alexcrichton opened issue #4626:
Given this input wasm:
$ export CARGO_PROFILE_RELEASE_DEBUG_ASSERTIONS=true $ cargo run --release --features all-arch compile adapter.wasm --wasm-features all Finished release [optimized] target(s) in 0.15s Running `target/release/wasmtime compile adapter.wasm --wasm-features all` thread '<unnamed>' panicked at 'assertion failed: (end_off - start_off) <= Inst::worst_case_size()', cranelift/codegen/src/isa/aarch64/inst/emit.rs:3140:9 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
This was found via a generated adapter module that is part of the
component_api
fuzzer. The adapter itself is probably copying over a massively deep type we could place limits on elsewhere, but as an arbitrary input to a core wasm module this should probably also not panic the backend.
alexcrichton labeled issue #4626:
Given this input wasm:
$ export CARGO_PROFILE_RELEASE_DEBUG_ASSERTIONS=true $ cargo run --release --features all-arch compile adapter.wasm --wasm-features all Finished release [optimized] target(s) in 0.15s Running `target/release/wasmtime compile adapter.wasm --wasm-features all` thread '<unnamed>' panicked at 'assertion failed: (end_off - start_off) <= Inst::worst_case_size()', cranelift/codegen/src/isa/aarch64/inst/emit.rs:3140:9 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
This was found via a generated adapter module that is part of the
component_api
fuzzer. The adapter itself is probably copying over a massively deep type we could place limits on elsewhere, but as an arbitrary input to a core wasm module this should probably also not panic the backend.
cfallin closed issue #4626:
Given this input wasm:
$ export CARGO_PROFILE_RELEASE_DEBUG_ASSERTIONS=true $ cargo run --release --features all-arch compile adapter.wasm --wasm-features all Finished release [optimized] target(s) in 0.15s Running `target/release/wasmtime compile adapter.wasm --wasm-features all` thread '<unnamed>' panicked at 'assertion failed: (end_off - start_off) <= Inst::worst_case_size()', cranelift/codegen/src/isa/aarch64/inst/emit.rs:3140:9 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
This was found via a generated adapter module that is part of the
component_api
fuzzer. The adapter itself is probably copying over a massively deep type we could place limits on elsewhere, but as an arbitrary input to a core wasm module this should probably also not panic the backend.
Last updated: Dec 23 2024 at 12:05 UTC