RubyGems - kobako - Versions diffs - 0.3.0 → 0.5.0 - Mend

kobako 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (98) hide show

checksums.yaml +4 -4
data/.release-please-manifest.json +1 -0
data/CHANGELOG.md +29 -0
data/Cargo.lock +1 -1
data/README.md +85 -6
data/data/kobako.wasm +0 -0
data/ext/kobako/Cargo.toml +1 -1
data/ext/kobako/src/lib.rs +4 -2
data/ext/kobako/src/{wasm → runtime}/cache.rs +22 -18
data/ext/kobako/src/runtime/capture.rs +91 -0
data/ext/kobako/src/runtime/config.rs +26 -0
data/ext/kobako/src/runtime/dispatch.rs +211 -0
data/ext/kobako/src/runtime/exports.rs +51 -0
data/ext/kobako/src/runtime/guest_mem.rs +228 -0
data/ext/kobako/src/{wasm/host_state.rs → runtime/invocation.rs} +195 -81
data/ext/kobako/src/runtime/trap.rs +134 -0
data/ext/kobako/src/runtime.rs +782 -0
data/ext/kobako/src/snapshot.rs +110 -0
data/lib/kobako/capture.rb +11 -16
data/lib/kobako/catalog/handles.rb +107 -0
data/lib/kobako/catalog/namespaces.rb +99 -0
data/lib/kobako/{snippet/table.rb → catalog/snippets.rb} +37 -62
data/lib/kobako/catalog.rb +18 -0
data/lib/kobako/codec/decoder.rb +13 -7
data/lib/kobako/codec/factory.rb +21 -18
data/lib/kobako/codec/utils.rb +118 -29
data/lib/kobako/codec.rb +6 -3
data/lib/kobako/errors.rb +45 -28
data/lib/kobako/fault.rb +40 -0
data/lib/kobako/handle.rb +60 -0
data/lib/kobako/namespace.rb +67 -0
data/lib/kobako/outcome.rb +55 -29
data/lib/kobako/runtime.rb +30 -0
data/lib/kobako/sandbox.rb +131 -67
data/lib/kobako/sandbox_options.rb +6 -9
data/lib/kobako/snapshot.rb +40 -0
data/lib/kobako/snippet/binary.rb +6 -7
data/lib/kobako/snippet/source.rb +8 -8
data/lib/kobako/snippet.rb +7 -9
data/lib/kobako/transport/dispatcher.rb +195 -0
data/lib/kobako/transport/error.rb +24 -0
data/lib/kobako/transport/request.rb +78 -0
data/lib/kobako/transport/response.rb +69 -0
data/lib/kobako/transport/run.rb +141 -0
data/lib/kobako/transport/yield.rb +91 -0
data/lib/kobako/transport/yielder.rb +89 -0
data/lib/kobako/transport.rb +24 -0
data/lib/kobako/usage.rb +41 -0
data/lib/kobako/version.rb +1 -1
data/lib/kobako.rb +4 -3
data/release-please-config.json +24 -0
data/sig/kobako/capture.rbs +0 -2
data/sig/kobako/{rpc/handle_table.rbs → catalog/handles.rbs} +3 -9
data/sig/kobako/catalog/namespaces.rbs +17 -0
data/sig/kobako/{snippet/table.rbs → catalog/snippets.rbs} +2 -11
data/sig/kobako/{rpc.rbs → catalog.rbs} +1 -1
data/sig/kobako/codec/decoder.rbs +2 -1
data/sig/kobako/codec/factory.rbs +3 -3
data/sig/kobako/codec/utils.rbs +11 -1
data/sig/kobako/errors.rbs +7 -7
data/sig/kobako/fault.rbs +19 -0
data/sig/kobako/handle.rbs +18 -0
data/sig/kobako/namespace.rbs +19 -0
data/sig/kobako/outcome.rbs +2 -2
data/sig/kobako/runtime.rbs +23 -0
data/sig/kobako/sandbox.rbs +10 -7
data/sig/kobako/snapshot.rbs +15 -0
data/sig/kobako/transport/dispatcher.rbs +34 -0
data/sig/kobako/transport/error.rbs +6 -0
data/sig/kobako/transport/request.rbs +32 -0
data/sig/kobako/transport/response.rbs +30 -0
data/sig/kobako/transport/run.rbs +27 -0
data/sig/kobako/transport/yield.rbs +34 -0
data/sig/kobako/transport/yielder.rbs +21 -0
data/sig/kobako/transport.rbs +4 -0
data/sig/kobako/usage.rbs +11 -0
metadata +52 -30
data/ext/kobako/src/wasm/dispatch.rs +0 -161
data/ext/kobako/src/wasm/instance.rs +0 -771
data/ext/kobako/src/wasm.rs +0 -125
data/lib/kobako/invocation.rb +0 -112
data/lib/kobako/rpc/dispatcher.rb +0 -169
data/lib/kobako/rpc/envelope.rb +0 -118
data/lib/kobako/rpc/fault.rb +0 -41
data/lib/kobako/rpc/handle.rb +0 -39
data/lib/kobako/rpc/handle_table.rb +0 -107
data/lib/kobako/rpc/namespace.rb +0 -74
data/lib/kobako/rpc/server.rb +0 -158
data/lib/kobako/rpc.rb +0 -11
data/lib/kobako/wasm.rb +0 -25
data/sig/kobako/invocation.rbs +0 -23
data/sig/kobako/rpc/dispatcher.rbs +0 -33
data/sig/kobako/rpc/envelope.rbs +0 -51
data/sig/kobako/rpc/fault.rbs +0 -20
data/sig/kobako/rpc/handle.rbs +0 -19
data/sig/kobako/rpc/namespace.rbs +0 -24
data/sig/kobako/rpc/server.rbs +0 -37
data/sig/kobako/wasm.rbs +0 -39

data/ext/kobako/src/runtime/trap.rs ADDED Viewed

@@ -0,0 +1,134 @@
+//! Trap classification for the run path.
+//!
+//! Maps a `wasmtime` run error to the right top-level `Kobako::*` Ruby
+//! exception (`TimeoutError` / `MemoryLimitError` / `TrapError`), and
+//! hosts the epoch-deadline callback that raises the wall-clock
+//! `TimeoutTrap`. The classification is a pure function over the error's
+//! downcast chain so it can be exercised from `cargo test` without the
+//! magnus surface; the trap marker types themselves live in
+//! `super::invocation` (where the limiter / callback construct them).
+use std::time::Instant;
+use magnus::{Error as MagnusError, Ruby};
+use wasmtime::{StoreContextMut, UpdateDeadline};
+use super::invocation::{Invocation, MemoryLimitTrap, TimeoutTrap};
+use super::{memory_limit_err, setup_err, timeout_err, trap_err};
+/// Epoch-deadline callback installed on every Store. Read the per-run
+/// wall-clock deadline from `Invocation` (docs/behavior.md B-01) and trap with
+/// `TimeoutTrap` once the deadline has passed; otherwise extend the
+/// next check by one tick of the process-wide epoch ticker. When the
+/// deadline is `None` the callback should not fire under normal
+/// `Runtime::eval` / `Runtime::run` flow because
+/// `set_epoch_deadline(u64::MAX)` is used; returning a long extension
+/// keeps the callback inert as a defence in depth.
+pub(super) fn epoch_deadline_callback(
+    ctx: StoreContextMut<'_, Invocation>,
+) -> wasmtime::Result<UpdateDeadline> {
+    match ctx.data().deadline() {
+        Some(deadline) if Instant::now() >= deadline => Err(wasmtime::Error::new(TimeoutTrap)),
+        Some(_) => Ok(UpdateDeadline::Continue(1)),
+        None => Ok(UpdateDeadline::Continue(u64::MAX / 2)),
+    }
+}
+/// Configured-cap path classification for a wasmtime error. The
+/// downcast logic stays in a pure helper so the
+/// `Kobako::TimeoutError` / `MemoryLimitError` /
+/// `Kobako::TrapError` mapping can be exercised from `cargo test`
+/// without the magnus surface.
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+enum TrapClass {
+    /// docs/behavior.md E-19 wall-clock cap path.
+    Timeout,
+    /// docs/behavior.md E-20 linear-memory cap path.
+    MemoryLimit,
+    /// Any other wasmtime error — surfaces as the base
+    /// `Kobako::TrapError`.
+    Other,
+}
+/// Inspect a wasmtime error to decide which top-level `Kobako::*` trap
+/// class it should map to. Pure function — operates on the error's
+/// downcast chain only, no magnus / Ruby state required.
+fn classify_trap(err: &wasmtime::Error) -> TrapClass {
+    if err.downcast_ref::<TimeoutTrap>().is_some() {
+        TrapClass::Timeout
+    } else if err.downcast_ref::<MemoryLimitTrap>().is_some() {
+        TrapClass::MemoryLimit
+    } else {
+        TrapClass::Other
+    }
+}
+/// Map a wasmtime call error to the right top-level `Kobako::*` Ruby
+/// exception class. The ABI export symbol (`__kobako_eval` /
+/// `__kobako_run`) is deliberately omitted from the message — the
+/// Sandbox layer attaches the user-facing verb (`Sandbox#eval` /
+/// `Sandbox#run`) so the message reads in caller vocabulary rather
+/// than ABI vocabulary.
+///
+/// For the configured-cap paths (`TrapClass::Timeout` /
+/// `TrapClass::MemoryLimit`) the trap's own `std::fmt::Display`
+/// carries the user-facing reason (`"wall-clock deadline exceeded"`,
+/// `"linear memory growth exceeded memory_limit: ..."`). The wasmtime
+/// outer wrapper at `format!("{}", err)` would otherwise surface only
+/// the `"error while executing at wasm backtrace: ..."` framing, which
+/// is operator noise on a cap trap. For `TrapClass::Other` the
+/// wasmtime wrapper IS the diagnostic (real script trap) so it stays.
+pub(super) fn call_err(ruby: &Ruby, err: wasmtime::Error) -> MagnusError {
+    match classify_trap(&err) {
+        TrapClass::Timeout => {
+            let msg = err
+                .downcast_ref::<TimeoutTrap>()
+                .map(|t| t.to_string())
+                .unwrap_or_else(|| format!("{}", err));
+            timeout_err(ruby, msg)
+        }
+        TrapClass::MemoryLimit => {
+            let msg = err
+                .downcast_ref::<MemoryLimitTrap>()
+                .map(|t| t.to_string())
+                .unwrap_or_else(|| format!("{}", err));
+            memory_limit_err(ruby, msg)
+        }
+        TrapClass::Other => trap_err(ruby, format!("{}", err)),
+    }
+}
+/// Map an instantiation error to `Kobako::SetupError`. Instantiation runs
+/// during `from_path` construction, before any invocation — docs/behavior.md
+/// E-41 classifies every such failure as a construction setup fault, not a
+/// per-invocation cap outcome. The memory cap is dormant during
+/// instantiation (see `Invocation::arm_memory_cap` /
+/// `Invocation::disarm_memory_cap`) and the epoch deadline is not yet
+/// armed, so the `call_err` trap-class split does not apply here.
+pub(super) fn instantiate_err(ruby: &Ruby, err: wasmtime::Error) -> MagnusError {
+    setup_err(ruby, format!("instantiate: {}", err))
+}
+#[cfg(test)]
+mod tests {
+    use super::{classify_trap, TrapClass};
+    use crate::runtime::invocation::{MemoryLimitTrap, TimeoutTrap};
+    #[test]
+    fn classify_trap_routes_timeout_trap_to_timeout() {
+        let err = wasmtime::Error::new(TimeoutTrap);
+        assert_eq!(classify_trap(&err), TrapClass::Timeout);
+    }
+    #[test]
+    fn classify_trap_routes_memory_limit_trap_to_memory_limit() {
+        let err = wasmtime::Error::new(MemoryLimitTrap::new(1 << 20, 1 << 19));
+        assert_eq!(classify_trap(&err), TrapClass::MemoryLimit);
+    }
+    #[test]
+    fn classify_trap_falls_back_to_other_for_unknown_errors() {
+        let err = wasmtime::Error::msg("some other wasmtime fault");
+        assert_eq!(classify_trap(&err), TrapClass::Other);
+    }
+}