Wasmtime GitHub notifications bot (Aug 01 2024 at 18:07): Wasmtime GitHub notifications bot (Aug 01 2024 at 18:07):elliottt opened PR #9057 from elliottt:trevor/validate-trappable-imports to bytecodealliance:main:
It's easy to accidentally use the generated name when passing names to the
trappable_importsfield of thebindgen!macro, yielding generated bindings that don't use the expectedtrappable_error_type. This PR adds some validation, ensuring that arguments totrappable_importsdo parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id, on each entry of thetrappable_importslist, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happ to add some if I've missed something there.
Wasmtime GitHub notifications bot (Aug 01 2024 at 18:07):elliottt requested pchickey for a review on PR #9057.
Wasmtime GitHub notifications bot (Aug 01 2024 at 18:07):elliottt requested wasmtime-core-reviewers for a review on PR #9057.
Wasmtime GitHub notifications bot (Aug 01 2024 at 18:07):elliottt requested alexcrichton for a review on PR #9057.
Wasmtime GitHub notifications bot (Aug 01 2024 at 18:58):elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_importsfield of thebindgen!macro, yielding generated bindings that don't use the expectedtrappable_error_type. This PR adds some validation, ensuring that arguments totrappable_importsdo parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id, on each entry of thetrappable_importslist, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add some if I've missed something there.
Wasmtime GitHub notifications bot (Aug 01 2024 at 18:58):elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_importsfield of thebindgen!macro, yielding generated bindings that don't use the expectedtrappable_error_type. This PR adds some validation, ensuring that arguments totrappable_importsdo parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id, on each entry of thetrappable_importslist, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add them if I've missed something there.
Wasmtime GitHub notifications bot (Aug 01 2024 at 19:48):alexcrichton commented on PR #9057:
I realize it'd be more difficult, but would you be up for seeing how to validate that all the entries in this list are used in addition to them being valid? Or rather validation wouldn't be required if they're validated to be used. IIRC we already require that all
withentries are used so it might be possible to reuse logic there perhaps?I ask this because it feels like the most robust solution here in terms of ensuring we actually use all of the input and helping to catch typos/misconfiguration.
Also as for negative tests you're right in that we don't have any. They're unfortunately difficult to add because rustc's output changes over time, but we should probably look in to adding them at some point in the future.
Wasmtime GitHub notifications bot (Aug 01 2024 at 21:23):elliottt commented on PR #9057:
I realize it'd be more difficult, but would you be up for seeing how to validate that all the entries in this list are used in addition to them being valid? Or rather validation wouldn't be required if they're validated to be used. IIRC we already require that all
withentries are used so it might be possible to reuse logic there perhaps?Yep, I'll have a look at doing that instead :+1:
Wasmtime GitHub notifications bot (Aug 01 2024 at 22:48):elliottt updated PR #9057.
Wasmtime GitHub notifications bot (Aug 01 2024 at 22:57):elliottt commented on PR #9057:
I've reworked it to track the import names that get used, and check that all names specified in the list initially get used. If none are used, a similar error to the handling of the
withclause will be reported.One wrinkle here is that I had to mark names as used if
can_trapreturned true, rather than only if it was a name that had a trappable return type. With the more strict interpretation the tests fail, as we test cases where names mentioned in the list don't have any return type. I'm not sure that requiring names intrappable_importshave a trappable error is useful, given that names can overlap between different interfaces.
Wasmtime GitHub notifications bot (Aug 02 2024 at 14:02):alexcrichton submitted PR review:
Looks reasonable to me!
Wasmtime GitHub notifications bot (Aug 02 2024 at 14:02):alexcrichton submitted PR review:
Looks reasonable to me!
Wasmtime GitHub notifications bot (Aug 02 2024 at 14:02):alexcrichton created PR review comment:
Could this be added to
special_case_trappable_error? (perhaps by updating that to take&Function)?
Wasmtime GitHub notifications bot (Aug 02 2024 at 14:02):alexcrichton created PR review comment:
Mind updating these docs?
Wasmtime GitHub notifications bot (Aug 02 2024 at 15:27):elliottt updated PR #9057.
Wasmtime GitHub notifications bot (Aug 02 2024 at 15:56):elliottt requested alexcrichton for a review on PR #9057.
Wasmtime GitHub notifications bot (Aug 02 2024 at 15:57):elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_importsfield of thebindgen!macro, yielding generated bindings that don't use the expectedtrappable_error_type. This PR adds some validation, ensuring that arguments totrappable_importsare used during binding generation and raising an error if any are ignored.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add them if I've missed something there.
Wasmtime GitHub notifications bot (Aug 02 2024 at 16:12):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Aug 02 2024 at 16:27):alexcrichton merged PR #9057.
Last updated: Nov 22 2024 at 16:03 UTC