Bug 285466

Summary: WASM out-of-bounds exception running pglite when IPInt is enabled
Product: WebKit Reporter: benjamin.j.grant
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: ap, daniel_liu4, keith_miller, mark.lam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Mac (Apple Silicon)   
OS: macOS 15   
Attachments:
Description Flags
Script to run pglite none

benjamin.j.grant
Reported 2025-01-06 14:02:14 PST
Created attachment 473811 [details] Script to run pglite When IPInt is enabled, initializing pglite (a distribution of PostgreSQL compiled to WASM) throws an out-of-bounds memory access exception. Steps to reproduce: 1) Visit https://pglite.dev and scroll to the "Try PGLite Now" heading 2) Wait for the "SELECT * FROM now();" query to finish typing Actual Results: the error "Out of bounds memory access (evaluating 'getWasmTableEntry(ue)(I,$n,Yn,Xn,Zn,rr)')" is displayed Expected Results: a table with the current timestamp is displayed Build Date : 2025-01-06 (commit faa4b20a62f299f89f135366fcaafc1e181e0122) Hardware: MacBook Pro M3 Max, macOS 15.1.1 Additional Info: I used a local debug build of WebKit from commit faa4b20a62f299f89f135366fcaafc1e181e0122 and the run-safari script to reproduce this. However, it didn't seem like the run-safari script was respecting the option to disable IPInt: I got the same exception using the command `JSC_useWasmIPInt=false ./Tools/Scripts/run-safari --debug`. I haven't used this script before so I might not be specifying options the right way. To verify this is related to IPInt, you can also reproduce this issue on a canary build of the Bun runtime, where I'm definitely able to disable IPInt: 1) Install Bun (https://bun.sh) 2) Switch to a canary build: bun upgrade --canary 3) Download the attached JS file to a new directory, run `bun init -y`, and run `bun add @electric-sql/pglite` 4) Run the script with the default options (IPInt enabled): `bun index.js` 5) Run the script with IPInt disabled: `BUN_JSC_useWasmIPInt=false bun index.js` Actual Results: $ bun index.js RuntimeError: Out of bounds memory access (evaluating 'this.mod._pg_initdb()') at <?>.wasm-function[10920] at <?>.wasm-function[8539] at <?>.wasm-function[5679] at <?>.wasm-function[4575] at <?>.wasm-function[2877] at /Users/ben/code/pglite/node_modules/@electric-sql/pglite/dist/index.js:3:2428652 $ BUN_JSC_useWasmIPInt=false bun index.js 2025-01-06T21:32:46.734Z Expected Results: both commands print the timestamp
Attachments
Script to run pglite (138 bytes, application/x-javascript)
2025-01-06 14:02 PST, benjamin.j.grant 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
benjamin.j.grant
Comment 1 2025-01-06 14:07:45 PST
To reproduce with Bun canary you should also specify `BUN_JSC_useWasmIPInt=true` to make sure IPInt is enabled, rather than leaving that setting unspecified, as the next canary build will have IPInt disabled by default.
Radar WebKit Bug Importer
Comment 2 2025-01-06 15:28:34 PST
<rdar://problem/142442255>
Alexey Proskuryakov
Comment 3 2025-01-07 16:05:40 PST
Thank you for the report. I'm told that this was fixed as part of bug 285547. *** This bug has been marked as a duplicate of bug 285547 ***
benjamin.j.grant
Comment 4 2025-01-07 17:00:27 PST
Thank you! Seems fixed on my end too.
Note You need to log in before you can comment on or make changes to this bug.