Stream: git-wasmtime

Topic: wasmtime / issue #4770 cranelift-fuzzgen fuzzbug: called ...


view this post on Zulip Wasmtime GitHub notifications bot (Aug 24 2022 at 16:45):

cfallin opened issue #4770:

https://oss-fuzz.com/testcase-detail/4997120972685312

The key bit of the stacktrace seems to be:

#11 0x5574eac7df1d in cranelift_codegen::isa::x64::lower::isle::generated_code::constructor_div_or_rem::h705de0e422e66fed [wasmtime/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs:0](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs#L0)
    #12 0x5574eac8a293 in cranelift_codegen::isa::x64::lower::isle::generated_code::constructor_lower::h333a555f0bbc7d8f [wasmtime/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs:12045](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs#L12045):35
    #13 0x5574eaa909f7 in cranelift_codegen::isa::x64::lower::isle::lower::_$u7b$$u7b$closure$u7d$$u7d$::ha3d0d741e3b3abcc [wasmtime/cranelift/codegen/src/isa/x64/lower/isle.rs:69](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/cranelift/codegen/src/isa/x64/lower/isle.rs#L69):20

or an incomplete match in the div_or_rem term.

Input (base64'd):

ARUg////AAD/ARk6IA==

cc @afonso360

view this post on Zulip Wasmtime GitHub notifications bot (Aug 24 2022 at 16:48):

afonso360 commented on issue #4770:

Formatted:

Output of `std::fmt::Debug`:

;; Fuzzgen test case

test interpret
test run
set enable_llvm_abi_extensions
target aarch64
target s390x
target x86_64

function u0:1(i128 sext) system_v {
block0(v0: i128):
    v1 = iconst.i128 0
    v2 = iconst.i64 0
    v3 = iconst.i32 0
    v4 = iconst.i16 0
    v5 = iconst.i8 0
    v6 = sdiv v0, v0
    return
}

; Note: the results in the below test cases are simply a placeholder and probably will be wrong

; run: u0:1(0)
; run: u0:1(0)
; run: u0:1(0)

view this post on Zulip Wasmtime GitHub notifications bot (Aug 29 2022 at 21:29):

jameysharp closed issue #4770:

https://oss-fuzz.com/testcase-detail/4997120972685312

The key bit of the stacktrace seems to be:

#11 0x5574eac7df1d in cranelift_codegen::isa::x64::lower::isle::generated_code::constructor_div_or_rem::h705de0e422e66fed [wasmtime/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs:0](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs#L0)
    #12 0x5574eac8a293 in cranelift_codegen::isa::x64::lower::isle::generated_code::constructor_lower::h333a555f0bbc7d8f [wasmtime/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs:12045](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/target/x86_64-unknown-linux-gnu/release/build/cranelift-codegen-2a8c5675489ecc10/out/isle_x64.rs#L12045):35
    #13 0x5574eaa909f7 in cranelift_codegen::isa::x64::lower::isle::lower::_$u7b$$u7b$closure$u7d$$u7d$::ha3d0d741e3b3abcc [wasmtime/cranelift/codegen/src/isa/x64/lower/isle.rs:69](https://github.com/bytecodealliance/wasmtime/blob/9cb987c678f93e7d30fb702aece7dad641a0f007/cranelift/codegen/src/isa/x64/lower/isle.rs#L69):20

or an incomplete match in the div_or_rem term.

Input (base64'd):

ARUg////AAD/ARk6IA==

cc @afonso360


Last updated: Dec 23 2024 at 13:07 UTC