alt Hacker NewsDo you have any plans to add timeouts or some other mechanism for limiting the amount of CPU a webassembly call can use?
I'm always interested in options for using WebAssembly as a sandbox to run untrusted code, but one of the things I need to protect against is an infinite loop.
(I had Claude knock up an experimental Python binding to try Epsilon out, notes from that here: https://github.com/simonw/research/tree/main/epsilon-python-... )
Replies
wazero has supported context cancellation for a long time :) https://github.com/wazero/wazero/blob/9286448974219ab3be0931...
Yes, I am considering using something like https://pkg.go.dev/context for this very purpose, though I need to read a bit more into it first.
Funny that you built a Python wrapper as I originally started this implementation in Python, which was...not a good idea. Claude hallucinated the acknowledgments section though :D
Limiting the CPU vs protecting against an infinite loop are two different problems. The former is usually solved by sandboxing and using the limiters exposed by it, while the latter can be easily solved by just adding a cancellation timeout, when the function call/process/API call/whatever takes longer than X seconds, cancel it and return an error.
I believe that wasmtime has some sort of mechanism for this called Gas if I'm not mistaken.
I'm working on an embeddable mini VM (RISC-V rather than WASM) and am considering this. In my model, there's something akin to a hardware watchdog where the VM is considered hung if it executes too many instructions without calling a yield() function in the host, then there's the ability to set a maximum number of instructions to execute before returning to the caller.
This lets it be handled asynchronously at the pace the host code chooses https://github.com/ringtailsoftware/uvm32