fix(gnovm): make oversized slice make/append a recoverable panic

[ltzmaxwell]

No description provided.

[Gno2D2]

🛠 PR Checks Summary

All Automated Checks passed. ✅

Manual Checks (for Reviewers):

• IGNORE the bot requirements for this PR (force green CI check)

Read More

🤖 This bot helps streamline PR reviews by verifying automated checks and providing guidance for contributors and reviewers.

✅ Automated Checks (for Contributors):

🟢 Maintainers must be able to edit this pull request (more info)

☑️ Contributor Actions:

1. Fix any issues flagged by automated checks.
2. Follow the Contributor Checklist to ensure your PR is ready for review.
   • Add new tests, or document why they are unnecessary.
   • Provide clear examples/screenshots, if necessary.
   • Update documentation, if required.
   • Ensure no breaking changes, or include BREAKING CHANGE notes.
   • Link related issues/PRs, where applicable.

☑️ Reviewer Actions:

1. Complete manual checks for the PR, including the guidelines and additional checks if applicable.

📚 Resources:

• Report a bug with the bot.
• View the bot’s configuration file.

Debug

Automated Checks

Maintainers must be able to edit this pull request (more info)

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 The pull request was created from a fork (head branch repo: ltzmaxwell/gno)

Then

🟢 Requirement satisfied
└── 🟢 Maintainer can modify this pull request

Manual Checks

**IGNORE** the bot requirements for this PR (force green CI check)

If

🟢 Condition met
└── 🟢 On every pull request

Can be checked by

• Any user with comment edit permission

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[davd-gzl]

Changes is good but there's missing similar cases, check davd-gzl@3b18b473e

git remote add davd-gzl https://github.com/davd-gzl/gno.git
git fetch davd-gzl
git cherry-pick 3b18b473e        # onto fix/make19
git push                          # updates his PR

[ltzmaxwell]

@davd-gzl , thanks for the review. I dug into extending this and concluded it should stay scoped to slices:

• Slices are the only user-reachable, slice-shaped overflow: make([]T, n) takes a cheap user-controlled length, and allocArrayItem × n overflows int64 before any memory is touched. That's this PR, using Go's own makeslice: len out of range message. append shares the same allocators, so it's covered.
• Maps have the same shape but Go's makemap clamps an oversized hint instead of panicking — so the right fix is to clamp, not raise a recoverable panic. Handling that separately: WIP fix(gnovm): clamp bogus make(map, n) hint #5770.
• String / struct fields / block: not equivalent. Their counts are bounded by source (field/name counts), so they can't reach the overflow threshold from cheap input. And if one somehow did, it's an internal allocation invariant, not a user make error — an unrecoverable panic is the correct outcome there, not a recoverable *Exception().

Happy to discuss if I've missed a case.

[davd-gzl]

Agreed I overstated it, LGTM!

[davd-gzl]

I think this comment can be simplified