T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Limit linear memories when fuzzing with pooling (#4918)

Browse Source 
This commit limits the maximum number of linear memories when the
pooling allocator is used to ensure that the virtual memory mapping for
the pooling allocator itself can succeed. Currently there are a number
of crashes in the differential fuzzer where the pooling allocator can't
allocate its mapping because the maximum specified number of linear
memories times the number of instances exceeds the address space
presumably.
This commit is contained in:
Alex Crichton
2022-09-16 13:50:49 -05:00
committed by GitHub
parent f5580954af
commit b8fa068ca8
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
crates/fuzzing/src/generators/config.rs
View File

@@ -349,6 +349,11 @@ impl<'a> Arbitrary<'a> for Config {
}
};
// Don't allow too many linear memories per instance since massive
// virtual mappings can fail to get allocated.
cfg.min_memories = cfg.min_memories.min(10);
cfg.max_memories = cfg.max_memories.min(10);
// Force this pooling allocator to always be able to accommodate the
// module that may be generated.
limits.memories = cfg.max_memories as u32;