-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WASI preopen_dir holds on to Windows resource #132
Comments
Discussed more in: bytecodealliance/wasmtime-py#132
This came up in a migration from wasmer to wasmtime: InsightSoftwareConsortium/ITK-Wasm#773 |
To some extent this is a difference between how Unix and Windows work. In some cases though, and perhaps this one, it's possible to paper over the differences. My guess is that the WASI support for preopening files holds open handles and the open handles are preventing deletion. This can probably be fixed by either:
|
Is the issue here that the embedding is trying to remove the temporary directory before destroying the WasiCtx which is holding a handle to the temporary directory? |
Agreed, I think this would be ideal.
We have a situation where something outside the embedding tries to remove the directory before the WasiCtx is destroyed. |
Currently, Wasmtime deliberately sets the flags that prevent concurrent deletion, on the interpretation that preopens are granted to a WASI context in the form of handles, rather than paths. Wasmtime thinks the job of the engine is to ensure that the guest has access to what's referenced by the handles, not to other things that might occupy the same path over time if the original contents are deleted. For example, if the directory is created by something like Python's I'm open to making changes here, but it's important for us to guard against this kind of unintended pathname reuse bug. |
@sunfishcode, ah, I see your point on the need to not provided unintended access to a directory. I do not know how wasmtime is implemented, but is it possible to retain the preopen identifier as a handle, so we do not provide access to a "different" directory, but not set the flags to prevent deletion outside of the wasmtime engine? Or something similar? |
The main Windows APIs lack a way to do something analogous to a Unix The Windows kernel API does have a function called |
The preopen_dir WASI support seems to hold onto Windows directory resources, which prevents removal of the directory, etc.
This is demonstrated by #131 , which will result in:
The text was updated successfully, but these errors were encountered: