iwasm doesn't respect timeout in start function execution #4047
Comments
|
I don't know how it's done in similar projects(like gas metering from wasmtime mentioned above), but i think adding parameter limiting control instructions(or limiting call nesting) would be probably a solution for things like infinite loops |
|
like |
|
"roughly the number of loop iterations and function calls" |
you are right it's impossible with the current api to terminate instances in that state. a possible solution is to separate the instantiation to two steps, similarly to: |
|
Demo: |
Tries to address bytecodealliance#4047. Before this change, wasm_runtime_instantiate would execute the start function unconditionally, correctly implementing the spec. However, if there is an infinite loop in the start function, there was no way to interrupt execution. This change introduces a parameter to InstantiationArgs indicating whether the start function should be immediately invoked. If not, wasm_runtime_instantiate returns a module instance that is initialized except for the start function. This change adds a wasm_runtime_instantiate_run_start_func function which performs this last instantiation step. The user may prepare a timeout in advance of calling this to guard against expensive/infinite loops. This change also demonstrates a possible technique for doing this in iwasm.c.
|
I don't know what to do in the multi-module case, presumably all start functions have to be deferred until the user calls |
Tries to address bytecodealliance#4047. Before this change, wasm_runtime_instantiate would execute the start function unconditionally, correctly implementing the spec. However, if there is an infinite loop in the start function, there was no way to interrupt execution. This change introduces a parameter to InstantiationArgs indicating whether the start function should be immediately invoked. If not, wasm_runtime_instantiate returns a module instance that is initialized except for the start function. This change adds a wasm_runtime_instantiate_run_start_func function which performs this last instantiation step. The user may prepare a timeout in advance of calling this to guard against expensive/infinite loops. This change also demonstrates a possible technique for doing this in iwasm.c.
Tries to address bytecodealliance#4047. Before this change, wasm_runtime_instantiate would execute the start function unconditionally, correctly implementing the spec. However, if there is an infinite loop in the start function, there was no way to interrupt execution. This change introduces a parameter to InstantiationArgs indicating whether the start function should be immediately invoked. If not, wasm_runtime_instantiate returns a module instance that is initialized except for the start function. This change adds a wasm_runtime_instantiate_run_start_func function which performs this last instantiation step. The user may prepare a timeout in advance of calling this to guard against expensive/infinite loops. This change also demonstrates a possible technique for doing this in iwasm.c.
Let's say you run
If
foo.wasmhas a start function with an infinite loop (e.g. due to a bug), the intepreter is not able to interrupt execution after 4 seconds. The interpreter will try to interrupt modules by callingwasm_runtime_terminate, but this requires a module instance, and obviously in this case module instantiation cannot finish.What do you all think of adding some mechanism to interrupt the start function after a period of time? Is there a way to do this that I'm missing?
The text was updated successfully, but these errors were encountered: