ref-fvm
ref-fvm copied to clipboard
filecoin-project
sdk: set a panic handler to pipe extra info
Context
Right now, eventual actor panics raise a Wasm trap which is caught by the invocation container (find description of logic here) and converted to an aborto with exit code SysErrActorPanic at the FVM level.
Proposal
Having the SDK set a panic handler would allow us to pipe extra information to the client, presumably for logging purposes. The panic handler could then abort with SysErrActorPanic and record the backtrace in the log file for later inspection. The node would only actually handle the backtrace if debug mode is enabled (which we would do when, e.g. getting execution traces). This is to avoid actor-driven spamming of log files.
Something to consider is whether we want to charge for the message being sent through. Probably not because the actor would've already incurred memory expansion cost to create that message. And enabling debug is an explicit opt-in user action that should come with big warning labels.
Obviously, there is no guarantee that user-deployed actor will use the SDK, so this issue doesn't imply the removal of panic handling logic at the FVM level.
We currently catch panics inside the bultin-actors, and turn them into USR_ASSERTION_FAILED exit codes (sending the panic message to the kernel via the abort call). But this functionality lives in the builtin-actors runtime, not the sdk.
