ureeves
commented
2 months ago This cannot be implemented until wasmtime implements fuel-based interruption
https://github.com/bytecodealliance/wasmtime/issues/8090
Open HDauven opened 2 months ago
ureeves
commented
2 months ago This cannot be implemented until wasmtime implements fuel-based interruption
https://github.com/bytecodealliance/wasmtime/issues/8090
Summary
With Cranelift, it is currently possible for a malicious actor to do a JIT bomb. Wasmtime currently provides a single-pass compiler that should prevent this called Winch.
Possible solution design or implementation
Switch from Cranelift to Winch to prevent potential JIT bombs.