Wasmer panics with HeapAccessOutOfBounds when using cranelift and multi-value - Githubissues

wasmerio / wasmer

🚀 The leading Wasm Runtime supporting WASIX, WASI and Emscripten

https://wasmer.io

MIT License

18.45k stars 789 forks source link

Wasmer panics with HeapAccessOutOfBounds when using cranelift and multi-value #4934

Open kay opened 1 month ago

kay commented 1 month ago

Describe the bug

When using the cranelift backend and a static typed host function that returns multi-values of different sizes, when calling the host function from Wasm, the Wasm call panics. Using a dynamic host function, it works.

wasmer version is 4.3.4 Rust version is 1.79.0

$ uname -a
Darwin XXXX 23.5.0 Darwin Kernel Version 23.5.0: Wed May  1 20:12:58 PDT 2024; root:xnu-10063.121.3~5/RELEASE_ARM64_T6000 arm64

Steps to reproduce

Run https://gist.github.com/kay/9715e05168381f3f3a0ff5abf49df578

Expected behavior

Both functions should return 5 successfully

Actual behavior

Wasm function that uses dynamic host function returns 5 successfully. Wasm function that uses typed host function returns a RuntimeError caused by signal trap HeapAccessOutOfBounds.

Additional context

This also works correctly when using the LLVM backend. These issues look similar but not exactly the same outcome, https://github.com/wasmerio/wasmer/issues/4282 or https://github.com/wasmerio/wasmer/issues/3447.

syrusakbary commented 1 month ago

It seems we might be having some bugs on the Cranelift function calling-convention, I assume for SystemV. We need to investigate further