented on PR #9022:

Good suggestions/questions! I've tried to wordsmith and update a bit.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 27 2024 at 01:17):

fitzgen submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 27 2024 at 01:17):

fitzgen created PR review comment:

//! It's not safe for this binary to contain any other tests.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 29 2024 at 14:19):

alexcrichton updated PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 29 2024 at 14:20):

alexcrichton has enabled auto merge for PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 29 2024 at 14:46):

alexcrichton updated PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 29 2024 at 14:46):

alexcrichton has enabled auto merge for PR #9022.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 29 2024 at 15:10):

alexcrichton merged PR #9022.


Last updated: Dec 23 2024 at 12:05 UTC