Skip to content

Fix cross-module return_calls in the interpreter #8083

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kripken merged 3 commits into from
Dec 2, 2025
Merged

Fix cross-module return_calls in the interpreter #8083

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9f83b3c
fix
kripken Dec 2, 2025
20e10d8
test
kripken Dec 2, 2025
c9d6bf4
typo
kripken Dec 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion src/wasm-interpreter.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4861,9 +4861,17 @@ class ModuleRunnerBase : public ExpressionRunner<SubType> {
// There was a return call, so we need to call the next function before
// returning to the caller. The flow carries the function arguments and a
// function reference.
name = flow.values.back().getFunc();
auto nextData = flow.values.back().getFuncData();
name = nextData->name;
flow.values.pop_back();
arguments = flow.values;

if (nextData->self != this) {
// This function is in another module. Call from there.
auto other = (decltype(this))nextData->self;
Copy link
Copy Markdown
Member

@tlively tlively Dec 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yikes! I wonder if this could be avoided with an abstract base class or something like that.

Copy link
Copy Markdown
Member Author

@kripken kripken Dec 2, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, the templating makes that messy, or at least I can't find a good solution. Trying both natural and artificial intelligence, the best idea is multiple inheritance, which I'm not sure I like...

But open to improving this if we find something.

flow = other->callFunction(name, arguments);
break;
}
}

if (flow.breaking() && flow.breakTo == NONCONSTANT_FLOW) {
Expand Down
23 changes: 23 additions & 0 deletions test/lit/exec/second_retcall.wast
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@

;; RUN: wasm-opt %s -all --fuzz-exec-before --fuzz-exec-second=%s.second -q -o /dev/null 2>&1 | filecheck %s

(module
(import "fuzzing-support" "log-i32" (func $log-i32 (param i32)))

(global $global funcref (ref.func $func))

(export "global" (global $global))

(func $func
(call $log-i32
(i32.const 42)
)
)
)

;; Export a funcref through a global, and return_call it from the other module.
;; It must be called ok, print 42, and not error.

;; CHECK: [fuzz-exec] calling caller
;; CHECK-NEXT: [LoggingExternalInterface logging 42]

19 changes: 19 additions & 0 deletions test/lit/exec/second_retcall.wast.second
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
(module
(type $func (func))

(import "primary" "global" (global $gimport funcref))

(table $table 10 funcref)

(func $caller (export "caller")
;; Do an indirect call from the table, writing the imported funcref first.
(table.set $table
(i32.const 1)
(global.get $gimport)
)
(return_call_indirect (type $func)
(i32.const 1)
)
)
)

Loading