gecko-dev

shravanrn@gmail.com d475a75904 Bug 1670878: Instantiating a large number of wasm library sandboxes crashes due to overuse of file descriptors r=tjr Instantiating a wasm library duplicates a file descriptor for /dev/null 3 times to be used as input, output and error streams for the wasm sandboxed code. When a lot of sandboxes are created and destroyed, a lot of descriptors are duplicated and closed. While this should be fine, POSIX does not seem to happy with the opening and closing of many file descriptors --- this could perhaps be some strange interaction with Firefox's seccomp filters and cross-process file descriptor handling as it is difficult to repro this outside of firefox. However, the simpler fix here was to just eliminate the duplication of /dev/null and return an error when input, output or error streams are accessed by wasm sandboxed code. This means calls to printf will fail, but no code I know off actually checks the int error code returned by printf and this change is certainly compatible with existing sandboxed components. Differential Revision: https://phabricator.services.mozilla.com/D99160	2020-12-09 21:54:03 +00:00
..
config.in	Bug 1670878: Instantiating a large number of wasm library sandboxes crashes due to overuse of file descriptors r=tjr	2020-12-09 21:54:03 +00:00

shravanrn@gmail.com d475a75904 Bug 1670878: Instantiating a large number of wasm library sandboxes crashes due to overuse of file descriptors r=tjr

Instantiating a wasm library duplicates a file descriptor for /dev/null 3 times to be used as input, output and error streams for the wasm sandboxed code. When a lot of sandboxes are created and destroyed, a lot of descriptors are duplicated and closed. While this should be fine, POSIX does not seem to happy with the opening and closing of many file descriptors --- this could perhaps be some strange interaction with Firefox's seccomp filters and cross-process file descriptor handling as it is difficult to repro this outside of firefox.

However, the simpler fix here was to just eliminate the duplication of /dev/null and return an error when input, output or error streams are accessed by wasm sandboxed code. This means calls to printf will fail, but no code I know off actually checks the int error code returned by printf and this change is certainly compatible with existing sandboxed components.

Differential Revision: https://phabricator.services.mozilla.com/D99160

2020-12-09 21:54:03 +00:00

config.in

Bug 1670878: Instantiating a large number of wasm library sandboxes crashes due to overuse of file descriptors r=tjr

2020-12-09 21:54:03 +00:00