Stream: git-wasmtime

Topic: wasmtime / issue #4931 cranelift-fuzzgen fuzzbug: libFuzz...

Wasmtime GitHub notifications bot (Sep 20 2022 at 15:15):

afonso360 labeled issue #4931:

:wave: Hey, cranelift-fuzzgen reported this today when I rebased some other work on top of main. (This is probably also on OSS-Fuzz I would guess)

Reverting 562bb25360a2f366a482e15fc148bab7267a9266 makes it go away, so cc: @adambratschikaye .

<details>
<summary>Test case input</summary>

ZcYNuSMxRvSWnfAyAAAAADkgCKkAfX19ffN9ff///wUAAakAfX19fX19fX3wAAAAAAAA+f8A/8Ir
w8PDwwAAyTw83aQAABBbIAABCAAAAE5dCk2TY2hpQUFB/0FBQUH////////+/v7+/v7+AQAAAAAA
AHz+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7/A/7+/v7+/gAA/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+BAAAAAAAAAD+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/nr+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+////////////////////////////////
////7///////BAAAAAAAAAAAAADSAQAAwzvDw8PDEgIACgAAAC8BwwAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAgAAAAAAAAAAAAAAAAdAAAAAAAAAAAAABAANTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU
1NTU1NTU1NTU1NRVAP//////ALoAAQAAMAAAAAAAAAAABwABBP3+AAAGwwD6+gAAAAjptv8A/3Xj
tQAAAAEQAABsAAAAACEAAAUAwH19fX0BAAC6fQECMHNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAA
AADSAQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAB0AAAAAAAAAAAAAEAAwH19fX0BAAC6fQECMXNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAAAADS
AQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAD2AAAAAAAAAAAAAAAAAAAAAAAAAAB0
AAAAAAAAAAAAAEAA1NTU1NTU1P7+/v7+/v7+/v7+/v7+/v7+/tTU1NTU1NTU1FX/AP////8AugAB
AAAgAAAAAAAAAAAHAAEE/f4AAAbDAPr6AAAACOm2/wD/deO1AF0AAAEQAABsAAAAACEAAAUAwH19
w8PDEgIHAABzLA==

</details>

<details>
<summary>cargo +nightly fuzz fmt output</summary>

afonso@DESKTOP-VSTS4BC:~/git/wasmtime/fuzz$ cargo fuzz fmt --no-default-features cranelift-fuzzgen artifacts/cranelift-fuzzgen/oom-ed
0e2a716f0af472061144dc347e6ea40156028f
Error: failed to run `cargo fuzz fmt` on input: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

Caused by:
    Fuzz target 'cranelift-fuzzgen' exited with failure when attemping to debug formatting an interesting input that we discovered!

    Artifact: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

    Command: "cargo" "run" "--manifest-path" "/home/afonso/git/wasmtime/fuzz/Cargo.toml" "--target" "x86_64-unknown-linux-gnu" "--release" "--no-default-features" "--bin" "cranelift-fuzzgen" "--" "-artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/" "artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f"

    Status: exit status: 71

    === stdout ===


    === stderr ===
        Finished release [optimized] target(s) in 0.13s
         Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f`
    INFO: Running with entropic power schedule (0xFF, 100).
    INFO: Seed: 3681649001
    INFO: Loaded 1 modules   (834566 inline 8-bit counters): 834566 [0x55cbaf535a10, 0x55cbaf601616),
    INFO: Loaded 1 PC tables (834566 PCs): 834566 [0x55cbaf601618,0x55cbb02bd678),
    /home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen: Running 1 inputs 1 time(s) each.
    Running: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f
    ==28989== ERROR: libFuzzer: out-of-memory (malloc(3221225472))
       To change the out-of-memory limit use -rss_limit_mb=<N>

        #0 0x55cbac692091 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
        #1 0x55cbaecedcf0 in fuzzer::PrintStackTrace() (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d37cf0) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #2 0x55cbaecac4fb in fuzzer::Fuzzer::HandleMalloc(unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf64fb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #3 0x55cbaecac565 in fuzzer::MallocHook(void const volatile*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6565) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #4 0x55cbac699517 in __sanitizer::RunMallocHooks(void const*, unsigned long) /rustc/llvm/src/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_common.cpp:316:5
        #5 0x55cbac608554 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:600:5
        #6 0x55cbac608999 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:715:21
        #7 0x55cbac6088b5 in __asan::asan_realloc(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:982:34
        #8 0x55cbac688437 in realloc /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:86:10
        #9 0x55cbad086aeb in alloc::raw_vec::finish_grow::h6d4553f32daa153e (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20d0aeb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #10 0x55cbad090f14 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::reserve_for_push::h499028c3dd286b33 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20daf14) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #11 0x55cbad0d249a in cranelift_frontend::ssa::SSABuilder::use_var_nonlocal::hee02795ddf603a21 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211c49a) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #12 0x55cbad0da504 in cranelift_frontend::ssa::SSABuilder::run_state_machine::hd2fb8dde6ae72d84 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2124504) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #13 0x55cbad0d44a6 in cranelift_frontend::ssa::SSABuilder::seal_one_block::h22f985eda60a38e6 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211e4a6) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #14 0x55cbad0bc726 in cranelift_frontend::frontend::FunctionBuilder::seal_all_blocks::h1fdc4a95b4009fbd (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2106726) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #15 0x55cbac85aaa8 in cranelift_fuzzgen::function_generator::FunctionGenerator::generate::h5623324bba84b65d (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a4aa8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #16 0x55cbac8644d8 in cranelift_fuzzgen::FuzzGen::generate_func::h08ccf70894f31b47 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18ae4d8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #17 0x55cbac864abb in cranelift_fuzzgen::FuzzGen::generate_test::h1fe6a758e6526799 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18aeabb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #18 0x55cbac85f243 in _$LT$cranelift_fuzzgen..TestCase$u20$as$u20$arbitrary..Arbitrary$GT$::arbitrary::h88f8532552f2ecfb (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a9243) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #19 0x55cbac74f3cf in rust_fuzzer_test_input (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x17993cf) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #20 0x55cbaeca9cd8 in __rust_try (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3cd8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #21 0x55cbaeca9078 in LLVMFuzzerTestOneInput (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3078) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #22 0x55cbaecacc2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6c2c) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #23 0x55cbaecbd059 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d07059) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #24 0x55cbaecc6852 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d10852) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #25 0x55cbac606c16 in main (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650c16) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #26 0x7fa22e384082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
        #27 0x55cbac606d7d in _start (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650d7d) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)

    SUMMARY: libFuzzer: out-of-memory

</details>

<details>
<summary>Stack trace or other relevant details</summary>

     Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea4015
[message truncated]

Wasmtime GitHub notifications bot (Sep 20 2022 at 15:15):

afonso360 labeled issue #4931:

:wave: Hey, cranelift-fuzzgen reported this today when I rebased some other work on top of main. (This is probably also on OSS-Fuzz I would guess)

Reverting 562bb25360a2f366a482e15fc148bab7267a9266 makes it go away, so cc: @adambratschikaye .

<details>
<summary>Test case input</summary>

ZcYNuSMxRvSWnfAyAAAAADkgCKkAfX19ffN9ff///wUAAakAfX19fX19fX3wAAAAAAAA+f8A/8Ir
w8PDwwAAyTw83aQAABBbIAABCAAAAE5dCk2TY2hpQUFB/0FBQUH////////+/v7+/v7+AQAAAAAA
AHz+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7/A/7+/v7+/gAA/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+BAAAAAAAAAD+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/nr+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+////////////////////////////////
////7///////BAAAAAAAAAAAAADSAQAAwzvDw8PDEgIACgAAAC8BwwAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAgAAAAAAAAAAAAAAAAdAAAAAAAAAAAAABAANTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU
1NTU1NTU1NTU1NRVAP//////ALoAAQAAMAAAAAAAAAAABwABBP3+AAAGwwD6+gAAAAjptv8A/3Xj
tQAAAAEQAABsAAAAACEAAAUAwH19fX0BAAC6fQECMHNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAA
AADSAQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAB0AAAAAAAAAAAAAEAAwH19fX0BAAC6fQECMXNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAAAADS
AQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAD2AAAAAAAAAAAAAAAAAAAAAAAAAAB0
AAAAAAAAAAAAAEAA1NTU1NTU1P7+/v7+/v7+/v7+/v7+/v7+/tTU1NTU1NTU1FX/AP////8AugAB
AAAgAAAAAAAAAAAHAAEE/f4AAAbDAPr6AAAACOm2/wD/deO1AF0AAAEQAABsAAAAACEAAAUAwH19
w8PDEgIHAABzLA==

</details>

<details>
<summary>cargo +nightly fuzz fmt output</summary>

afonso@DESKTOP-VSTS4BC:~/git/wasmtime/fuzz$ cargo fuzz fmt --no-default-features cranelift-fuzzgen artifacts/cranelift-fuzzgen/oom-ed
0e2a716f0af472061144dc347e6ea40156028f
Error: failed to run `cargo fuzz fmt` on input: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

Caused by:
    Fuzz target 'cranelift-fuzzgen' exited with failure when attemping to debug formatting an interesting input that we discovered!

    Artifact: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

    Command: "cargo" "run" "--manifest-path" "/home/afonso/git/wasmtime/fuzz/Cargo.toml" "--target" "x86_64-unknown-linux-gnu" "--release" "--no-default-features" "--bin" "cranelift-fuzzgen" "--" "-artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/" "artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f"

    Status: exit status: 71

    === stdout ===


    === stderr ===
        Finished release [optimized] target(s) in 0.13s
         Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f`
    INFO: Running with entropic power schedule (0xFF, 100).
    INFO: Seed: 3681649001
    INFO: Loaded 1 modules   (834566 inline 8-bit counters): 834566 [0x55cbaf535a10, 0x55cbaf601616),
    INFO: Loaded 1 PC tables (834566 PCs): 834566 [0x55cbaf601618,0x55cbb02bd678),
    /home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen: Running 1 inputs 1 time(s) each.
    Running: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f
    ==28989== ERROR: libFuzzer: out-of-memory (malloc(3221225472))
       To change the out-of-memory limit use -rss_limit_mb=<N>

        #0 0x55cbac692091 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
        #1 0x55cbaecedcf0 in fuzzer::PrintStackTrace() (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d37cf0) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #2 0x55cbaecac4fb in fuzzer::Fuzzer::HandleMalloc(unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf64fb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #3 0x55cbaecac565 in fuzzer::MallocHook(void const volatile*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6565) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #4 0x55cbac699517 in __sanitizer::RunMallocHooks(void const*, unsigned long) /rustc/llvm/src/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_common.cpp:316:5
        #5 0x55cbac608554 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:600:5
        #6 0x55cbac608999 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:715:21
        #7 0x55cbac6088b5 in __asan::asan_realloc(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:982:34
        #8 0x55cbac688437 in realloc /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:86:10
        #9 0x55cbad086aeb in alloc::raw_vec::finish_grow::h6d4553f32daa153e (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20d0aeb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #10 0x55cbad090f14 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::reserve_for_push::h499028c3dd286b33 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20daf14) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #11 0x55cbad0d249a in cranelift_frontend::ssa::SSABuilder::use_var_nonlocal::hee02795ddf603a21 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211c49a) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #12 0x55cbad0da504 in cranelift_frontend::ssa::SSABuilder::run_state_machine::hd2fb8dde6ae72d84 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2124504) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #13 0x55cbad0d44a6 in cranelift_frontend::ssa::SSABuilder::seal_one_block::h22f985eda60a38e6 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211e4a6) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #14 0x55cbad0bc726 in cranelift_frontend::frontend::FunctionBuilder::seal_all_blocks::h1fdc4a95b4009fbd (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2106726) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #15 0x55cbac85aaa8 in cranelift_fuzzgen::function_generator::FunctionGenerator::generate::h5623324bba84b65d (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a4aa8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #16 0x55cbac8644d8 in cranelift_fuzzgen::FuzzGen::generate_func::h08ccf70894f31b47 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18ae4d8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #17 0x55cbac864abb in cranelift_fuzzgen::FuzzGen::generate_test::h1fe6a758e6526799 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18aeabb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #18 0x55cbac85f243 in _$LT$cranelift_fuzzgen..TestCase$u20$as$u20$arbitrary..Arbitrary$GT$::arbitrary::h88f8532552f2ecfb (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a9243) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #19 0x55cbac74f3cf in rust_fuzzer_test_input (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x17993cf) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #20 0x55cbaeca9cd8 in __rust_try (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3cd8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #21 0x55cbaeca9078 in LLVMFuzzerTestOneInput (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3078) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #22 0x55cbaecacc2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6c2c) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #23 0x55cbaecbd059 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d07059) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #24 0x55cbaecc6852 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d10852) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #25 0x55cbac606c16 in main (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650c16) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #26 0x7fa22e384082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
        #27 0x55cbac606d7d in _start (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650d7d) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)

    SUMMARY: libFuzzer: out-of-memory

</details>

<details>
<summary>Stack trace or other relevant details</summary>

     Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea4015
[message truncated]

Wasmtime GitHub notifications bot (Sep 20 2022 at 15:15):

afonso360 opened issue #4931:

:wave: Hey, cranelift-fuzzgen reported this today when I rebased some other work on top of main. (This is probably also on OSS-Fuzz I would guess)

Reverting 562bb25360a2f366a482e15fc148bab7267a9266 makes it go away, so cc: @adambratschikaye .

<details>
<summary>Test case input</summary>

ZcYNuSMxRvSWnfAyAAAAADkgCKkAfX19ffN9ff///wUAAakAfX19fX19fX3wAAAAAAAA+f8A/8Ir
w8PDwwAAyTw83aQAABBbIAABCAAAAE5dCk2TY2hpQUFB/0FBQUH////////+/v7+/v7+AQAAAAAA
AHz+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7/A/7+/v7+/gAA/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+BAAAAAAAAAD+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/nr+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+////////////////////////////////
////7///////BAAAAAAAAAAAAADSAQAAwzvDw8PDEgIACgAAAC8BwwAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAgAAAAAAAAAAAAAAAAdAAAAAAAAAAAAABAANTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU
1NTU1NTU1NTU1NRVAP//////ALoAAQAAMAAAAAAAAAAABwABBP3+AAAGwwD6+gAAAAjptv8A/3Xj
tQAAAAEQAABsAAAAACEAAAUAwH19fX0BAAC6fQECMHNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAA
AADSAQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAB0AAAAAAAAAAAAAEAAwH19fX0BAAC6fQECMXNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAAAADS
AQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAD2AAAAAAAAAAAAAAAAAAAAAAAAAAB0
AAAAAAAAAAAAAEAA1NTU1NTU1P7+/v7+/v7+/v7+/v7+/v7+/tTU1NTU1NTU1FX/AP////8AugAB
AAAgAAAAAAAAAAAHAAEE/f4AAAbDAPr6AAAACOm2/wD/deO1AF0AAAEQAABsAAAAACEAAAUAwH19
w8PDEgIHAABzLA==

</details>

<details>
<summary>cargo +nightly fuzz fmt output</summary>

afonso@DESKTOP-VSTS4BC:~/git/wasmtime/fuzz$ cargo fuzz fmt --no-default-features cranelift-fuzzgen artifacts/cranelift-fuzzgen/oom-ed
0e2a716f0af472061144dc347e6ea40156028f
Error: failed to run `cargo fuzz fmt` on input: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

Caused by:
    Fuzz target 'cranelift-fuzzgen' exited with failure when attemping to debug formatting an interesting input that we discovered!

    Artifact: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

    Command: "cargo" "run" "--manifest-path" "/home/afonso/git/wasmtime/fuzz/Cargo.toml" "--target" "x86_64-unknown-linux-gnu" "--release" "--no-default-features" "--bin" "cranelift-fuzzgen" "--" "-artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/" "artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f"

    Status: exit status: 71

    === stdout ===


    === stderr ===
        Finished release [optimized] target(s) in 0.13s
         Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f`
    INFO: Running with entropic power schedule (0xFF, 100).
    INFO: Seed: 3681649001
    INFO: Loaded 1 modules   (834566 inline 8-bit counters): 834566 [0x55cbaf535a10, 0x55cbaf601616),
    INFO: Loaded 1 PC tables (834566 PCs): 834566 [0x55cbaf601618,0x55cbb02bd678),
    /home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen: Running 1 inputs 1 time(s) each.
    Running: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f
    ==28989== ERROR: libFuzzer: out-of-memory (malloc(3221225472))
       To change the out-of-memory limit use -rss_limit_mb=<N>

        #0 0x55cbac692091 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
        #1 0x55cbaecedcf0 in fuzzer::PrintStackTrace() (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d37cf0) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #2 0x55cbaecac4fb in fuzzer::Fuzzer::HandleMalloc(unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf64fb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #3 0x55cbaecac565 in fuzzer::MallocHook(void const volatile*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6565) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #4 0x55cbac699517 in __sanitizer::RunMallocHooks(void const*, unsigned long) /rustc/llvm/src/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_common.cpp:316:5
        #5 0x55cbac608554 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:600:5
        #6 0x55cbac608999 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:715:21
        #7 0x55cbac6088b5 in __asan::asan_realloc(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:982:34
        #8 0x55cbac688437 in realloc /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:86:10
        #9 0x55cbad086aeb in alloc::raw_vec::finish_grow::h6d4553f32daa153e (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20d0aeb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #10 0x55cbad090f14 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::reserve_for_push::h499028c3dd286b33 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20daf14) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #11 0x55cbad0d249a in cranelift_frontend::ssa::SSABuilder::use_var_nonlocal::hee02795ddf603a21 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211c49a) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #12 0x55cbad0da504 in cranelift_frontend::ssa::SSABuilder::run_state_machine::hd2fb8dde6ae72d84 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2124504) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #13 0x55cbad0d44a6 in cranelift_frontend::ssa::SSABuilder::seal_one_block::h22f985eda60a38e6 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211e4a6) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #14 0x55cbad0bc726 in cranelift_frontend::frontend::FunctionBuilder::seal_all_blocks::h1fdc4a95b4009fbd (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2106726) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #15 0x55cbac85aaa8 in cranelift_fuzzgen::function_generator::FunctionGenerator::generate::h5623324bba84b65d (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a4aa8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #16 0x55cbac8644d8 in cranelift_fuzzgen::FuzzGen::generate_func::h08ccf70894f31b47 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18ae4d8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #17 0x55cbac864abb in cranelift_fuzzgen::FuzzGen::generate_test::h1fe6a758e6526799 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18aeabb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #18 0x55cbac85f243 in _$LT$cranelift_fuzzgen..TestCase$u20$as$u20$arbitrary..Arbitrary$GT$::arbitrary::h88f8532552f2ecfb (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a9243) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #19 0x55cbac74f3cf in rust_fuzzer_test_input (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x17993cf) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #20 0x55cbaeca9cd8 in __rust_try (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3cd8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #21 0x55cbaeca9078 in LLVMFuzzerTestOneInput (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3078) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #22 0x55cbaecacc2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6c2c) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #23 0x55cbaecbd059 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d07059) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #24 0x55cbaecc6852 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d10852) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #25 0x55cbac606c16 in main (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650c16) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #26 0x7fa22e384082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
        #27 0x55cbac606d7d in _start (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650d7d) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)

    SUMMARY: libFuzzer: out-of-memory

</details>

<details>
<summary>Stack trace or other relevant details</summary>

     Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156
[message truncated]

Wasmtime GitHub notifications bot (Sep 20 2022 at 15:15):

afonso360 edited issue #4931:

:wave: Hey, cranelift-fuzzgen reported this today when I rebased some other work on top of main. This is probably also on OSS-Fuzz I would guess.

Reverting 562bb25360a2f366a482e15fc148bab7267a9266 makes it go away, so cc: @adambratschikaye .

<details>
<summary>Test case input</summary>

ZcYNuSMxRvSWnfAyAAAAADkgCKkAfX19ffN9ff///wUAAakAfX19fX19fX3wAAAAAAAA+f8A/8Ir
w8PDwwAAyTw83aQAABBbIAABCAAAAE5dCk2TY2hpQUFB/0FBQUH////////+/v7+/v7+AQAAAAAA
AHz+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7/A/7+/v7+/gAA/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+BAAAAAAAAAD+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/nr+/v7+/v7+/v7+/v7+/v7+/v7+
/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+////////////////////////////////
////7///////BAAAAAAAAAAAAADSAQAAwzvDw8PDEgIACgAAAC8BwwAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAgAAAAAAAAAAAAAAAAdAAAAAAAAAAAAABAANTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU
1NTU1NTU1NTU1NRVAP//////ALoAAQAAMAAAAAAAAAAABwABBP3+AAAGwwD6+gAAAAjptv8A/3Xj
tQAAAAEQAABsAAAAACEAAAUAwH19fX0BAAC6fQECMHNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAA
AADSAQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAB0AAAAAAAAAAAAAEAAwH19fX0BAAC6fQECMXNzECxdwyXDw37Dw8c8PAAAAAAAANYIAAAAAADS
AQAAwzvDw8PDEgIACgAAAAHDAAAAAAAAAAAAAAAAAAAAAAD2AAAAAAAAAAAAAAAAAAAAAAAAAAB0
AAAAAAAAAAAAAEAA1NTU1NTU1P7+/v7+/v7+/v7+/v7+/v7+/tTU1NTU1NTU1FX/AP////8AugAB
AAAgAAAAAAAAAAAHAAEE/f4AAAbDAPr6AAAACOm2/wD/deO1AF0AAAEQAABsAAAAACEAAAUAwH19
w8PDEgIHAABzLA==

</details>

<details>
<summary>cargo +nightly fuzz fmt output</summary>

afonso@DESKTOP-VSTS4BC:~/git/wasmtime/fuzz$ cargo fuzz fmt --no-default-features cranelift-fuzzgen artifacts/cranelift-fuzzgen/oom-ed
0e2a716f0af472061144dc347e6ea40156028f
Error: failed to run `cargo fuzz fmt` on input: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

Caused by:
    Fuzz target 'cranelift-fuzzgen' exited with failure when attemping to debug formatting an interesting input that we discovered!

    Artifact: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f

    Command: "cargo" "run" "--manifest-path" "/home/afonso/git/wasmtime/fuzz/Cargo.toml" "--target" "x86_64-unknown-linux-gnu" "--release" "--no-default-features" "--bin" "cranelift-fuzzgen" "--" "-artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/" "artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f"

    Status: exit status: 71

    === stdout ===


    === stderr ===
        Finished release [optimized] target(s) in 0.13s
         Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f`
    INFO: Running with entropic power schedule (0xFF, 100).
    INFO: Seed: 3681649001
    INFO: Loaded 1 modules   (834566 inline 8-bit counters): 834566 [0x55cbaf535a10, 0x55cbaf601616),
    INFO: Loaded 1 PC tables (834566 PCs): 834566 [0x55cbaf601618,0x55cbb02bd678),
    /home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen: Running 1 inputs 1 time(s) each.
    Running: artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea40156028f
    ==28989== ERROR: libFuzzer: out-of-memory (malloc(3221225472))
       To change the out-of-memory limit use -rss_limit_mb=<N>

        #0 0x55cbac692091 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
        #1 0x55cbaecedcf0 in fuzzer::PrintStackTrace() (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d37cf0) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #2 0x55cbaecac4fb in fuzzer::Fuzzer::HandleMalloc(unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf64fb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #3 0x55cbaecac565 in fuzzer::MallocHook(void const volatile*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6565) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #4 0x55cbac699517 in __sanitizer::RunMallocHooks(void const*, unsigned long) /rustc/llvm/src/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_common.cpp:316:5
        #5 0x55cbac608554 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:600:5
        #6 0x55cbac608999 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:715:21
        #7 0x55cbac6088b5 in __asan::asan_realloc(void*, unsigned long, __sanitizer::BufferedStackTrace*) /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_allocator.cpp:982:34
        #8 0x55cbac688437 in realloc /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:86:10
        #9 0x55cbad086aeb in alloc::raw_vec::finish_grow::h6d4553f32daa153e (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20d0aeb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #10 0x55cbad090f14 in alloc::raw_vec::RawVec$LT$T$C$A$GT$::reserve_for_push::h499028c3dd286b33 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x20daf14) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #11 0x55cbad0d249a in cranelift_frontend::ssa::SSABuilder::use_var_nonlocal::hee02795ddf603a21 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211c49a) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #12 0x55cbad0da504 in cranelift_frontend::ssa::SSABuilder::run_state_machine::hd2fb8dde6ae72d84 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2124504) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #13 0x55cbad0d44a6 in cranelift_frontend::ssa::SSABuilder::seal_one_block::h22f985eda60a38e6 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x211e4a6) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #14 0x55cbad0bc726 in cranelift_frontend::frontend::FunctionBuilder::seal_all_blocks::h1fdc4a95b4009fbd (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x2106726) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #15 0x55cbac85aaa8 in cranelift_fuzzgen::function_generator::FunctionGenerator::generate::h5623324bba84b65d (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a4aa8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #16 0x55cbac8644d8 in cranelift_fuzzgen::FuzzGen::generate_func::h08ccf70894f31b47 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18ae4d8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #17 0x55cbac864abb in cranelift_fuzzgen::FuzzGen::generate_test::h1fe6a758e6526799 (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18aeabb) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #18 0x55cbac85f243 in _$LT$cranelift_fuzzgen..TestCase$u20$as$u20$arbitrary..Arbitrary$GT$::arbitrary::h88f8532552f2ecfb (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x18a9243) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #19 0x55cbac74f3cf in rust_fuzzer_test_input (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x17993cf) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #20 0x55cbaeca9cd8 in __rust_try (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3cd8) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #21 0x55cbaeca9078 in LLVMFuzzerTestOneInput (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf3078) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #22 0x55cbaecacc2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3cf6c2c) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #23 0x55cbaecbd059 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d07059) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #24 0x55cbaecc6852 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x3d10852) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #25 0x55cbac606c16 in main (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650c16) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)
        #26 0x7fa22e384082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
        #27 0x55cbac606d7d in _start (/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1650d7d) (BuildId: 4a8f4dbcbb26d9ca1ec67ad7b884b6273fa677d7)

    SUMMARY: libFuzzer: out-of-memory

</details>

<details>
<summary>Stack trace or other relevant details</summary>

     Running `/home/afonso/git/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen -artifact_prefix=/home/afonso/git/wasmtime/fuzz/artifacts/cranelift-fuzzgen/ artifacts/cranelift-fuzzgen/oom-ed0e2a716f0af472061144dc347e6ea401560
[message truncated]