Fixes to Host Call Fuzzing#840
Conversation
1. Setting sandbox snapshot to none in call_type_erased_guest_function_by_name 2. Restoring to an initial snapshot on each fuzzing iteration to avoid hitting a known memory leak. Signed-off-by: adamperlin <adamp@nanosoft.com>
6306e2d to
426baaf
Compare
| // Reset snapshot since we are mutating the sandbox state | ||
| self.snapshot = None; |
There was a problem hiding this comment.
Why are we clearing this here? Shouldn't the restore call above take care of this?
There was a problem hiding this comment.
otherwise I would have expected it too look like
There was a problem hiding this comment.
I think this is a bug: since this function is wrapping call_guest_function_by_name_no_reset and we're mutating the guest sandbox, the attached snapshot will be invalidated here, right? If we don't clear the snapshot, the restore call will hit the "snapshot exists" case and won't do the restore.
There was a problem hiding this comment.
For the moment we could change the behavior to do the snapshot and restore in the call_type_erased_guest_function_by_name though, but since it seemed more clear to do it in the fuzzing code!
There was a problem hiding this comment.
Oh, I think I miss read this. I think this is fine and mimics the 'call func'
There was a problem hiding this comment.
Ah ok, I'm glad it looks fine!
This PR prevents
fuzz_host_callfrom hitting a memory leak upon encountering host function calling errors. It restores to a known clean snapshot on each iteration. This fix should not be needed once #826 is fixed.Snapshot restore initially wasn't working in the fuzzing case due to a bug discovered by @ludfjig in
call_type_erased_guest_function_by_name(snapshot wasn't being set to None) so this bug has been fixed.This PR also more explicitly ignores some expected errors that may come up from host call fuzzing.