alexcrichton opened PR #6968 from alexcrichton:fix-stack-overflow
to bytecodealliance:main
:
This commit removes recursion from AMode lowering rules for both the x64 and aarch64 backends. On the x64 backend this can lead to stack overflow on the host given wasm inputs during compilation due to the fact that
i32.add
goes through this path of lowering (e.g. trying to use thelea
instruction). The recursion in these rules are rewritten to hunt for constants differently in a non-recursive fashion which relies on egraph optimizations to place constants in the right place to get good code output.This PR additionally updates the AArch64 backend to remove the recursion there as well. While not reachable from wasm this is still reachable from Cranelift and is a good bug to fix regardless.
Note that the stack overflow during compilation requires optimizations to be disabled, as otherwise egraphs will already fold constants together which means that recursion won't happen deeply.
Thanks to DFINITY for notifying the security@bytecodealliance.org mailing list for this issue! We concluded this in the end wasn't a CVE-worthy issue because it requires non-default settings to trigger (e.g. disabling optimizations). This is something I'll backport to the 13 release branch, however.
alexcrichton requested wasmtime-compiler-reviewers for a review on PR #6968.
alexcrichton requested fitzgen for a review on PR #6968.
alexcrichton requested wasmtime-core-reviewers for a review on PR #6968.
cfallin submitted PR review:
Carrying over LGTM from private branch -- thanks!
alexcrichton merged PR #6968.
Last updated: Dec 23 2024 at 12:05 UTC