Wasmtime GitHub notifications bot (Nov 06 2025 at 20:21): Wasmtime GitHub notifications bot (Nov 06 2025 at 20:21):guidovranken edited issue #11991:
Thanks for filing an issue! Please fill out the TODOs below, and change
<target>in the title to the corresponding fuzzing target.<details>
<summary>Test case input</summary>8gAAAAArAAAAFhYWFhYWAgAAlZWVlZWVlZWVlZUAAAAAAAAAABYWFhYWFhYWFhYWFhYWFhYWFhYWNgEEAAAAAAAAFhYWFhYWFhYWFhYWFhYWFhb////xAQIAAQFeAAEXAWAGfn5+fn5+DX6np6enp6ekp6enp+Xl5eXl5eXl5eXl5eUBAV53AVAAAADl5V53AVABAV53AVCnp6enp6enp6enp+Xl5eXl5XcBUP///7sBUAEBXncBOzumO8oBAT4KdwFQAQFedwEB////////Af//DPf///9ed3Nzc/////////8KAzMzNP///////wz3////XncBOwo7O1D/DPf///9edwE7UA==</details>
<details>
<summary>cargo +nightly fuzz fmtoutput</summary><!-- If you can, please paste the output of
cargo +nightly fuzz fmt <target> <input>in the code-block below. This will help reviewers more quickly triage this report. -->Don't know; using fuzzer binaries downloaded from OSS-Fuzz (`wasmtime-address-202511060705`)</details>
<details>
<summary>Stack trace or other relevant details</summary><!-- If you can, please paste anything that looks relevant from the failure message in the code-block below. This will help reviewers more quickly triage this report. -->
$ RUST_BACKTRACE=1 ./instantiate ../crasher.bin INFO: found LLVMFuzzerCustomMutator (0x55555839b5b0). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 3342719402 INFO: Loaded 1 modules (1569250 inline 8-bit counters): 1569250 [0x55555ebc3e40, 0x55555ed43022), INFO: Loaded 1 PC tables (1569250 PCs): 1569250 [0x55555ed43028,0x555560534e48), ./instantiate: Running 1 inputs 1 time(s) each. Running: ../crasher.bin thread '<unnamed>' panicked at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:318:14: Scratch register to be available: Winch internal error: Expected register to be available Stack backtrace: 0: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/backtrace.rs:27:14 1: <T as core::convert::Into<U>>::into at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/convert/mod.rs:777:9 2: anyhow::kind::Trait::new at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/kind.rs:95:15 3: winch_codegen::regalloc::RegAlloc::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/regalloc.rs:44:36 4: core::option::Option<T>::ok_or_else at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/option.rs:1341:25 5: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:44:22 6: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:317:14 7: winch_codegen::masm::MacroAssembler::with_scratch_for at /src/wasmtime/winch/codegen/src/masm.rs:1466:22 8: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::spill_impl at /src/wasmtime/winch/codegen/src/codegen/context.rs:849:26 9: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/codegen/context.rs:177:13 10: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:41:17 11: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class at /src/wasmtime/winch/codegen/src/codegen/context.rs:176:23 12: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::any_fpr at /src/wasmtime/winch/codegen/src/codegen/context.rs:190:14 13: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt::{{closure}} at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3106:42 14: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:320:19 15: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3073:14 16: winch_codegen::visitor::<impl wasmparser::readers::core::operators::VisitSimdOperator for winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/visitor.rs:4193:19 17: <winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body::ValidateThenVisit<T,U> as wasmparser::readers::core::operators::VisitSimdOperator>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/codegen/mod.rs:362:46 18: wasmparser::binary_reader::BinaryReader::visit_0xfd_operator 19: wasmparser::binary_reader::BinaryReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/binary_reader.rs:1200:33 20: wasmparser::readers::core::operators::OperatorsReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/readers/core/operators.rs:546:21 21: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body at /src/wasmtime/winch/codegen/src/codegen/mod.rs:343:17 22: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit at /src/wasmtime/winch/codegen/src/codegen/mod.rs:247:14 23: <winch_codegen::isa::x64::X64 as winch_codegen::isa::TargetIsa>::compile_function at /src/wasmtime/winch/codegen/src/isa/x64/mod.rs:127:22 24: <wasmtime_internal_winch::compiler::Compiler as wasmtime_environ::compile::Compiler>::compile_function at /src/wasmtime/crates/winch/src/compiler.rs:139:14 25: wasmtime::compile::CompileInputs::collect_inputs_in_translations::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:453:26 26: core::ops::function::FnOnce::call_once{{vtable.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/ops/function.rs:253:5 27: <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/boxed.rs:1971:9 28: wasmtime::compile::CompileInputs::compile::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:562:56 29: wasmtime::engine::Engine::run_maybe_parallel::{{closure}} at /src/wasmtime/crates/wasmtime/src/engine.rs:193:22 30: core::iter::adapters::map::map_try_fold::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:95:28 31: <alloc::vec::into_iter::IntoIter<T,A> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/into_iter.rs:351:25 32: <core::iter::adapters::map::Map<I,F> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:121:19 33: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:192:14 34: core::iter::traits::iterator::Iterator::try_for_each at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2487:14 35: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::next at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:174:14 36: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:25:41 37: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter{{reify.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:19:5 38: alloc::vec::in_place_collect::<impl alloc::vec::spec_from_iter::SpecFromIter<T,I> for alloc::vec::Vec<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/in_place_collect.rs:246:9 39: <alloc::vec::Vec<T> as core::iter::traits::collect::FromIterator<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/mod.rs:3539:9 40: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 41: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:51 42: core::iter::adapters::try_process at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:160:17 43: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:9 44: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 45: wasmtime::engine::Engine::run_maybe_parallel at /src/wasmtime/crates/wasmtime/src/engine.rs:194:14 46: wasmtime::compile::CompileInputs::compil [message truncated]
Wasmtime GitHub notifications bot (Nov 06 2025 at 20:21):guidovranken edited issue #11991:
<details>
<summary>Test case input</summary>8gAAAAArAAAAFhYWFhYWAgAAlZWVlZWVlZWVlZUAAAAAAAAAABYWFhYWFhYWFhYWFhYWFhYWFhYWNgEEAAAAAAAAFhYWFhYWFhYWFhYWFhYWFhb////xAQIAAQFeAAEXAWAGfn5+fn5+DX6np6enp6ekp6enp+Xl5eXl5eXl5eXl5eUBAV53AVAAAADl5V53AVABAV53AVCnp6enp6enp6enp+Xl5eXl5XcBUP///7sBUAEBXncBOzumO8oBAT4KdwFQAQFedwEB////////Af//DPf///9ed3Nzc/////////8KAzMzNP///////wz3////XncBOwo7O1D/DPf///9edwE7UA==</details>
<details>
<summary>cargo +nightly fuzz fmtoutput</summary><!-- If you can, please paste the output of
cargo +nightly fuzz fmt <target> <input>in the code-block below. This will help reviewers more quickly triage this report. -->Don't know; using fuzzer binaries downloaded from OSS-Fuzz (`wasmtime-address-202511060705`)</details>
<details>
<summary>Stack trace or other relevant details</summary><!-- If you can, please paste anything that looks relevant from the failure message in the code-block below. This will help reviewers more quickly triage this report. -->
$ RUST_BACKTRACE=1 ./instantiate ../crasher.bin INFO: found LLVMFuzzerCustomMutator (0x55555839b5b0). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 3342719402 INFO: Loaded 1 modules (1569250 inline 8-bit counters): 1569250 [0x55555ebc3e40, 0x55555ed43022), INFO: Loaded 1 PC tables (1569250 PCs): 1569250 [0x55555ed43028,0x555560534e48), ./instantiate: Running 1 inputs 1 time(s) each. Running: ../crasher.bin thread '<unnamed>' panicked at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:318:14: Scratch register to be available: Winch internal error: Expected register to be available Stack backtrace: 0: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/backtrace.rs:27:14 1: <T as core::convert::Into<U>>::into at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/convert/mod.rs:777:9 2: anyhow::kind::Trait::new at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/kind.rs:95:15 3: winch_codegen::regalloc::RegAlloc::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/regalloc.rs:44:36 4: core::option::Option<T>::ok_or_else at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/option.rs:1341:25 5: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:44:22 6: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:317:14 7: winch_codegen::masm::MacroAssembler::with_scratch_for at /src/wasmtime/winch/codegen/src/masm.rs:1466:22 8: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::spill_impl at /src/wasmtime/winch/codegen/src/codegen/context.rs:849:26 9: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/codegen/context.rs:177:13 10: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:41:17 11: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class at /src/wasmtime/winch/codegen/src/codegen/context.rs:176:23 12: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::any_fpr at /src/wasmtime/winch/codegen/src/codegen/context.rs:190:14 13: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt::{{closure}} at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3106:42 14: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:320:19 15: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3073:14 16: winch_codegen::visitor::<impl wasmparser::readers::core::operators::VisitSimdOperator for winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/visitor.rs:4193:19 17: <winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body::ValidateThenVisit<T,U> as wasmparser::readers::core::operators::VisitSimdOperator>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/codegen/mod.rs:362:46 18: wasmparser::binary_reader::BinaryReader::visit_0xfd_operator 19: wasmparser::binary_reader::BinaryReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/binary_reader.rs:1200:33 20: wasmparser::readers::core::operators::OperatorsReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/readers/core/operators.rs:546:21 21: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body at /src/wasmtime/winch/codegen/src/codegen/mod.rs:343:17 22: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit at /src/wasmtime/winch/codegen/src/codegen/mod.rs:247:14 23: <winch_codegen::isa::x64::X64 as winch_codegen::isa::TargetIsa>::compile_function at /src/wasmtime/winch/codegen/src/isa/x64/mod.rs:127:22 24: <wasmtime_internal_winch::compiler::Compiler as wasmtime_environ::compile::Compiler>::compile_function at /src/wasmtime/crates/winch/src/compiler.rs:139:14 25: wasmtime::compile::CompileInputs::collect_inputs_in_translations::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:453:26 26: core::ops::function::FnOnce::call_once{{vtable.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/ops/function.rs:253:5 27: <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/boxed.rs:1971:9 28: wasmtime::compile::CompileInputs::compile::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:562:56 29: wasmtime::engine::Engine::run_maybe_parallel::{{closure}} at /src/wasmtime/crates/wasmtime/src/engine.rs:193:22 30: core::iter::adapters::map::map_try_fold::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:95:28 31: <alloc::vec::into_iter::IntoIter<T,A> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/into_iter.rs:351:25 32: <core::iter::adapters::map::Map<I,F> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:121:19 33: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:192:14 34: core::iter::traits::iterator::Iterator::try_for_each at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2487:14 35: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::next at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:174:14 36: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:25:41 37: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter{{reify.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:19:5 38: alloc::vec::in_place_collect::<impl alloc::vec::spec_from_iter::SpecFromIter<T,I> for alloc::vec::Vec<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/in_place_collect.rs:246:9 39: <alloc::vec::Vec<T> as core::iter::traits::collect::FromIterator<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/mod.rs:3539:9 40: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 41: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:51 42: core::iter::adapters::try_process at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:160:17 43: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:9 44: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 45: wasmtime::engine::Engine::run_maybe_parallel at /src/wasmtime/crates/wasmtime/src/engine.rs:194:14 46: wasmtime::compile::CompileInputs::compile at /src/wasmtime/crates/wasmtime/src/compile.rs:562:20 47: wasmtime::compile::build_module_artifacts at [message truncated]
Wasmtime GitHub notifications bot (Nov 06 2025 at 20:22):guidovranken commented on issue #11991:
This is distinct from https://github.com/bytecodealliance/wasmtime/issues/11868 ; that one was fixed.
Wasmtime GitHub notifications bot (Nov 06 2025 at 20:38):saulecabrera commented on issue #11991:
Thanks for the report; taking a look.
Wasmtime GitHub notifications bot (Nov 06 2025 at 21:24):saulecabrera commented on issue #11991:
I'm able to reproduce with the following program:
(module (type (;0;) (func (param v128 i64))) (table (;0;) 0 265945 funcref) (global (;0;) (mut f32) f32.const -0x1.4f4f4ep-48 (;=-0.000000000000004653358;)) (global (;1;) (mut f32) f32.const -0x1.cbcb4ep+76 (;=-135707280000000000000000;)) (global (;2;) (mut v128) v128.const i32x4 0xff500177 0x01bbffff 0x5e010150 0x3b3b0177) (func (;0;) (type 0) (param v128 i64) local.get 0 local.get 1 global.get 1 global.get 0 global.get 1 global.get 1 global.get 1 global.get 1 global.get 0 global.get 1 global.get 1 global.get 0 global.get 1 global.get 1 local.get 0 i8x16.popcnt global.get 0 global.get 2 i8x16.popcnt unreachable ) )
Wasmtime GitHub notifications bot (Nov 10 2025 at 16:19):alexcrichton closed issue #11991:
<details>
<summary>Test case input</summary>8gAAAAArAAAAFhYWFhYWAgAAlZWVlZWVlZWVlZUAAAAAAAAAABYWFhYWFhYWFhYWFhYWFhYWFhYWNgEEAAAAAAAAFhYWFhYWFhYWFhYWFhYWFhb////xAQIAAQFeAAEXAWAGfn5+fn5+DX6np6enp6ekp6enp+Xl5eXl5eXl5eXl5eUBAV53AVAAAADl5V53AVABAV53AVCnp6enp6enp6enp+Xl5eXl5XcBUP///7sBUAEBXncBOzumO8oBAT4KdwFQAQFedwEB////////Af//DPf///9ed3Nzc/////////8KAzMzNP///////wz3////XncBOwo7O1D/DPf///9edwE7UA==</details>
<details>
<summary>cargo +nightly fuzz fmtoutput</summary><!-- If you can, please paste the output of
cargo +nightly fuzz fmt <target> <input>in the code-block below. This will help reviewers more quickly triage this report. -->Don't know; using fuzzer binaries downloaded from OSS-Fuzz (`wasmtime-address-202511060705`)</details>
<details>
<summary>Stack trace or other relevant details</summary><!-- If you can, please paste anything that looks relevant from the failure message in the code-block below. This will help reviewers more quickly triage this report. -->
$ RUST_BACKTRACE=1 ./instantiate ../crasher.bin INFO: found LLVMFuzzerCustomMutator (0x55555839b5b0). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 3342719402 INFO: Loaded 1 modules (1569250 inline 8-bit counters): 1569250 [0x55555ebc3e40, 0x55555ed43022), INFO: Loaded 1 PC tables (1569250 PCs): 1569250 [0x55555ed43028,0x555560534e48), ./instantiate: Running 1 inputs 1 time(s) each. Running: ../crasher.bin thread '<unnamed>' panicked at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:318:14: Scratch register to be available: Winch internal error: Expected register to be available Stack backtrace: 0: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/backtrace.rs:27:14 1: <T as core::convert::Into<U>>::into at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/convert/mod.rs:777:9 2: anyhow::kind::Trait::new at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/anyhow-1.0.100/src/kind.rs:95:15 3: winch_codegen::regalloc::RegAlloc::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/regalloc.rs:44:36 4: core::option::Option<T>::ok_or_else at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/option.rs:1341:25 5: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:44:22 6: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:317:14 7: winch_codegen::masm::MacroAssembler::with_scratch_for at /src/wasmtime/winch/codegen/src/masm.rs:1466:22 8: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::spill_impl at /src/wasmtime/winch/codegen/src/codegen/context.rs:849:26 9: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class::{{closure}} at /src/wasmtime/winch/codegen/src/codegen/context.rs:177:13 10: winch_codegen::regalloc::RegAlloc::reg_for_class at /src/wasmtime/winch/codegen/src/regalloc.rs:41:17 11: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::reg_for_class at /src/wasmtime/winch/codegen/src/codegen/context.rs:176:23 12: winch_codegen::codegen::context::CodeGenContext<winch_codegen::codegen::phase::Emission>::any_fpr at /src/wasmtime/winch/codegen/src/codegen/context.rs:190:14 13: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt::{{closure}} at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3106:42 14: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::with_scratch at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:320:19 15: <winch_codegen::isa::x64::masm::MacroAssembler as winch_codegen::masm::MacroAssembler>::v128_popcnt at /src/wasmtime/winch/codegen/src/isa/x64/masm.rs:3073:14 16: winch_codegen::visitor::<impl wasmparser::readers::core::operators::VisitSimdOperator for winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/visitor.rs:4193:19 17: <winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body::ValidateThenVisit<T,U> as wasmparser::readers::core::operators::VisitSimdOperator>::visit_i8x16_popcnt at /src/wasmtime/winch/codegen/src/codegen/mod.rs:362:46 18: wasmparser::binary_reader::BinaryReader::visit_0xfd_operator 19: wasmparser::binary_reader::BinaryReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/binary_reader.rs:1200:33 20: wasmparser::readers::core::operators::OperatorsReader::visit_operator at /rust/registry/src/index.crates.io-1949cf8c6b5b557f/wasmparser-0.240.0/src/readers/core/operators.rs:546:21 21: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit_body at /src/wasmtime/winch/codegen/src/codegen/mod.rs:343:17 22: winch_codegen::codegen::CodeGen<M,winch_codegen::codegen::phase::Emission>::emit at /src/wasmtime/winch/codegen/src/codegen/mod.rs:247:14 23: <winch_codegen::isa::x64::X64 as winch_codegen::isa::TargetIsa>::compile_function at /src/wasmtime/winch/codegen/src/isa/x64/mod.rs:127:22 24: <wasmtime_internal_winch::compiler::Compiler as wasmtime_environ::compile::Compiler>::compile_function at /src/wasmtime/crates/winch/src/compiler.rs:139:14 25: wasmtime::compile::CompileInputs::collect_inputs_in_translations::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:453:26 26: core::ops::function::FnOnce::call_once{{vtable.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/ops/function.rs:253:5 27: <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/boxed.rs:1971:9 28: wasmtime::compile::CompileInputs::compile::{{closure}} at /src/wasmtime/crates/wasmtime/src/compile.rs:562:56 29: wasmtime::engine::Engine::run_maybe_parallel::{{closure}} at /src/wasmtime/crates/wasmtime/src/engine.rs:193:22 30: core::iter::adapters::map::map_try_fold::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:95:28 31: <alloc::vec::into_iter::IntoIter<T,A> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/into_iter.rs:351:25 32: <core::iter::adapters::map::Map<I,F> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/map.rs:121:19 33: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::try_fold at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:192:14 34: core::iter::traits::iterator::Iterator::try_for_each at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2487:14 35: <core::iter::adapters::GenericShunt<I,R> as core::iter::traits::iterator::Iterator>::next at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:174:14 36: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:25:41 37: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter{{reify.shim}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/spec_from_iter_nested.rs:19:5 38: alloc::vec::in_place_collect::<impl alloc::vec::spec_from_iter::SpecFromIter<T,I> for alloc::vec::Vec<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/in_place_collect.rs:246:9 39: <alloc::vec::Vec<T> as core::iter::traits::collect::FromIterator<T>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/alloc/src/vec/mod.rs:3539:9 40: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 41: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter::{{closure}} at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:51 42: core::iter::adapters::try_process at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/adapters/mod.rs:160:17 43: <core::result::Result<V,E> as core::iter::traits::collect::FromIterator<core::result::Result<A,E>>>::from_iter at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:2050:9 44: core::iter::traits::iterator::Iterator::collect at /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/iter/traits/iterator.rs:2027:9 45: wasmtime::engine::Engine::run_maybe_parallel at /src/wasmtime/crates/wasmtime/src/engine.rs:194:14 46: wasmtime::compile::CompileInputs::compile at /src/wasmtime/crates/wasmtime/src/compile.rs:562:20 47: wasmtime::compile::build_module_artifacts at [message truncated]
Last updated: Dec 06 2025 at 06:05 UTC