[wasmd v0.43]: possible UB inside wasmvm - contract init dlmalloc panic in rust 1.78

[jstuczyn]

Hi!

I wasn't sure whether to post this issue in this repo or the wasmvm one, so if it's in the wrong place, I apologise.

Ever since updating my local rust toolchain to 1.78, any contract built locally fails to get initialised on chain due to the panic inside wasmvm:

Error: rpc error: code = Unknown desc = rpc error: code = Unknown desc = failed to execute message; message index: 0: Error calling the VM: Error executing Wasm: Wasmer runtime error: RuntimeError: Aborted: panicked at /rust/deps/dlmalloc-0.2.6/src/dlmalloc.rs:1198:13:
assertion failed: psize <= size + max_overhead: instantiate wasm contract failed [CosmWasm/wasmd@v0.43.0/x/wasm/keeper/keeper.go:325] With gas wanted: '18446744073709551615' and gas used: '110152' : unknown request

Note that everything works perfectly fine under 1.77.2.

I've noticed the identical issue coming up for wasm-bindgen users: https://github.com/alexcrichton/dlmalloc-rs/issues/41 + https://github.com/rustwasm/wasm-pack/issues/1389 which seems to have been due to not taking alignment correctly into consideration: https://github.com/rustwasm/wasm-bindgen/pull/3463.

which would probably make sense given the associated 1.78 changes: https://blog.rust-lang.org/2024/05/02/Rust-1.78.0.html#asserting-unsafe-preconditions + https://blog.rust-lang.org/2024/05/02/Rust-1.78.0.html#deterministic-realignment

Therefore, I suspect there might be some UB inside the wasmvm that might be worth investigating

[chipshort]

I think this is probably a duplicate of https://github.com/CosmWasm/cosmwasm/issues/2061. It is not UB inside wasmvm, but inside the contract (which is perfectly normal behaviour on the host side). You should update to a patched cosmwasm-std version: either 2.0.1+ or 1.5.4+