[Stack Switching] Fix all the execution-results.h places missing a clear of the continuation store (#7828)

kripken · web-flow · commit 8dca624000e9 · 2025-08-14T17:19:07.000-07:00
diff --git a/scripts/test/fuzzing.py b/scripts/test/fuzzing.py
@@ -117,6 +117,7 @@
     'gufa-cont.wast',
     'cont_many_unhandled.wast',
     'cont_export.wast',
+    'cont_export_throw.wast',
     # TODO: fix split_wast() on tricky escaping situations like a string ending
     #       in \\" (the " is not escaped - there is an escaped \ before it)
     'string-lifting-section.wast',
diff --git a/src/tools/execution-results.h b/src/tools/execution-results.h
@@ -472,26 +472,30 @@ struct ExecutionResults {
         if (!param.isDefaultable()) {
           std::cout << "[trap fuzzer can only send defaultable parameters to "
                        "exports]\n";
+          instance.clearContinuationStore();
           return Trap{};
         }
         arguments.push_back(Literal::makeZero(param));
       }
       auto flow = instance.callFunction(func->name, arguments);
-      if (flow.suspendTag) { // TODO: support stack switching here
+      if (flow.suspendTag) {
         std::cout << "[exception thrown: unhandled suspend]" << std::endl;
         instance.clearContinuationStore();
         return Exception{};
       }
       return flow.values;
     } catch (const TrapException&) {
+      instance.clearContinuationStore();
       return Trap{};
     } catch (const WasmException& e) {
+      instance.clearContinuationStore();
       std::cout << "[exception thrown: " << e << "]" << std::endl;
       return Exception{};
     } catch (const HostLimitException&) {
       // This should be ignored and not compared with, as optimizations can
       // change whether a host limit is reached.
       ignore = true;
+      instance.clearContinuationStore();
       return {};
     }
   }
diff --git a/test/lit/exec/cont_export_throw.wast b/test/lit/exec/cont_export_throw.wast
@@ -0,0 +1,54 @@
+;; NOTE: Assertions have been generated by update_lit_checks.py --output=fuzz-exec and should not be edited.
+
+;; RUN: foreach %s %t wasm-opt -all --fuzz-exec-before -q -o /dev/null 2>&1 | filecheck %s
+
+;; Three exports, one which suspends, the second resumes but ends up throwing,
+;; and another suspend. This is a regression test for a bug where the global
+;; state of continuations got into a confused state at the last export, and
+;; asserted.
+
+(module
+ (type $none (func))
+ (type $cont (cont $none))
+
+ (import "fuzzing-support" "call-export" (func $call-export (param i32 i32)))
+
+ (tag $tag (type $none))
+
+ ;; CHECK:      [fuzz-exec] calling suspend
+ ;; CHECK-NEXT: [exception thrown: unhandled suspend]
+ (func $suspend (export "suspend")
+  (suspend $tag)
+ )
+
+ ;; CHECK:      [fuzz-exec] calling handled
+ ;; CHECK-NEXT: [exception thrown: __private externref]
+ (func $handled (export "handled")
+  (drop
+   (block $block (result (ref $cont))
+    (resume $cont (on $tag $block)
+     (cont.new $cont
+      (ref.func $cont)
+     )
+    )
+    (unreachable)
+   )
+  )
+ )
+
+ ;; CHECK:      [fuzz-exec] calling suspend2
+ ;; CHECK-NEXT: [exception thrown: unhandled suspend]
+ (func $suspend2 (export "suspend2")
+  (suspend $tag)
+ )
+
+ (func $cont
+  ;; This calls $suspend through an export, which traps as we cannot suspend
+  ;; through JS.
+  (call $call-export
+   (i32.const 0)
+   (i32.const 0)
+  )
+ )
+)
+
