Skip to content

fix(fspy): use memfd for Linux shared memory#523

Merged
wan9chi merged 10 commits into
mainfrom
linux-memfd-shm
Jul 11, 2026
Merged

fix(fspy): use memfd for Linux shared memory#523
wan9chi merged 10 commits into
mainfrom
linux-memfd-shm

Conversation

@wan9chi

@wan9chi wan9chi commented Jul 9, 2026

Copy link
Copy Markdown
Member

Motivation

Stop Linux file-access tracking from consuming the container's /dev/shm quota and crashing with SIGBUS.

Changes

  • Replaces POSIX shared memory with a sealed memfd.
  • Uses an abstract Unix socket broker to send the descriptor to each opener.
  • Runs the broker asynchronously and keeps the preload client synchronous.
  • Stops new opens when the owner is dropped while keeping existing mappings valid.
  • Sets close-on-exec and derives the mapping length from the sealed descriptor.
  • Covers concurrent and invalid opens.
  • Updates the constrained-/dev/shm fixture to succeed.

Fixes #353

wan9chi commented Jul 9, 2026

Copy link
Copy Markdown
Member Author

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 308b887e8b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread crates/fspy_shm/src/linux/broker.rs Outdated
Comment thread crates/fspy_shm/src/lib.rs Outdated
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from aaaf01b to a64e9b8 Compare July 9, 2026 07:57
@wan9chi wan9chi force-pushed the linux-memfd-shm branch from 308b887 to 379cedd Compare July 9, 2026 07:57
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from a64e9b8 to ae72983 Compare July 9, 2026 14:16
@wan9chi wan9chi force-pushed the linux-memfd-shm branch from 379cedd to 67534d3 Compare July 9, 2026 14:16
@wan9chi wan9chi marked this pull request as draft July 10, 2026 01:16
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from ae72983 to ac080f6 Compare July 10, 2026 06:02
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from ac080f6 to ca12e8b Compare July 10, 2026 06:57
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from ca12e8b to 4119fee Compare July 10, 2026 07:04
@wan9chi wan9chi force-pushed the linux-memfd-shm branch 2 times, most recently from 3f7527b to a6a417e Compare July 10, 2026 07:14
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from 4119fee to d949311 Compare July 10, 2026 07:14
@wan9chi wan9chi force-pushed the constrained-dev-shm-e2e branch from 0f5cacc to cf3315b Compare July 10, 2026 23:37

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a55127096e

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread crates/fspy_shm/src/linux/broker.rs
@wan9chi wan9chi changed the base branch from constrained-dev-shm-e2e to graphite-base/523 July 10, 2026 23:40
@wan9chi wan9chi force-pushed the graphite-base/523 branch from cf3315b to 9e72876 Compare July 10, 2026 23:40
@graphite-app graphite-app Bot changed the base branch from graphite-base/523 to main July 10, 2026 23:41
@wan9chi wan9chi marked this pull request as draft July 10, 2026 23:43
wan9chi and others added 10 commits July 11, 2026 08:36
Replace the Linux /dev/shm-backed adapter with a sealed memfd mapping. Each client connection receives the descriptor immediately from a broker task on the ambient Tokio runtime. Dropping the owner cancels the broker, while already-open mappings remain valid.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
Co-authored-by: GPT-5 Codex <codex@openai.com>
@wan9chi wan9chi marked this pull request as ready for review July 11, 2026 00:44
@wan9chi wan9chi merged commit 14807a2 into main Jul 11, 2026
16 checks passed

wan9chi commented Jul 11, 2026

Copy link
Copy Markdown
Member Author

Merge activity

@wan9chi wan9chi deleted the linux-memfd-shm branch July 11, 2026 00:45

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: cc96f186e1

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +99 to +100
let address = SocketAddrUnix::new_abstract_name(id.as_bytes())?;
connect(&socket, &address)?;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Avoid namespace-scoped broker addresses

When a traced task execs a descendant after entering another network namespace (for example through unshare -n or a sandbox helper), Linux abstract AF_UNIX names are looked up in that new namespace, so this connect cannot reach the broker that was bound in the parent namespace. The preload constructor treats ChannelConf::sender() failures as ipc_sender: None and then drops all accesses from that process, which can leave cache inputs incomplete for those sandboxed subtrees; use a namespace-independent handoff such as an inherited broker fd or an accessible filesystem socket instead.

Useful? React with 👍 / 👎.

wan9chi added a commit to voidzero-dev/vite-plus that referenced this pull request Jul 15, 2026
Bumps the `vite-task` git dependency from `cb580c2` to `4003f65`.

## Changes

The delta is entirely internal `fspy` (file-access tracking)
shared-memory work — no user-facing CLI flags, config fields, or
behavior changes, so no docs updates were needed.

- **fix(fspy):** use `memfd` for Linux shared memory — automatic
file-access tracking on Linux now works in containers and Kubernetes
runners with limited `/dev/shm` space
([#523](voidzero-dev/vite-task#523),
[#353](voidzero-dev/vite-task#353))
- **perf(fspy):** use sparse Windows shared memory — Windows file-access
tracking now uses sparse temporary backing files where supported,
avoiding upfront allocation of the full backing file on disk
([#524](voidzero-dev/vite-task#524))
- **refactor(fspy):** own macOS shared-memory mapping
([#526](voidzero-dev/vite-task#526))
- **docs/test(fspy):** document shared-memory facade ownership semantics
([#521](voidzero-dev/vite-task#521)); reproduce
constrained dev shm failure
([#522](voidzero-dev/vite-task#522))

The lockfile change reflects this refactor: `fspy` now pulls in `memfd`
and drops `shared_memory`.

## Validation

- `cargo check --workspace` passes — the new `vite-task` compiles
cleanly, confirming no breaking changes on the consuming side (including
`vite_cli_snapshots`, which compiles against vite-task's PTY/snapshot
test crates).
- vite-plus crate tests pass. (One pre-existing, environment-specific
stack overflow in `vite_global_cli`'s
`unknown_argument_detected_with_pass_as_value_hint` clap-parsing test
reproduces identically on `main` and is unrelated to this bump.)
- PTY snapshot output is unchanged by the bump; the remaining local
snapshot diffs in this sandbox are all environmental (no built
`packages/cli/dist`, plus registry TLS/network restrictions), left to
CI, which builds the JS CLI and has registry access.

## Changelog

Full vite-task CHANGELOG diff:
``https://github.com/voidzero-dev/vite-task/compare/cb580c214bb2314fc1f633a3812782c9b3a1d956...4003f65a3e5e3d957ff81b157e85e6ee41cc59fc#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed``

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---
_Generated by [Claude
Code](https://claude.ai/code/session_01YERo1yECf81w37US2Gqnow)_

Co-authored-by: Claude <noreply@anthropic.com>
wan9chi added a commit to voidzero-dev/vite-plus that referenced this pull request Jul 16, 2026
)

Release vite-plus v0.2.5: Cleaner environments and more reliable
workflows.

This release adds cleanup and package version commands, supports
TypeScript 7 declaration generation, reduces the standalone binary size,
and hardens task tracking, CLI output, package-manager routing, Docker
workflows, and project scaffolding.

### Highlights

- Add `vp env clean` to remove unused managed Node.js runtimes and
package-manager caches
([#2003](#2003)), by
@liangmiQwQ
- Add `vp pm version`, forwarding native version commands to npm, pnpm,
Yarn, and Bun
([#2127](#2127)), by
@jong-kyung
- Add TypeScript 7 support to declaration generation and generated
library projects with tsdown `0.22.7`
([#2104](#2104),
[#2168](#2168)), by
@wan9chi
- Improve automatic task input tracking for Bun on macOS, Linux
containers with constrained `/dev/shm`, and Windows process images,
reduce Windows backing-file allocation, and clarify task wait failures
([vite-task#515](voidzero-dev/vite-task#515),
[vite-task#518](voidzero-dev/vite-task#518),
[vite-task#523](voidzero-dev/vite-task#523),
[vite-task#524](voidzero-dev/vite-task#524),
[vite-task#542](voidzero-dev/vite-task#542),
[#2126](#2126),
[#2167](#2167)), by
@wan9chi
- Prevent CLI diagnostics from truncating or panicking when inherited
standard output or error is nonblocking
([#2172](#2172),
[#2173](#2173)), by
@wan9chi

### Fixes & Enhancements

- Reduce standalone `vp` binary sizes by about 5% on Linux and macOS and
19% on Windows
([#2043](#2043)), by
@fengmk2
- Keep the Docker image non-root by default while allowing passwordless
`sudo` for Playwright browser dependencies and system packages
([#2088](#2088)), by
@fengmk2
- Ignore `.env` and `.env.*` in generated projects while keeping
`.env.example` trackable
([#2095](#2095)), by
@forehalo
- Create `vp-use.cmd` after the Windows environment bin directory is
ready and document its Command Prompt-only usage
([#2128](#2128)), by
@liangmiQwQ
- Render user-facing process statuses and paths without Rust debug
wrappers ([#2130](#2130)),
by @liangmiQwQ
- Make `vp dedupe` fall back to `yarn install` with a warning on Yarn
Classic ([#2139](#2139)),
by @jong-kyung
- Ensure package-manager child processes, including Bun, can always find
the managed Node.js runtime
([#2158](#2158)), by
@BlankParticle

### Docs

- Update the release-manager post-release guidance
([#2096](#2096)), by
@wan9chi
- Add Windows to the Namespace sponsor credit
([#2108](#2108)), by
@fengmk2
- Document installer and runtime environment variables, registry
settings, TLS options, and precedence rules
([#2114](#2114)), by
@yukinoshi
- Mark shell examples in `CONTRIBUTING.md` as Bash code blocks
([#2159](#2159)), by
@BlankParticle

### Chore

- Assign prepared release PRs to the workflow actor
([#2094](#2094)), by
@wan9chi
- Complete the PTY snapshot migration and harden the runner, fixtures,
release-version redaction, registry teardown, timeouts, and Linux
parallelism
([#2071](#2071),
[#2080](#2080),
[#2084](#2084),
[#2099](#2099),
[#2102](#2102),
[#2103](#2103),
[#2107](#2107),
[#2109](#2109),
[#2115](#2115),
[#2117](#2117),
[#2118](#2118),
[#2119](#2119),
[#2120](#2120),
[#2121](#2121),
[#2131](#2131),
[#2132](#2132),
[#2134](#2134),
[#2137](#2137),
[#2138](#2138),
[#2141](#2141),
[#2143](#2143),
[#2145](#2145),
[#2182](#2182)), by
@fengmk2 and @wan9chi
- Expose Vite+ managed binaries consistently inside snapshot fixtures
([#2110](#2110)), by
@liangmiQwQ
- Exclude PTY snapshot configuration from Vitest discovery and remove
the legacy snapshot infrastructure
([#2135](#2135),
[#2146](#2146)), by
@jong-kyung
- Modernize Windows runners, registry bridge publishing, native size
reporting, merge-base comparisons, and package-manager installation CI
([#2083](#2083),
[#2100](#2100),
[#2105](#2105),
[#2106](#2106),
[#2112](#2112),
[#2133](#2133)), by
@fengmk2
- Verify that created monorepo libraries emit declarations in CI
([#2171](#2171)), by
@wan9chi

### Bundled Versions

| Tool | Version | Source |
| --------------- | ------- |
-----------------------------------------------------------------------
|
| vite | `8.1.4` |
[`a477454`](vitejs/vite@a477454)
|
| rolldown | `1.1.5` |
[`f09947a`](rolldown/rolldown@f09947a)
|
| tsdown | `0.22.7` | [npm](https://npmx.dev/package/tsdown/v/0.22.7) |
| vitest | `4.1.10` | [npm](https://npmx.dev/package/vitest/v/4.1.10) |
| oxlint | `1.73.0` | [npm](https://npmx.dev/package/oxlint/v/1.73.0) |
| oxlint-tsgolint | `0.24.0` |
[npm](https://npmx.dev/package/oxlint-tsgolint/v/0.24.0) |
| oxfmt | `0.58.0` | [npm](https://npmx.dev/package/oxfmt/v/0.58.0) |

### Upgrade

```bash
vp upgrade
```

### New Contributors

Welcome @yukinoshi and @BlankParticle.

**Full Changelog**:
v0.2.4...v0.2.5

---

Merging this PR will trigger the release workflow.

---------

Co-authored-by: voidzero-guard[bot] <278573678+voidzero-guard[bot]@users.noreply.github.com>
Co-authored-by: wan9chi <dk4rest@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

vitest worker SIGBUS on /dev/shm-constrained hosts with task cache enabled

1 participant