feat: implement process isolation for JavaScript execution to prevent hangs#5
Open
my-local-agent[bot] wants to merge 1 commit into
Open
feat: implement process isolation for JavaScript execution to prevent hangs#5my-local-agent[bot] wants to merge 1 commit into
my-local-agent[bot] wants to merge 1 commit into
Conversation
… hangs - Create js-worker.js: isolated worker process for JavaScript code execution using isolated-vm - Modify vm.handler.ts: spawn worker process instead of running code directly in main process - Add process-level timeout protection (5 seconds, consistent with Python) - Add vm.handler.spec.ts: unit tests for JavaScript execution - Update project.json: include .js worker files in build assets This addresses issue xpert-ai#234 by providing true process isolation for JavaScript code execution, preventing indefinite hangs from affecting the main process. The worker process can be forcefully terminated on timeout, ensuring system stability. Key benefits: - True process isolation: code crashes/hangs won't affect main process - Reliable timeout: worker can be killed anytime - Memory protection: worker has separate memory space - Consistent architecture: matches Python execution pattern
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses issue xpert-ai#234 by implementing true process isolation for JavaScript code execution, preventing indefinite hangs from affecting the main process. Instead of adding a timeout parameter (which is a band-aid solution), this approach provides robust process-level protection.
Problem
The current implementation executes JavaScript code directly in the main process using
isolated-vm. This has several issues:isolated-vm's timeout parameter doesn't work in all scenarios (e.g., when waiting for promises)Solution
Created a dedicated worker process (
js-worker.js) that:isolated-vmcode in a separate processSIGKILLon timeoutChanges
New Files
packages/server-ai/src/sandbox/commands/handlers/js-worker.js: Worker process for isolated JavaScript executionpackages/server-ai/src/sandbox/commands/handlers/vm.handler.spec.ts: Unit tests for the new implementationModified Files
packages/server-ai/src/sandbox/commands/handlers/vm.handler.ts: Refactored to use worker process instead of direct executionpackages/server-ai/project.json: Added.jsworker files to build assetsKey Benefits
✅ True Process Isolation: Code crashes/hangs won't affect the main process
✅ Reliable Timeout: Worker process can be killed anytime (5-second timeout, consistent with Python)
✅ Memory Protection: Worker has separate memory space with 128MB limit
✅ Consistent Architecture: Matches Python execution pattern
✅ No Breaking Changes: Maintains the same API interface
Testing
Notes
The worker includes robust module resolution to find
isolated-vmin various build environments, ensuring compatibility with different deployment setups.Fixes xpert-ai#234