EH: operand stack overrun

[yamt]

when crossing function frames, the current throw logic copies the exception onto the operand stack.
if the frame doesn't have enough stack space, it overruns.
a possible fix: rewind function frames in the throw logic rather than using goto return_func.

eg.

(module
  (tag $e (param i32 i32 i32 i32 i32 i32 i32 i32))
  (func $g
    i32.const 1234
    i32.const 1234
    i32.const 1234
    i32.const 1234
    i32.const 1234
    i32.const 1234
    i32.const 1234
    i32.const 1234
    throw $e
  )
  (func $f ;; the throw logic would overrun when copying the exception to this frame
    call $g
  )
  (func (export "main")
    try
      call $f
    catch_all
    end
  )
)

[ermler]

@yamt You are right.
Indeed, there was a misunderstanding when implementing this. In the loader, we are counting the handlers in the module:

wasm-micro-runtime/core/iwasm/interpreter/wasm_loader.c

Line 11030 in e8c2952

func->exception_handler_count++;

And allocate space for the handlers when setting up the stack.

wasm-micro-runtime/core/iwasm/interpreter/wasm_interp_classic.c

Line 6604 in e8c2952

max_stack_cell_num += eh_size;

But after review, it becomes clear to me, that this calculation is not correct and we did not respect the space needed to store the operands of the tag.