| 12:58 | <Mathieu Hofman> | Yeah there are no availability guarantees in ShadowRealm or Compartments. In general anything running in the same agent. Preempting a drain of the promise jobs queue is an interesting idea, but I feel very unsure about letting any code running in the same agent after that. It's like catching an OOM but worse, the program can't really make any assumption in what state it's in anymore. |
| 13:02 | <Mathieu Hofman> | I suppose if you could prove that only some of the shadow realms had any jobs on the queue, or calls on the stack when preempted you could just condemn those realms, but I'm not sure that's sufficient. At the very least you'd need some way to trigger execution in that isolated realm without letting your own realm become collateral damage if it gets preempted, and know when/if that realm becomes condemned. |
| 13:06 | <Mathieu Hofman> | I think by definition that makes the trigger of execution asynchronous, and prevents you from having any of the triggering realm's functions interleaved on the stack. At which point you might as well run in a different agent. |
| 13:11 | <Mathieu Hofman> | FYI, Moddable implemented metering in XS for us. It does a deterministic measurement of work done in the agent, and can interrupt execution if it passes a given threshold. All this is on the embedder side however, and there are only minimal host APIs exposed to JS to temporarily suspend metering. |