feat: epoch-based interruption #173
Open
+728
−88
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR implements epoch-based interruption for WebAssembly execution to prevent malicious or buggy WASM payloads from hanging the host system. The implementation uses Wasmtime's epoch interruption feature combined with a background timer to periodically check and interrupt long-running WASM code.
Key changes:
- Added epoch-based interruption with configurable tick times and timeout thresholds
- Implemented timeout handling for blocking operations in sync contexts
- Refactored test infrastructure to properly separate I/O and CPU runtimes
- Added comprehensive test coverage for various spin/hang scenarios
Reviewed Changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| host/src/lib.rs | Implements epoch timer background task, adds timeout configuration to WasmPermissions, updates engine configuration to enable epoch interruption, and adds comprehensive documentation on async/blocking behavior |
| host/src/tokio_helpers.rs | Adds timeout support and runtime flavor validation to async_in_sync_context helper function |
| host/tests/integration_tests/rust.rs | Refactors tests to use helper functions for UDF creation, adds tests for runtime context validation |
| host/tests/integration_tests/evil/test_utils.rs | Adds dedicated I/O runtime for evil tests to properly test epoch-based interruption |
| host/tests/integration_tests/evil/spin.rs | New test suite verifying that spinning WASM payloads timeout correctly across different UDF operations |
| host/tests/integration_tests/evil/mod.rs | Adds spin module to test structure |
| guests/evil/src/lib.rs | Registers new spin test payloads for various UDF operations |
| guests/evil/src/common.rs | Adds common helper functions for empty root and UDF lists |
| guests/evil/src/spin/mod.rs | Implements spin function that creates CPU-intensive loop for testing interruption |
| guests/evil/src/spin/root.rs | Test payload that spins during root filesystem retrieval |
| guests/evil/src/spin/udf_invoke.rs | Test payload that spins during UDF invocation |
| guests/evil/src/spin/udf_name.rs | Test payload that spins during UDF name retrieval |
| guests/evil/src/spin/udf_return_type_exact.rs | Test payload that spins during return_type call with exact signature |
| guests/evil/src/spin/udf_return_type_other.rs | Test payload that spins during return_type call with non-exact signature |
| guests/evil/src/spin/udf_signature.rs | Test payload that spins during signature retrieval |
| guests/evil/src/spin/udfs.rs | Test payload that spins during UDF list retrieval |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Closes #15. Co-authored-by: Copilot <[email protected]>
crepererum
force-pushed
the
crepererum/epoch
branch
from
d9f3e69 to
ddc6396
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #15.