Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Introduce an OOM-handlingError type for Wasmtime#12163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
fitzgen wants to merge15 commits intobytecodealliance:main
base:main
Choose a base branch
Loading
fromfitzgen:wasmtime-error

Conversation

@fitzgen
Copy link
Member

This newError has an API that is 99% identical toanyhow::Error's API, but additionally handles memory exhaustion.

This commit only introduces thewasmtime_internal_error crate into our workspace, along with its regular tests and OOM tests. This commit does not, however, migrate Wasmtime's internals or public-facing API over to the new error type yet. That is left for follow up work.

In order to continue fittingResult<(), Error> in one word, there is quite a bit of unsafe code inError's implementation, mostly surrounding the manual creation of our own moral equivalent ofBox<dyn Error> with explicit vtables and type erasure so that we get a thin pointer to a trait object rather thanBox<dyn Error>'s fat pointer. To alleviate the associated risks, I've been testing this code under MIRI throughout its whole development, as well as thoroughly testing the API so that MIRI can dynamically exercise all the code paths. Furthermore, I've enabled testing this crate under MIRI in CI.

Part of#12069

@fitzgenfitzgen requested review froma team ascode ownersDecember 12, 2025 18:17
@fitzgenfitzgen requested review fromalexcrichton and removed request fora teamDecember 12, 2025 18:17
@fitzgenfitzgenforce-pushed thewasmtime-error branch 2 times, most recently fromab7ef38 to1329403CompareDecember 12, 2025 18:33
@fitzgen
Copy link
MemberAuthor

I am not sure why the version bump followed bycargo vet is failing. Digging in...

https://github.com/bytecodealliance/wasmtime/actions/runs/20176633165/job/57926334414?pr=12163

@fitzgen
Copy link
MemberAuthor

I am not sure why the version bump followed bycargo vet is failing. Digging in...

Third bullet point over in#12164

This new `Error` has an API that is 99% identical to `anyhow::Error`'s API, butadditionally handles memory exhaustion.This commit only introduces the `wasmtime_internal_error` crate into ourworkspace, along with its regular tests and OOM tests. This commit does not,however, migrate Wasmtime's internals or public-facing API over to the new errortype yet. That is left for follow up work.In order to continue fitting `Result<(), Error>` in one word, there is quite abit of unsafe code in `Error`'s implementation, mostly surrounding the manualcreation of our own moral equivalent of `Box<dyn Error>` with explicit vtablesand type erasure so that we get a thin pointer to a trait object rather than`Box<dyn Error>`'s fat pointer. To alleviate the associated risks, I've beentesting this code under MIRI throughout its whole development, as well asthoroughly testing the API so that MIRI can dynamically exercise all the codepaths. Furthermore, I've enabled testing this crate under MIRI in CI.
For compatibility with `anyhow`'s API.This unfortunately means we have to move the actual error implementation outinto a submodule so that this function isn't visible, or else every `match .. {Ok(_) => ... }` stops type checking.
@fitzgen
Copy link
MemberAuthor

Third bullet point over in#12164

Rebased on top of that PR now that it merged

@fitzgen
Copy link
MemberAuthor

fitzgen commentedDec 12, 2025
edited
Loading

Grrrr this bump-and-vet CI failure is really annoying me.Works when I run the exact same commands locally:

Details
nick@hamilton :: (wasmtime-error) :: ~/wasmtime    $ rustc scripts/publish.rs && ./publish bump-patchbumping `component-macro-test-helpers`...bumping `component-async-tests`...bumping `wizer-fuzz`...bumping `regex-test`...bumping `regex-bench`...bumping `uap-bench`...bumping `wasmtime-environ-fuzz`...bumping `wasmtime-bench-api`...bumping `wasi-preview1-component-adapter`...bumping `verify-component-adapter`...bumping `byte-array-literals`...bumping `wasi-nn-example-winml`...bumping `wasi-nn-example-named`...bumping `wasi-nn-example`...bumping `classification-component-onnx`...bumping `wasi-nn-example-pytorch`...bumping `wasmtime-test-macros`...bumping `wiggle-test`...bumping `test-programs`...bumping `test-programs-artifacts`...bumping `wasmtime-test-util`...bumping `wasmtime-fuzzing`...bumping `wasm-spec-interpreter`...bumping `wasmtime-c-api`...bumping `cranelift-tools`...bumping `cranelift-assembler-x64-fuzz`...bumping `cranelift-fuzzgen`...bumping `cranelift-filetests`...bumping `isle-fuzz`...bumping `veri_ir`...bumping `veri_engine`...bumping `islec`...bumping `pulley-interpreter-fuzz`...bumping `cranelift-bitset`...  0.128.0 => 0.128.1bumping `wasmtime-internal-math`...bumping `pulley-macros`...bumping `pulley-interpreter`...bumping `cranelift-srcgen`...  0.128.0 => 0.128.1bumping `cranelift-assembler-x64-meta`...  0.128.0 => 0.128.1bumping `cranelift-assembler-x64`...  0.128.0 => 0.128.1bumping `cranelift-isle`...  0.128.0 => 0.128.1bumping `cranelift-entity`...  0.128.0 => 0.128.1bumping `cranelift-bforest`...  0.128.0 => 0.128.1bumping `cranelift-codegen-shared`...  0.128.0 => 0.128.1bumping `cranelift-codegen-meta`...  0.128.0 => 0.128.1bumping `cranelift-control`...  0.128.0 => 0.128.1bumping `cranelift-codegen`...  0.128.0 => 0.128.1bumping `cranelift-reader`...  0.128.0 => 0.128.1bumping `cranelift-serde`...  0.128.0 => 0.128.1bumping `cranelift-module`...  0.128.0 => 0.128.1bumping `cranelift-frontend`...  0.128.0 => 0.128.1bumping `cranelift-native`...  0.128.0 => 0.128.1bumping `cranelift-object`...  0.128.0 => 0.128.1bumping `cranelift-interpreter`...  0.128.0 => 0.128.1bumping `wasmtime-internal-jit-icache-coherence`...bumping `wasmtime-internal-unwinder`...bumping `cranelift-jit`...  0.128.0 => 0.128.1bumping `cranelift`...  0.128.0 => 0.128.1bumping `wiggle-generate`...bumping `wiggle-macro`...bumping `wasmtime-internal-error`...bumping `wasmtime-internal-versioned-export-macros`...bumping `wasmtime-internal-slab`...bumping `wasmtime-internal-component-util`...bumping `wasmtime-internal-wit-bindgen`...bumping `wasmtime-internal-component-macro`...bumping `wasmtime-internal-jit-debug`...bumping `wasmtime-internal-fiber`...bumping `wasmtime-environ`...bumping `wasmtime-internal-wmemcheck`...bumping `wasmtime-internal-cranelift`...bumping `wasmtime-internal-cache`...bumping `winch-codegen`...bumping `wasmtime-internal-winch`...bumping `wasmtime`...bumping `wiggle`...bumping `wasi-common`...bumping `wasmtime-wasi-io`...bumping `wasmtime-wasi`...bumping `wasmtime-wasi-http`...bumping `wasmtime-wasi-nn`...bumping `wasmtime-wasi-config`...bumping `wasmtime-wasi-keyvalue`...bumping `wasmtime-wasi-threads`...bumping `wasmtime-wasi-tls`...bumping `wasmtime-wasi-tls-nativetls`...bumping `wasmtime-wast`...bumping `wasmtime-internal-c-api-macros`...bumping `wasmtime-c-api-impl`...bumping `wasmtime-wizer`...bumping `wasmtime-cli-flags`...bumping `wasmtime-internal-explorer`...bumping `wasmtime-cli`...  41.0.0 => 41.0.1Running: `"cargo" "fetch" "--offline"`nick@hamilton :: (wasmtime-error *) :: ~/wasmtime    $ echo $?0

Edit: d'oh I missed a command from CI. Can repro.

@fitzgen
Copy link
MemberAuthor

Looks likefbac398 did indeed fix thecargo vet issues.

@github-actionsgithub-actionsbot added the fuzzingIssues related to our fuzzing infrastructure labelDec 12, 2025
@github-actions
Copy link

Subscribe to Label Action

cc@fitzgen

DetailsThis issue or pull request has been labeled: "fuzzing"

Thus the following users have been cc'd because of the following labels:

  • fitzgen: fuzzing

To subscribe or unsubscribe from this label, edit the.github/subscribe-to-label.json configuration file.

Learn more.

@fitzgen
Copy link
MemberAuthor

@cfallin do you feel comfortable reviewing this since Alex is out-of-office right now?

@cfallin
Copy link
Member

Sure, happy to do so!

fitzgen reacted with heart emoji

@cfallincfallin self-requested a reviewDecember 15, 2025 19:05
Copy link
Member

@cfallincfallin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Partial review but I wanted to checkpoint these comments at least -- will keep reading fromlib.rs onward in the new crate tomorrow!

This is very nice code overall; just little nits mostly.

use backtrace::Backtrace;
use std::{alloc::GlobalAlloc, cell::Cell, mem, ptr, time};
usewasmtime::{Error,Result};
usewasmtime_error::{Error,OutOfMemory,Result, bail};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I assume that we are doing this direct import from the error crate for now since it's not integrated into Wasmtime, but is it the long-term goal to reexport the public error types fromwasmtime itself? If so, should we leave a TODO/FIXME here noting that?

Copy link
MemberAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Yes, I have follow up work to publicly re-exportwasmtime_error aswasmtime::error (and also continue to havewasmtime::Error andwasmtime::Result at the top level for convenience).

But also, the fuzzing crate is internal and will never be published, so it doesn't really matter how it names the types, directly or via re-export. It already, for example, pulls inwasmtime-environ and uses that directly in a few places, rather than constraining itself to only using the canonical publicwasmtime API.

I can just fix it right now in my current WIP branch to actually getwasmtime using this crate instead ofanyhow, rather than add a comment that I immediately remove, if that is okay with you.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Ah, yes, that would be fine too -- not a big deal either way, just wanted to ensure we don't keep an intermediate state of affairs around forever.

Copy link
Member

@cfallincfallin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

And here's a review on the rest of the diff. Thanks for building all of this -- in general it looks quite good! My only real concern is the dangling-pointer issue in prior review. With that addressed (or adequately documented if I'm wrong about the bad case?) I'm happy to r+.

I'll note as well that my review is at the level of "plausible and looks correct"; Alex may still have opinions about what isbest but I suspect that can be left to followup as well.

@fitzgen
Copy link
MemberAuthor

@cfallin I believe I've addressed all of your feedback, and this should be ready for another look.

Copy link
Member

@cfallincfallin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

OK, this looks correct to me and seems reasonable as far as my opinions of error interfaces go!

fitzgen reacted with heart emoji
@fitzgenfitzgen added this pull request to themerge queueDec 16, 2025
@github-merge-queuegithub-merge-queuebot removed this pull request from themerge queue due to failed status checksDec 16, 2025
@fitzgen
Copy link
MemberAuthor

Regarding this CI failure:https://github.com/bytecodealliance/wasmtime/actions/runs/20283910974/job/58252868624

I don't think this PR can pass that CI step and merge until@wasmtime-publish is an owner of thewasmtime-internal-error crate. I created an empty crate and published it to crates.io at v0.0.0 aswasmtime-internal-error, and I tried to addwasmtime-publish to it, but I don't have that account's credentials so I can't accept the ownership invite on its behalf.

@fitzgen
Copy link
MemberAuthor

Will try again, just in case that CI step will somehow accept the invite.

@fitzgenfitzgen added this pull request to themerge queueDec 16, 2025
@cfallin
Copy link
Member

I don't think this PR can pass that CI step and merge until@wasmtime-publish is an owner of the wasmtime-internal-error crate. I created an empty crate and published it to crates.io at v0.0.0 as wasmtime-internal-error, and I tried to add wasmtime-publish to it, but I don't have that account's credentials so I can't accept the ownership invite on its behalf.

Seems like an oversight in our procedures --@alexcrichton when you're back, would you be willing to write up a runbook entry for "I added a new crate to Wasmtime" with the way to make the current publish flow happy? (It seems I've gotten caught in similar issues a few times too, whether it be the "published crates" list or deferred problems on next release or ...)

@fitzgen
Copy link
MemberAuthor

I don't think this PR can pass that CI step and merge until@wasmtime-publish is an owner of thewasmtime-internal-error crate. I created an empty crate and published it to crates.io at v0.0.0 aswasmtime-internal-error, and I tried to addwasmtime-publish to it, but I don't have that account's credentials so I can't accept the ownership invite on its behalf.

This seems to have made thecargo vet CI job start failing again 😩

@github-merge-queuegithub-merge-queuebot removed this pull request from themerge queue due to failed status checksDec 16, 2025
@fitzgenfitzgen added this pull request to themerge queueDec 17, 2025
@github-merge-queuegithub-merge-queuebot removed this pull request from themerge queue due to failed status checksDec 17, 2025
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@cfallincfallincfallin approved these changes

@alexcrichtonalexcrichtonAwaiting requested review from alexcrichtonalexcrichton is a code owner automatically assigned from bytecodealliance/wasmtime-fuzz-reviewers

+1 more reviewer

@bjorn3bjorn3bjorn3 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

fuzzingIssues related to our fuzzing infrastructure

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fitzgen@cfallin@bjorn3
[8]ページ先頭
©2009-2025 Movatter.jp