Stream: git-wasmtime

Topic: wasmtime / PR #8317 Cranelift: Do not dedupe/GVN bitcasts...

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 19:58):

fitzgen opened PR #8317 from fitzgen:dont-optimize-bitcast-from-r64 to bytecodealliance:main:

Deduping bitcasts to integers from references can make the references no long
longer live across safepoints, and instead only the bitcasted integer results
would be. Because the reference is no longer live after the safepoint, the
safepoint's stack map would not have an entry for the reference, which could
result in the collector reclaiming an object too early, which is basically a
use-after-free bug. Luckily, we sandbox the GC heap now, so such UAF bugs aren't
memory unsafe, but they could potentially result in denial of service
attacks. Either way, we don't want those bugs!

On the other hand, it is technically fine to dedupe bitcasts to reference
types. Doing so extends, rather than shortens, the live range of the GC
reference. This potentially adds it to more stack maps than it otherwise would
have been in, which means it might unnecessarily survive a GC it otherwise
wouldn't have. But that is fine. Shrinking live ranges of GC references, and
removing them from stack maps they otherwise should have been in, is the
problematic transformation.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 19:58):

fitzgen requested elliottt for a review on PR #8317.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 19:58):

fitzgen requested wasmtime-compiler-reviewers for a review on PR #8317.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 19:58):

fitzgen requested alexcrichton for a review on PR #8317.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 19:58):

fitzgen requested wasmtime-core-reviewers for a review on PR #8317.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 20:45):

github-actions[bot] commented on PR #8317:

Subscribe to Label Action

cc @peterhuene

<details>
This issue or pull request has been labeled: "cranelift", "cranelift:area:machinst", "wasmtime:api"

Thus the following users have been cc'd because of the following labels:

To subscribe or unsubscribe from this label, edit the <code>.github/subscribe-to-label.json</code> configuration file.

Learn more.
</details>

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 22:34):

elliottt submitted PR review:

Makes sense to me!

view this post on Zulip Wasmtime GitHub notifications bot (Apr 08 2024 at 23:08):

fitzgen merged PR #8317.

Last updated: Oct 23 2024 at 20:03 UTC