Stream: git-wasmtime

Topic: wasmtime / issue #11602 s390x: Incorrect ABI (?) when mix...

view this post on Zulip Wasmtime GitHub notifications bot (Sep 03 2025 at 19:59):

alexcrichton opened issue #11602:

Given this input:

(module
  (func (export "f")
    (param
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )
    (result
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )

    (block $h
      (try_table (catch_all $h)
        local.get 0
        local.get 1
        local.get 2
        local.get 3
        local.get 4
        local.get 5
        local.get 6
        local.get 7
        local.get 8
        local.get 9
        local.get 10
        local.get 11
        local.get 12
        local.get 13
        local.get 14
        local.get 15
        local.get 16

        call $f2_callee
        return
      )
    )
    unreachable
  )
  (func $f2_callee
    (param
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )
    (result
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )

    local.get 0
    local.get 1
    local.get 2
    local.get 3
    local.get 4
    local.get 5
    local.get 6
    local.get 7
    local.get 8
    local.get 9
    local.get 10
    local.get 11
    local.get 12
    local.get 13
    local.get 14
    local.get 15
    local.get 16
  )
)

(assert_return (invoke "f"
    (i32.const 0)
    (i32.const 1)
    (i32.const 2)
    (i32.const 3)
    (i32.const 4)
    (i32.const 5)
    (i32.const 6)
    (i32.const 7)
    (i32.const 8)
    (i32.const 9)
    (i32.const 10)
    (i32.const 11)
    (i32.const 12)
    (i32.const 13)
    (i32.const 14)
    (i32.const 15)
    (i32.const 16)
  )
  (i32.const 0)
  (i32.const 1)
  (i32.const 2)
  (i32.const 3)
  (i32.const 4)
  (i32.const 5)
  (i32.const 6)
  (i32.const 7)
  (i32.const 8)
  (i32.const 9)
  (i32.const 10)
  (i32.const 11)
  (i32.const 12)
  (i32.const 13)
  (i32.const 14)
  (i32.const 15)
  (i32.const 16)
)

locally this fails for me as:

$ cargo run --target s390x-unknown-linux-gnu wast ./foo.wast -W exceptions
...
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped)  cargo run --target s390x-unknown-linux-gnu wast ./foo.wast -W exceptions

debugging this it appears that the array-to-wasm trampoline's stack pointer isn't restored upon it being returned to. The fault appears to be that the place-to-save-wasm results is saved on the stack but when it's reloaded from the stack the wrong value is reloaded. Beyond this though I'm not entirely sure where the issue lies.

cc @uweigand

view this post on Zulip Wasmtime GitHub notifications bot (Sep 03 2025 at 19:59):

alexcrichton added the cranelift:area:s390x label to Issue #11602.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 03 2025 at 19:59):

alexcrichton added the wasm-proposal:exceptions label to Issue #11602.

view this post on Zulip Wasmtime GitHub notifications bot (Sep 04 2025 at 01:54):

alexcrichton commented on issue #11602:

After https://github.com/bytecodealliance/wasmtime/pull/11597 merges the reproduction will require reverting these changes first

view this post on Zulip Wasmtime GitHub notifications bot (Sep 11 2025 at 23:20):

alexcrichton closed issue #11602:

Given this input:

(module
  (func (export "f")
    (param
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )
    (result
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )

    (block $h
      (try_table (catch_all $h)
        local.get 0
        local.get 1
        local.get 2
        local.get 3
        local.get 4
        local.get 5
        local.get 6
        local.get 7
        local.get 8
        local.get 9
        local.get 10
        local.get 11
        local.get 12
        local.get 13
        local.get 14
        local.get 15
        local.get 16

        call $f2_callee
        return
      )
    )
    unreachable
  )
  (func $f2_callee
    (param
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )
    (result
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32 i32 i32 i32
      i32
    )

    local.get 0
    local.get 1
    local.get 2
    local.get 3
    local.get 4
    local.get 5
    local.get 6
    local.get 7
    local.get 8
    local.get 9
    local.get 10
    local.get 11
    local.get 12
    local.get 13
    local.get 14
    local.get 15
    local.get 16
  )
)

(assert_return (invoke "f"
    (i32.const 0)
    (i32.const 1)
    (i32.const 2)
    (i32.const 3)
    (i32.const 4)
    (i32.const 5)
    (i32.const 6)
    (i32.const 7)
    (i32.const 8)
    (i32.const 9)
    (i32.const 10)
    (i32.const 11)
    (i32.const 12)
    (i32.const 13)
    (i32.const 14)
    (i32.const 15)
    (i32.const 16)
  )
  (i32.const 0)
  (i32.const 1)
  (i32.const 2)
  (i32.const 3)
  (i32.const 4)
  (i32.const 5)
  (i32.const 6)
  (i32.const 7)
  (i32.const 8)
  (i32.const 9)
  (i32.const 10)
  (i32.const 11)
  (i32.const 12)
  (i32.const 13)
  (i32.const 14)
  (i32.const 15)
  (i32.const 16)
)

locally this fails for me as:

$ cargo run --target s390x-unknown-linux-gnu wast ./foo.wast -W exceptions
...
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped)  cargo run --target s390x-unknown-linux-gnu wast ./foo.wast -W exceptions

debugging this it appears that the array-to-wasm trampoline's stack pointer isn't restored upon it being returned to. The fault appears to be that the place-to-save-wasm results is saved on the stack but when it's reloaded from the stack the wrong value is reloaded. Beyond this though I'm not entirely sure where the issue lies.

cc @uweigand

Last updated: Dec 06 2025 at 06:05 UTC