[GR-50990] Make options engine.CompilerThreads and engine.CompilationFailureAction available under UNTRUSTED sandbox policy.

PullRequest: graal/16825

Author: jchalou

truffle/docs/Options.md

@@ -54,6 +54,13 @@ They are useful to users and language and tool implementers.
 - `--engine.DebugCacheCompileUseLastTier=true|false` : If true uses the last tier instead of the first tier compiler. By default the last tier compiler is used (default: true).
 - `--engine.BackgroundCompilation=true|false` : Enable asynchronous truffle compilation in background threads (default: true)
 - `--engine.Compilation=true|false` : Enable or disable Truffle compilation.
+- `--engine.CompilationFailureAction=Silent|Print|Throw|Diagnose|ExitVM` : Specifies the action to take when Truffle compilation fails.
+The accepted values are:
+    Silent - Print nothing to the console.
+     Print - Print the exception to the console.
+     Throw - Throw the exception to caller.
+  Diagnose - Retry compilation with extra diagnostics enabled.
+    ExitVM - Exit the VM process.
 - `--engine.CompilerIdleDelay=<ms>` : Set the time in milliseconds an idle Truffle compiler thread will wait for new tasks before terminating. New compiler threads will be started once new compilation tasks are submitted. Select '0' to never terminate the Truffle compiler thread. The option is not supported by all Truffle runtimes. On the runtime which doesn't support it the option has no effect. default: 10000
 - `--engine.CompilerThreads=[1, inf)` : Manually set the number of compiler threads. By default, the number of compiler threads is scaled with the number of available cores on the CPU.
 - `--engine.EncodedGraphCachePurgeDelay=<ms>` : Delay, in milliseconds, after which the encoded graph cache is dropped when a Truffle compiler thread becomes idle (default: 10000).
@@ -120,13 +127,6 @@ These are internal options for debugging language implementations and tools.
 - `--engine.DebugCacheStore` : Prepares the engine for caching and stores it a static field instead of writing it to disk.
 - `--engine.DebugTraceCache` : Enables tracing for the engine cache debug feature.
 - `--engine.ArgumentTypeSpeculation=true|false` : Speculate on arguments types at call sites (default: true)
-- `--engine.CompilationFailureAction=Silent|Print|Throw|Diagnose|ExitVM` : Specifies the action to take when Truffle compilation fails.
-The accepted values are:
-    Silent - Print nothing to the console.
-     Print - Print the exception to the console.
-     Throw - Throw the exception to caller.
-  Diagnose - Retry compilation with extra diagnostics enabled.
-    ExitVM - Exit the VM process.
 - `--engine.CompilationStatisticDetails` : Print additional more verbose Truffle compilation statistics at the end of a run.
 - `--engine.CompilationStatistics` : Print Truffle compilation statistics at the end of a run.
 - `--engine.CompileAOTOnCreate` : Compiles created call targets immediately with last tier. Disables background compilation if enabled.

truffle/src/com.oracle.truffle.api.test/src/com/oracle/truffle/api/test/polyglot/SandboxPolicyTest.java

@@ -40,9 +40,19 @@
  */
 package com.oracle.truffle.api.test.polyglot;
 
-import com.oracle.truffle.api.Option;
-import com.oracle.truffle.api.TruffleLanguage;
-import com.oracle.truffle.api.instrumentation.TruffleInstrument;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.URI;
+import java.util.Collection;
+import java.util.EnumSet;
+import java.util.List;
+import java.util.Objects;
+import java.util.Properties;
+import java.util.Set;
+
 import org.graalvm.options.OptionCategory;
 import org.graalvm.options.OptionDescriptors;
 import org.graalvm.options.OptionKey;
@@ -65,18 +75,11 @@
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.URI;
-import java.util.Collection;
-import java.util.EnumSet;
-import java.util.List;
-import java.util.Objects;
-import java.util.Properties;
-import java.util.Set;
-
-import static org.junit.Assert.assertTrue;
+import com.oracle.truffle.api.Option;
+import com.oracle.truffle.api.Truffle;
+import com.oracle.truffle.api.TruffleLanguage;
+import com.oracle.truffle.api.impl.DefaultTruffleRuntime;
+import com.oracle.truffle.api.instrumentation.TruffleInstrument;
 
 @RunWith(Parameterized.class)
 public class SandboxPolicyTest {
@@ -968,6 +971,36 @@ public void testHostAccess() {
         }
     }
 
+    @Test
+    @SuppressWarnings("try")
+    public void testCompilationFailureAction() {
+        Assume.assumeTrue(configuration.hasIsolateLibrary() || !(Truffle.getRuntime() instanceof DefaultTruffleRuntime));
+        if (configuration.sandboxPolicy.isStricterOrEqual(SandboxPolicy.CONSTRAINED) &&
+                        (SandboxPolicy.ISOLATED.isStricterThan(configuration.sandboxPolicy) || configuration.hasIsolateLibrary())) {
+            for (String exceptionAction : new String[]{"Silent", "Print", "Throw", "Diagnose", "ExitVM"}) {
+                try (Engine engine = newEngineBuilder(UntrustedLanguage.ID).sandbox(configuration.sandboxPolicy).option("engine.CompilationFailureAction",
+                                exceptionAction).build()) {
+                    assertTrue("Silent".equals(exceptionAction) || "Print".equals(exceptionAction));
+                } catch (IllegalArgumentException iae) {
+                    assertTrue(!"Silent".equals(exceptionAction) && !"Print".equals(exceptionAction));
+                    assertTrue(iae.getMessage().contains("is set to " + exceptionAction + ", but must be set to Silent or Print"));
+                }
+            }
+        }
+    }
+
+    @Test
+    @SuppressWarnings({"try"})
+    public void testCompilerThreads() {
+        Assume.assumeTrue(configuration.hasIsolateLibrary() || !(Truffle.getRuntime() instanceof DefaultTruffleRuntime));
+        if (configuration.sandboxPolicy.isStricterOrEqual(SandboxPolicy.CONSTRAINED) &&
+                        (SandboxPolicy.ISOLATED.isStricterThan(configuration.sandboxPolicy) || configuration.hasIsolateLibrary())) {
+            try (Engine engine = newEngineBuilder(UntrustedLanguage.ID).sandbox(configuration.sandboxPolicy).option("engine.CompilerThreads", "1").build()) {
+                // deliberately empty
+            }
+        }
+    }
+
     private Engine.Builder newEngineBuilder(String... permittedLanguages) {
         Engine.Builder builder = Engine.newBuilder(permittedLanguages).out(OutputStream.nullOutputStream()).err(OutputStream.nullOutputStream());
         if (configuration.sandboxPolicy.isStricterOrEqual(SandboxPolicy.ISOLATED) && configuration.supportsIsolatedPolicy) {

truffle/src/com.oracle.truffle.api/src/com/oracle/truffle/api/impl/Accessor.java

@@ -1213,15 +1213,15 @@ public ThreadLocalHandshake getThreadLocalHandshake() {
 
         public abstract void flushCompileQueue(Object runtimeData);
 
-        public abstract Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory);
+        public abstract Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy);
 
         public abstract Object tryLoadCachedEngine(OptionValues runtimeData, Function<String, TruffleLogger> logger);
 
         public abstract void onEngineCreate(Object engine, Object runtimeData);
 
         public abstract boolean isStoreEnabled(OptionValues options);
 
-        public abstract void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> logSupplier);
+        public abstract void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> logSupplier, SandboxPolicy sandboxPolicy);
 
         public abstract boolean onEngineClosing(Object runtimeData);
 

truffle/src/com.oracle.truffle.api/src/com/oracle/truffle/api/impl/DefaultRuntimeAccessor.java

@@ -46,6 +46,7 @@
 
 import org.graalvm.options.OptionDescriptors;
 import org.graalvm.options.OptionValues;
+import org.graalvm.polyglot.SandboxPolicy;
 
 import com.oracle.truffle.api.Assumption;
 import com.oracle.truffle.api.CallTarget;
@@ -205,7 +206,7 @@ public void reportPolymorphicSpecialize(Node source) {
         }
 
         @Override
-        public Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory) {
+        public Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy) {
             return null;
         }
 
@@ -225,7 +226,7 @@ public boolean isStoreEnabled(OptionValues options) {
         }
 
         @Override
-        public void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory) {
+        public void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy) {
 
         }
 

truffle/src/com.oracle.truffle.polyglot/src/com/oracle/truffle/polyglot/PolyglotEngineImpl.java

@@ -335,7 +335,7 @@ final class PolyglotEngineImpl implements com.oracle.truffle.polyglot.PolyglotIm
             this.specializationStatistics = null;
         }
 
-        this.runtimeData = RUNTIME.createRuntimeData(this, engineOptions, engineLogger);
+        this.runtimeData = RUNTIME.createRuntimeData(this, engineOptions, engineLogger, sandboxPolicy);
         notifyCreated();
 
         if (!preInitialization) {
@@ -583,7 +583,7 @@ void notifyCreated() {
         }
         this.api = getAPIAccess().newEngine(impl.engineDispatch, this, true);
 
-        this.runtimeData = RUNTIME.createRuntimeData(this, prototype.engineOptionValues, prototype.engineLoggerSupplier);
+        this.runtimeData = RUNTIME.createRuntimeData(this, prototype.engineOptionValues, prototype.engineLoggerSupplier, sandboxPolicy);
         ensureInstrumentsCreated(instrumentsToCreate);
         notifyCreated();
     }
@@ -702,7 +702,7 @@ void patch(SandboxPolicy newSandboxPolicy,
         Map<PolyglotInstrument, Map<String, String>> instrumentsOptions = new HashMap<>();
         parseOptions(newOptions, languagesOptions, instrumentsOptions);
 
-        RUNTIME.onEnginePatch(this.runtimeData, engineOptions, logSupplier);
+        RUNTIME.onEnginePatch(this.runtimeData, engineOptions, logSupplier, sandboxPolicy);
 
         List<OptionDescriptor> deprecatedDescriptors = new ArrayList<>();
         for (PolyglotLanguage language : languagesOptions.keySet()) {

truffle/src/com.oracle.truffle.runtime/src/com/oracle/truffle/runtime/EngineData.java

@@ -40,7 +40,6 @@
  */
 package com.oracle.truffle.runtime;
 
-import static com.oracle.truffle.runtime.OptimizedTruffleRuntime.getRuntime;
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.ArgumentTypeSpeculation;
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.BackgroundCompilation;
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.Compilation;
@@ -78,6 +77,7 @@
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.TraversingQueueFirstTierBonus;
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.TraversingQueueFirstTierPriority;
 import static com.oracle.truffle.runtime.OptimizedRuntimeOptions.TraversingQueueWeightingBothTiers;
+import static com.oracle.truffle.runtime.OptimizedTruffleRuntime.getRuntime;
 
 import java.util.ArrayList;
 import java.util.Collection;
@@ -91,6 +91,7 @@
 
 import org.graalvm.collections.Pair;
 import org.graalvm.options.OptionValues;
+import org.graalvm.polyglot.SandboxPolicy;
 
 import com.oracle.truffle.api.CompilerDirectives.CompilationFinal;
 import com.oracle.truffle.api.TruffleLanguage;
@@ -176,18 +177,33 @@ public final class EngineData {
      */
     private volatile Map<Class<?>, Object> engineLocals;
 
-    EngineData(Object polyglotEngine, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory) {
+    EngineData(Object polyglotEngine, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy) {
         Objects.requireNonNull(polyglotEngine);
         Objects.requireNonNull(runtimeOptions);
         this.polyglotEngine = polyglotEngine;
         this.id = engineCounter.incrementAndGet();
         this.loggerFactory = loggerFactory;
-        this.loadOptions(runtimeOptions);
+        this.loadOptions(runtimeOptions, sandboxPolicy);
 
         // the splittingStatistics requires options to be initialized
         this.splittingStatistics = new TruffleSplittingStrategy.SplitStatisticsData();
     }
 
+    public static IllegalArgumentException sandboxPolicyException(SandboxPolicy sandboxPolicy, String reason, String fix) {
+        Objects.requireNonNull(sandboxPolicy);
+        Objects.requireNonNull(reason);
+        Objects.requireNonNull(fix);
+        String spawnIsolateHelp;
+        if (sandboxPolicy.isStricterOrEqual(SandboxPolicy.ISOLATED)) {
+            spawnIsolateHelp = " If you switch to a less strict sandbox policy you can still spawn an isolate with an isolated heap using Builder.option(\"engine.SpawnIsolate\",\"true\").";
+        } else {
+            spawnIsolateHelp = "";
+        }
+        String message = String.format("The validation for the given sandbox policy %s failed. %s " +
+                        "In order to resolve this %s or switch to a less strict sandbox policy using Builder.sandbox(SandboxPolicy).%s", sandboxPolicy, reason, fix, spawnIsolateHelp);
+        return new IllegalArgumentException(message);
+    }
+
     public void preinitializeContext() {
         OptimizedRuntimeAccessor.ENGINE.preinitializeContext(this.polyglotEngine);
     }
@@ -242,9 +258,9 @@ void onEngineCreated(Object engine) {
         getRuntime().getEngineCacheSupport().onEngineCreated(this);
     }
 
-    void onEnginePatch(OptionValues newRuntimeOptions, Function<String, TruffleLogger> newLoggerFactory) {
+    void onEnginePatch(OptionValues newRuntimeOptions, Function<String, TruffleLogger> newLoggerFactory, SandboxPolicy sandboxPolicy) {
         this.loggerFactory = newLoggerFactory;
-        loadOptions(newRuntimeOptions);
+        loadOptions(newRuntimeOptions, sandboxPolicy);
         getRuntime().getEngineCacheSupport().onEnginePatch(this);
     }
 
@@ -266,7 +282,7 @@ void onEngineClosed() {
         this.polyglotEngine = null;
     }
 
-    private void loadOptions(OptionValues options) {
+    private void loadOptions(OptionValues options, SandboxPolicy sandboxPolicy) {
         this.engineOptions = options;
 
         // splitting options
@@ -313,7 +329,7 @@ private void loadOptions(OptionValues options) {
         this.traceTransferToInterpreter = options.get(TraceTransferToInterpreter);
         this.traceDeoptimizeFrame = options.get(TraceDeoptimizeFrame);
         this.compilationFailureAction = options.get(CompilationFailureAction);
-        validateOptions();
+        validateOptions(sandboxPolicy);
         parsedCompileOnly = null;
 
         Map<String, String> compilerOptionValues = OptimizedTruffleRuntime.CompilerOptionsDescriptors.extractOptions(engineOptions);
@@ -421,7 +437,12 @@ public Collection<OptimizedCallTarget> getCallTargets() {
         return (Collection<OptimizedCallTarget>) OptimizedRuntimeAccessor.ENGINE.findCallTargets(polyglotEngine);
     }
 
-    private void validateOptions() {
+    private void validateOptions(SandboxPolicy sandboxPolicy) {
+        if (sandboxPolicy.isStricterOrEqual(SandboxPolicy.CONSTRAINED) && compilationFailureAction != ExceptionAction.Silent && compilationFailureAction != ExceptionAction.Print) {
+            throw OptimizedRuntimeAccessor.ENGINE.createPolyglotEngineException(
+                            sandboxPolicyException(sandboxPolicy, "The engine.CompilationFailureAction option is set to " + compilationFailureAction.name() + ", but must be set to Silent or Print.",
+                                            "use the default value (Silent) by removing Builder.option(\"engine.CompilationFailureAction\", ...) or set it to Print"));
+        }
         if (compilationFailureAction == ExceptionAction.Throw && backgroundCompilation) {
             getEngineLogger().log(Level.WARNING, "The 'Throw' value of the 'engine.CompilationFailureAction' option requires the 'engine.BackgroundCompilation' option to be set to 'false'.");
         }

truffle/src/com.oracle.truffle.runtime/src/com/oracle/truffle/runtime/OptimizedRuntimeOptions.java

@@ -133,7 +133,7 @@ public ExceptionAction apply(String s) {
         }
     });
 
-    @Option(help = ExceptionAction.HELP, usageSyntax = "Silent|Print|Throw|Diagnose|ExitVM", category = OptionCategory.INTERNAL) //
+    @Option(help = ExceptionAction.HELP, usageSyntax = "Silent|Print|Throw|Diagnose|ExitVM", category = OptionCategory.EXPERT, stability = OptionStability.STABLE, sandbox = SandboxPolicy.UNTRUSTED) //
     public static final OptionKey<ExceptionAction> CompilationFailureAction = new OptionKey<>(ExceptionAction.Silent, EXCEPTION_ACTION_TYPE);
 
     @Option(help = "Print additional more verbose Truffle compilation statistics at the end of a run.", category = OptionCategory.INTERNAL) //
@@ -158,7 +158,8 @@ public ExceptionAction apply(String s) {
     // TODO: GR-29949
     public static final OptionKey<Long> CompilerIdleDelay = new OptionKey<>(10000L);
 
-    @Option(help = "Manually set the number of compiler threads. By default, the number of compiler threads is scaled with the number of available cores on the CPU.", usageSyntax = "[1, inf)", category = OptionCategory.EXPERT) //
+    @Option(help = "Manually set the number of compiler threads. By default, the number of compiler threads is scaled with the number of available cores on the CPU.", usageSyntax = "[1, inf)", category = OptionCategory.EXPERT, //
+                    stability = OptionStability.STABLE, sandbox = SandboxPolicy.UNTRUSTED) //
     public static final OptionKey<Integer> CompilerThreads = new OptionKey<>(-1);
 
     @Option(help = "Reduce or increase the compilation threshold depending on the size of the compilation queue (default: true).", usageSyntax = "true|false", category = OptionCategory.INTERNAL) //

truffle/src/com.oracle.truffle.runtime/src/com/oracle/truffle/runtime/OptimizedRuntimeSupport.java

@@ -46,6 +46,7 @@
 
 import org.graalvm.options.OptionDescriptors;
 import org.graalvm.options.OptionValues;
+import org.graalvm.polyglot.SandboxPolicy;
 
 import com.oracle.truffle.api.Assumption;
 import com.oracle.truffle.api.CallTarget;
@@ -300,8 +301,8 @@ public boolean isStoreEnabled(OptionValues options) {
     }
 
     @Override
-    public Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory) {
-        return new EngineData(engine, engineOptions, loggerFactory);
+    public Object createRuntimeData(Object engine, OptionValues engineOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy) {
+        return new EngineData(engine, engineOptions, loggerFactory, sandboxPolicy);
     }
 
     @Override
@@ -310,8 +311,8 @@ public void onEngineCreate(Object engine, Object runtimeData) {
     }
 
     @Override
-    public void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory) {
-        ((EngineData) runtimeData).onEnginePatch(runtimeOptions, loggerFactory);
+    public void onEnginePatch(Object runtimeData, OptionValues runtimeOptions, Function<String, TruffleLogger> loggerFactory, SandboxPolicy sandboxPolicy) {
+        ((EngineData) runtimeData).onEnginePatch(runtimeOptions, loggerFactory, sandboxPolicy);
     }
 
     @Override