elliottt opened PR #9057 from elliottt:trevor/validate-trappable-imports
to bytecodealliance:main
:
It's easy to accidentally use the generated name when passing names to the
trappable_imports
field of thebindgen!
macro, yielding generated bindings that don't use the expectedtrappable_error_type
. This PR adds some validation, ensuring that arguments totrappable_imports
do parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id
, on each entry of thetrappable_imports
list, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happ to add some if I've missed something there.
elliottt requested pchickey for a review on PR #9057.
elliottt requested wasmtime-core-reviewers for a review on PR #9057.
elliottt requested alexcrichton for a review on PR #9057.
elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_imports
field of thebindgen!
macro, yielding generated bindings that don't use the expectedtrappable_error_type
. This PR adds some validation, ensuring that arguments totrappable_imports
do parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id
, on each entry of thetrappable_imports
list, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add some if I've missed something there.
elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_imports
field of thebindgen!
macro, yielding generated bindings that don't use the expectedtrappable_error_type
. This PR adds some validation, ensuring that arguments totrappable_imports
do parse as wit identifiers.This is slightly more complicated than calling
wit_parser::validate_id
, on each entry of thetrappable_imports
list, as those entries can also refer to methods and constructors. As such, each part is validated in those cases, ensuring that the resource and method parts are valid wit identifiers.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add them if I've missed something there.
alexcrichton commented on PR #9057:
I realize it'd be more difficult, but would you be up for seeing how to validate that all the entries in this list are used in addition to them being valid? Or rather validation wouldn't be required if they're validated to be used. IIRC we already require that all
with
entries are used so it might be possible to reuse logic there perhaps?I ask this because it feels like the most robust solution here in terms of ensuring we actually use all of the input and helping to catch typos/misconfiguration.
Also as for negative tests you're right in that we don't have any. They're unfortunately difficult to add because rustc's output changes over time, but we should probably look in to adding them at some point in the future.
elliottt commented on PR #9057:
I realize it'd be more difficult, but would you be up for seeing how to validate that all the entries in this list are used in addition to them being valid? Or rather validation wouldn't be required if they're validated to be used. IIRC we already require that all
with
entries are used so it might be possible to reuse logic there perhaps?Yep, I'll have a look at doing that instead :+1:
elliottt updated PR #9057.
elliottt commented on PR #9057:
I've reworked it to track the import names that get used, and check that all names specified in the list initially get used. If none are used, a similar error to the handling of the
with
clause will be reported.One wrinkle here is that I had to mark names as used if
can_trap
returned true, rather than only if it was a name that had a trappable return type. With the more strict interpretation the tests fail, as we test cases where names mentioned in the list don't have any return type. I'm not sure that requiring names intrappable_imports
have a trappable error is useful, given that names can overlap between different interfaces.
alexcrichton submitted PR review:
Looks reasonable to me!
alexcrichton submitted PR review:
Looks reasonable to me!
alexcrichton created PR review comment:
Could this be added to
special_case_trappable_error
? (perhaps by updating that to take&Function
)?
alexcrichton created PR review comment:
Mind updating these docs?
elliottt updated PR #9057.
elliottt requested alexcrichton for a review on PR #9057.
elliottt edited PR #9057:
It's easy to accidentally use the generated name when passing names to the
trappable_imports
field of thebindgen!
macro, yielding generated bindings that don't use the expectedtrappable_error_type
. This PR adds some validation, ensuring that arguments totrappable_imports
are used during binding generation and raising an error if any are ignored.It doesn't appear that we have negative tests for wasmtime-component-macro, but I'm happy to add them if I've missed something there.
alexcrichton submitted PR review.
alexcrichton merged PR #9057.
Last updated: Dec 23 2024 at 12:05 UTC