Wasmtime GitHub notifications bot (Nov 22 2024 at 20:51): Wasmtime GitHub notifications bot (Nov 22 2024 at 20:51):sunshowers opened issue #9660:
Discovered this while working on #9652.
Looking at
LocalMemory::new:It passes in
alloc.byte_size()as theaccessibleparameter toMemoryImageSlot::create:
self.accessibleis not rounded up to the host page size and is instead stored directly. But other places assume thatself.accessibleis page-aligned, for example:This ends up resolving to
mprotect:
mprotectrequires that its address is page-aligned, and will produce anEINVALif it isn't.I think there are likely also places where it panics or possibly even causes UB.
Wasmtime GitHub notifications bot (Nov 22 2024 at 20:52):sunshowers edited issue #9660:
Discovered this while working on #9652.
Looking at
LocalMemory::new:It passes in
alloc.byte_size()as theaccessibleparameter toMemoryImageSlot::create:
self.accessibleis not rounded up to the host page size and is instead stored directly. But other places assume thatself.accessibleis page-aligned, for example:This ends up resolving to
mprotect:
mprotectrequires that its address is page-aligned, and will produce anEINVALif it isn't.I think there are likely also places where it panics or possibly even causes UB.
Wasmtime GitHub notifications bot (Nov 22 2024 at 22:39):sunshowers commented on issue #9660:
In Zulip we decided to:
- for now, skip attempting to do CoW if
byte_sizeis smaller than the host page size- in the future, extend
MemoryImageSlotto track both the accessible size and a rounded-up form of it.
Last updated: Dec 13 2025 at 19:03 UTC