feat: fvm-wasm-instrument stack limiter and gas #494
Conversation
|
This looks like the correct approach, but do we need to do any pre-validation first? |
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
3 times, most recently
from
3cab1fa to
0e5d64c
Compare
|
Depends on filecoin-project/fvm-wasm-instrument#3 |
magik6k
changed the title
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
3 times, most recently
from
28d64ed to
7ca7a63
Compare
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
4 times, most recently
from
2528ed8 to
7774b8e
Compare
magik6k
changed the title
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
from
597dde3 to
8dca7b7
Compare
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
from
244b69b to
905edf3
Compare
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
2 times, most recently
from
c5b660b to
5c108f3
Compare
|
Related ffi PR: filecoin-project/filecoin-ffi#273 |
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
2 times, most recently
from
b28b727 to
1e06f7b
Compare
| @@ -55,23 +104,20 @@ pub fn default_wasmtime_config() -> wasmtime::Config { | |||
| // > not enabled by default. | |||
| c.cranelift_nan_canonicalization(true); | |||
|
|
|||
| // c.cranelift_opt_level(Speed); ? | |||
| // Set to something much higher than the instrumented limiter. | |||
| c.max_wasm_stack(64 << 20).unwrap(); | |||
There was a problem hiding this comment.
TODO: make sure this doesn't force us to allocate 64MiB per container.
There was a problem hiding this comment.
Is this just a backstop? Why do we need it? I guess because it can't be disabled entirely?
There was a problem hiding this comment.
Yeah, the default is 512k
There was a problem hiding this comment.
As far as I can tell wasm execution uses the native stack - when this is set to a high value the out_of_stack test will fail with:
thread 'out_of_stack' has overflowed its stack
fatal runtime error: stack overflow
Given that, I don't think we're allocating here
| let out = syscall(ctx $(, $t)*).into(); | ||
|
|
||
| let result = match out { |
There was a problem hiding this comment.
I think we can re-combine these lines now.
There was a problem hiding this comment.
(We'll split them again if we merge #465.)
| let (mut memory, mut data) = memory_and_data(&mut caller)?; | ||
| let ctx = Context{kernel: &mut data.kernel, memory: &mut memory}; | ||
| let result = match syscall(ctx $(, $t)*).into()? { | ||
| Ok(_) => { | ||
| let out = syscall(ctx $(, $t)*).into(); | ||
|
|
||
| let result = match out { | ||
| Ok(Ok(_)) => { | ||
| log::trace!("syscall {}::{}: ok", module, name); | ||
| data.last_error = None; | ||
| 0 | ||
| Ok(0) | ||
| }, | ||
| Err(err) => { | ||
| Ok(Err(err)) => { | ||
| let code = err.1; | ||
| log::trace!("syscall {}::{}: fail ({})", module, name, code as u32); | ||
| data.last_error = Some(backtrace::Cause::new(module, name, err)); | ||
| code as u32 | ||
| Ok(code as u32) | ||
| }, | ||
| Err(e) => Err(e.into()), | ||
| }; |
There was a problem hiding this comment.
I would consider wrapping all of this in a closure (and immediately calling it) to make trapping errors a bit easier.
| (NetworkVersion::V14, actors_v6::BUNDLE_CAR), | ||
| (NetworkVersion::V15, actors_v7::BUNDLE_CAR), | ||
| (NetworkVersion::V16, actors_v7::BUNDLE_CAR), // todo bad hack |
There was a problem hiding this comment.
I guess this is because we still don't have a release for v8.
There was a problem hiding this comment.
Yeah, the integration test runner needs a bundle to load, even if we don't use any actor code. Ideally we could run integration tests without actor bundles - that would also make those tests run much faster.
Co-authored-by: raulk <raul@protocol.ai> Co-authored-by: Steven Allen <steven@stebalien.com>
magik6k
force-pushed
the
feat/wasm-instrumentation
branch
from
95d1f37 to
ea08252
Compare
No description provided.