Wasmtime GitHub notifications bot (Jan 12 2026 at 23:53): Wasmtime GitHub notifications bot (Jan 12 2026 at 23:53):zzjas opened issue #12328:
.clifTest Casetest optimize set opt_level=speed target x86_64 function %trigger_bug(i32x4, i32x4) -> i32x4 { block0(v0: i32x4, v1: i32x4): v2 = icmp sgt v0, v1 v3 = icmp slt v0, v1 v4 = band v2, v3 return v4 }Steps to Reproduce
RUST_BACKTRACE=1 cargo run -p cranelift-tools --bin clif-util -- test test.clifExpected Results
No crash
Actual Results
thread 'worker #0' (1654070) panicked at cranelift/codegen/src/opts.rs:191:5: unimplemented for > 64 bitsVersions and Environment
Cranelift version or commit: 54c1192eed26434359f3263e4fe95f3d8a2fa520
Operating system: Ubuntu 22.04.5
Architecture: x86_64
Extra Info
The optimization rules at
cranelift/codegen/src/opts/icmp.islelines 316-351 produce(iconst_u ty 0)without constraining ty to scalar types. Whentyis a 128-bit vector type (e.g.,i32x4),iconst_u calls ty_umax()→ty_mask(), which computes64_u64.checked_sub(ty_bits). For 128-bit types, this underflows and panics with "unimplemented for > 64 bits". Fix would be smilar to #12179.Thanks for looking into this and please let us know if we missed anything or if you have any feedback!
Wasmtime GitHub notifications bot (Jan 12 2026 at 23:53):zzjas added the bug label to Issue #12328.
Wasmtime GitHub notifications bot (Jan 12 2026 at 23:53):zzjas added the cranelift label to Issue #12328.
Wasmtime GitHub notifications bot (Jan 13 2026 at 00:06):cfallin commented on issue #12328:
@zzjas would you be willing to try your hand at the fix?
(No worries if not, but this is a standard question I like to ask new folks doing fuzzing: fuzzing to find the issues is relatively less work than actually fixing them, and so in the interest of avoiding a labor imbalance / DoS'ing our project, and since you point out what the likely fix is, I want to see if you're willing to take on the fixes themselves as well -- thanks!)
Wasmtime GitHub notifications bot (Jan 13 2026 at 00:10):zzjas commented on issue #12328:
Yes for sure I'd love to prepare a fix and some more test cases (probably later tomorrow). Thanks!
Wasmtime GitHub notifications bot (Jan 13 2026 at 00:19):alexcrichton added the fuzz-bug label to Issue #12328.
Wasmtime GitHub notifications bot (Jan 13 2026 at 06:47):lmtdit commented on issue #12328:
Hi Chris,
Thank you for the suggestion. I'd be happy to work on a fix for this issue
and will aim to submit a patch with additional test cases tomorrow. I'll
make sure to follow the pattern from #12179 to properly constrain the type
in the ISLE icmp rules.I'll reach out if I have any questions during implementation.
Best regards,
Zijie ZhaoZijie Zhao @.***> 于2026年1月13日周二 07:53写道:
zzjas created an issue (bytecodealliance/wasmtime#12328)
<https://github.com/bytecodealliance/wasmtime/issues/12328>
.clif Test Casetest optimize
set opt_level=speed
target x86_64function %trigger_bug(i32x4, i32x4) -> i32x4 {
block0(v0: i32x4, v1: i32x4):
v2 = icmp sgt v0, v1
v3 = icmp slt v0, v1
v4 = band v2, v3
return v4
}Steps to Reproduce
RUST_BACKTRACE=1 cargo run -p cranelift-tools --bin clif-util -- test test.clif
Expected Results
No crash
Actual Resultsthread 'worker #0' (1654070) panicked at cranelift/codegen/src/opts.rs:191:5:
unimplemented for > 64 bitsVersions and Environment
Cranelift version or commit: 54c1192
<https://github.com/bytecodealliance/wasmtime/commit/54c1192eed26434359f3263e4fe95f3d8a2fa520>Operating system: Ubuntu 22.04.5
Architecture: x86_64
Extra InfoThe optimization rules at cranelift/codegen/src/opts/icmp.isle lines
316-351 produce (iconst_u ty 0) without constraining ty to scalar types.
When ty is a 128-bit vector type (e.g., i32x4), iconst_u calls ty_umax()
→ ty_mask(), which computes 64_u64.checked_sub(ty_bits). For 128-bit
types, this underflows and panics with "unimplemented for > 64 bits". Fix
would be smilar to #12179
<https://github.com/bytecodealliance/wasmtime/pull/12179>.Thanks for looking into this and please let us know if we missed anything
or if you have any feedback!—
Reply to this email directly, view it on GitHub
<https://github.com/bytecodealliance/wasmtime/issues/12328>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABBFIVKLLLSN5QR7MUQK3J34GQXZHAVCNFSM6AAAAACRPJV3B6VHI2DSMVQWIX3LMV43ASLTON2WKOZTHAYDMNBTGM3DSMQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: @.***>
Wasmtime GitHub notifications bot (Jan 13 2026 at 19:48):zzjas commented on issue #12328:
No idea who https://github.com/bytecodealliance/wasmtime/issues/12328#issuecomment-3742285302 is. It's not my account and not my message -- probably a spam...
Wasmtime GitHub notifications bot (Jan 13 2026 at 21:49):fitzgen commented on issue #12328:
No idea who #12328 (comment) is. It's not my account and not my message -- probably a spam...
Thanks, I blocked them.
Wasmtime GitHub notifications bot (Jan 13 2026 at 23:36):alexcrichton closed issue #12328:
.clifTest Casetest optimize set opt_level=speed target x86_64 function %trigger_bug(i32x4, i32x4) -> i32x4 { block0(v0: i32x4, v1: i32x4): v2 = icmp sgt v0, v1 v3 = icmp slt v0, v1 v4 = band v2, v3 return v4 }Steps to Reproduce
RUST_BACKTRACE=1 cargo run -p cranelift-tools --bin clif-util -- test test.clifExpected Results
No crash
Actual Results
thread 'worker #0' (1654070) panicked at cranelift/codegen/src/opts.rs:191:5: unimplemented for > 64 bitsVersions and Environment
Cranelift version or commit: 54c1192eed26434359f3263e4fe95f3d8a2fa520
Operating system: Ubuntu 22.04.5
Architecture: x86_64
Extra Info
The optimization rules at
cranelift/codegen/src/opts/icmp.islelines 316-351 produce(iconst_u ty 0)without constraining ty to scalar types. Whentyis a 128-bit vector type (e.g.,i32x4),iconst_u calls ty_umax()→ty_mask(), which computes64_u64.checked_sub(ty_bits). For 128-bit types, this underflows and panics with "unimplemented for > 64 bits". Fix would be smilar to #12179.Thanks for looking into this and please let us know if we missed anything or if you have any feedback!
Last updated: Jan 29 2026 at 13:25 UTC