Wasmtime GitHub notifications bot (Jan 26 2026 at 19:20): Wasmtime GitHub notifications bot (Jan 26 2026 at 19:20):cfallin opened PR #12435 from cfallin:fix-cve to bytecodealliance:main:
<!--
Please make sure you include the following information:
If this work has been discussed elsewhere, please include a link to that
conversation. If it was discussed in an issue, just mention "issue #...".Explain why this change is needed. If the details are in an issue already,
this can be brief.Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.htmlPlease ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:20):cfallin requested alexcrichton for a review on PR #12435.
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:20):cfallin requested wasmtime-compiler-reviewers for a review on PR #12435.
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:20):cfallin requested wasmtime-core-reviewers for a review on PR #12435.
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:21):cfallin edited PR #12435:
The implementation of the
fcopysignoperator uses vector bitwise AND
instructions on the floating-point/vector registers containing the
inputs to the operator. This is a reasonable implementation as the
instruction set does not have scalar (single-lane) bitwise
operators. However, when load-sinking automatically kicks in for an
operand to anandps, it can turn a 64-bit load (f64.load) into a
128-bit load incorrectly.This load-widening can cause out-of-bounds accesses where they were
not expected. When dynamic bounds checks are enabled, we compile
assuming the correct load-operator width is codegen'd; a too-wide load
could read beyond the checked bound, either into unmapped
memory (crashing the process) or, worse, valid data outside the
sandbox. In the case offcopysignthe result of that read is not
directly available, because it will go into the high (unused)
lane, but the out-of-bounds read itself is a problem.Thanks to louismerlin for reporting!
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:22):fitzgen submitted PR review.
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:25):cfallin has enabled auto merge for PR #12435.
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:35):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:50):cfallin removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:51):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 19:56):cfallin removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:00):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:28):github-merge-queue[bot] removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:31):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:35):cfallin commented on PR #12435:
For anyone watching, we're dealing with this incident in GitHub Runners for Windows jobs at the moment; continuing to retry periodically.
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:38):cfallin removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 20:49):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:09):cfallin removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:09):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:13):github-merge-queue[bot] removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:22):cfallin added PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. to the merge queue
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:48):github-actions[bot] added the label cranelift on PR #12435.
Wasmtime GitHub notifications bot (Jan 26 2026 at 21:48):github-actions[bot] added the label cranelift:area:x64 on PR #12435.
Wasmtime GitHub notifications bot (Jan 27 2026 at 00:22):cfallin merged PR #12435.
Wasmtime GitHub notifications bot (Jan 27 2026 at 00:22):cfallin removed PR #12435 Cranelift: x64: fix incorrect load-sinking in copysign operator. from the merge queue
Last updated: Jan 29 2026 at 13:25 UTC