cranelift-fuzzgen: Difference in interpreter and x64 execution

[alexcrichton]

https://oss-fuzz.com/testcase-detail/5189810368675840 - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51027

Test case input

input.gz

`cargo +nightly fuzz fmt` output

;; Fuzzgen test case

test interpret
test run
set enable_llvm_abi_extensions
target aarch64
target s390x
target x86_64

function u1:0(i32, i64 uext, f32 sext, f64 uext, i128, b1 sext, i8 sext, i128, i16, i16 uext, i16 uext, i16 uext) -> i16, i16 uext, i64, b1, f32 uext, f32, i8 sext, f32, f32 uext, f32 uext, f32 uext system_v {
    ss0 = explicit_slot 65
    ss1 = explicit_slot 65
    ss2 = explicit_slot 65
    ss3 = explicit_slot 65
    ss4 = explicit_slot 65
    jt0 = jump_table []
    jt1 = jump_table []
    jt2 = jump_table []
    jt3 = jump_table [block4, block4, block4, block3, block3, block3, block9, block3, block3, block14, block4, block4]
    jt4 = jump_table [block4, block4, block4, block18, block18, block18, block9, block18, block18, block14, block4, block4]
    jt5 = jump_table [block4, block4, block4, block18, block18, block18, block25, block18, block18, block14, block4, block4]
    jt6 = jump_table [block4, block4, block4, block18, block18, block18, block25, block18, block18, block26, block4, block4]

block0(v0: i32, v1: i64, v2: f32, v3: f64, v4: i128, v5: b1, v6: i8, v7: i128, v8: i16, v9: i16, v10: i16, v11: i16):
    v95 -> v0
    v145 -> v0
    v97 -> v1
    v141 -> v1
    v337 -> v2
    v107 -> v3
    v127 -> v3
    v136 -> v4
    v105 -> v6
    v142 -> v6
    v92 -> v7
    v137 -> v7
    v133 -> v8
    v94 -> v9
    v134 -> v9
    v103 -> v10
    v150 -> v10
    v99 -> v11
    v284 -> v11
    v59 = f32const 0x1.820000p3
    v344 -> v59
    v60 = iconst.i8 31
    v61 = iconst.i8 65
    v153 -> v61
    v62 = iconst.i8 65
    v139 -> v62
    v63 = iconst.i128 0
    v64 = iconst.i64 0
    v65 = iconst.i32 0
    v66 = iconst.i16 0
    v67 = iconst.i8 0
    stack_store v63, ss0  ; v63 = 0
    stack_store v63, ss0+16  ; v63 = 0
    stack_store v63, ss0+32  ; v63 = 0
    stack_store v63, ss0+48  ; v63 = 0
    stack_store v67, ss0+64  ; v67 = 0
    stack_store v63, ss1  ; v63 = 0
    stack_store v63, ss1+16  ; v63 = 0
    stack_store v63, ss1+32  ; v63 = 0
    stack_store v63, ss1+48  ; v63 = 0
    stack_store v67, ss1+64  ; v67 = 0
    stack_store v63, ss2  ; v63 = 0
    stack_store v63, ss2+16  ; v63 = 0
    stack_store v63, ss2+32  ; v63 = 0
    stack_store v63, ss2+48  ; v63 = 0
    stack_store v67, ss2+64  ; v67 = 0
    stack_store v63, ss3  ; v63 = 0
    stack_store v63, ss3+16  ; v63 = 0
    stack_store v63, ss3+32  ; v63 = 0
    stack_store v63, ss3+48  ; v63 = 0
    stack_store v67, ss3+64  ; v67 = 0
    stack_store v63, ss4  ; v63 = 0
    stack_store v63, ss4+16  ; v63 = 0
    stack_store v63, ss4+32  ; v63 = 0
    stack_store v63, ss4+48  ; v63 = 0
    stack_store v67, ss4+64  ; v67 = 0
    v68 = icmp_imm uge v60, 196  ; v60 = 31
    brnz v68, block17
    jump block5

block17:
    v69 = iadd_imm.i8 v60, -196  ; v60 = 31
    v70 = uextend.i32 v69
    br_table v70, block5, jt6

block1(v12: f32, v13: f32, v14: f32, v15: f32, v16: f32, v17: f32, v18: f32, v19: f32, v20: f32, v21: f32, v22: f32, v23: f32, v24: f32, v25: f32, v26: f32, v27: f32):
    v73 = sshr.i32 v71, v72  ; v71 = 0, v72 = 0
    br_icmp ule v73, v73, block3(v77, v90, v75, v375, v26, v27, v74, v73, v82, v425, v88, v84, v72, v85, v78)  ; v375 = false, v74 = 0, v425 = 0, v84 = 0, v72 = 0, v78 = 0
    jump block14(v75, v74, v73, v82, v425, v88, v84, v72, v85, v78, v77, v90, v26, v27)  ; v74 = 0, v425 = 0, v84 = 0, v72 = 0, v78 = 0

block2(v28: f32, v29: i16, v30: f32, v31: i64, v32: i64, v33: i64, v34: i64, v35: i64, v36: i64, v37: i64, v38: i64, v39: i64, v40: i64, v41: i64, v42: i64, v43: i64):
    v425 = iconst.i8 0
    v424 -> v425
    v375 = bconst.b1 false
    v374 -> v375
    v282 = iconst.i128 0
    v273 -> v282
    v72 -> v273
    v281 = iconst.i32 0
    v272 -> v281
    v71 -> v272
    v280 = iconst.i16 0
    v89 -> v280
    v279 = f64const 0.0
    v86 -> v279
    v278 = iconst.i8 0
    v84 -> v278
    v277 = iconst.i8 0
    v79 -> v277
    v276 = iconst.i16 0
    v78 -> v276
    v275 = iconst.i8 0
    v76 -> v275
    v274 = iconst.i128 0
    v74 -> v274
    v75 = ishl v43, v74  ; v74 = 0
    nop
    v77 = iadd v76, v76  ; v76 = 0, v76 = 0
    nop
    v80 = ishl v78, v79  ; v78 = 0, v79 = 0
    nop
    nop
    v81 = fneg v30
    v82 = udiv v29, v78  ; v78 = 0
    v83 = fcopysign v28, v28
    nop
    v85 = sshr v84, v74  ; v84 = 0, v74 = 0
    v458 = fma v86, v86, v86  ; v86 = 0.0, v86 = 0.0, v86 = 0.0
    v459 = fcmp ne v458, v458
    v460 = f64const +NaN
    v87 = select v459, v460, v458  ; v460 = +NaN
    v88 = udiv v78, v78  ; v78 = 0, v78 = 0
    nop
    v90 = udiv v82, v89  ; v89 = 0
    br_icmp ugt v88, v88, block14(v75, v74, v272, v82, v424, v88, v84, v273, v85, v78, v77, v90, v83, v28)  ; v74 = 0, v272 = 0, v424 = 0, v84 = 0, v273 = 0, v78 = 0
    jump block1(v83, v28, v28, v28, v28, v83, v83, v28, v83, v28, v28, v83, v83, v83, v28, v83)

block3(v91: i8, v369: i16, v371: i64, v373: b1, v377: f32, v379: f32, v426: i128, v428: i32, v430: i16, v432: i8, v434: i16, v436: i8, v437: i128, v439: i8, v441: i16):
    v331 -> v91
    v336 -> v369
    v265 -> v371
    v343 -> v377
    v350 -> v379
    v266 -> v426
    v270 -> v428
    v290 -> v430
    v295 -> v432
    v300 -> v434
    v309 -> v436
    v315 -> v437
    v320 -> v439
    v326 -> v441
    brnz v91, block9(v369, v371, v373, v377, v91, v379)
    jump block15

block4:
    v93 = isub.i128 v92, v92
    v96 = sshr.i16 v94, v95
    v98 = rotl.i64 v97, v96
    v100 = rotl v98, v99
    v101 = rotl v100, v96
    v102 = rotl v101, v96
    v104 = rotl v102, v103
    v106 = sshr.i8 v105, v93
    v461 = fmul.f64 v107, v107
    v462 = fcmp ne v461, v461
    v463 = f64const +NaN
    v108 = select v462, v463, v461  ; v463 = +NaN
    v464 = fmul v108, v108
    v465 = fcmp ne v464, v464
    v466 = f64const +NaN
    v109 = select v465, v466, v464  ; v466 = +NaN
    v467 = fmul v109, v109
    v468 = fcmp ne v467, v467
    v469 = f64const +NaN
    v110 = select v468, v469, v467  ; v469 = +NaN
    v470 = fmul v110, v110
    v471 = fcmp ne v470, v470
    v472 = f64const +NaN
    v111 = select v471, v472, v470  ; v472 = +NaN
    nop
    v473 = fmul v111, v111
    v474 = fcmp ne v473, v473
    v475 = f64const +NaN
    v112 = select v474, v475, v473  ; v475 = +NaN
    v476 = fmul v112, v112
    v477 = fcmp ne v476, v476
    v478 = f64const +NaN
    v113 = select v477, v478, v476  ; v478 = +NaN
    v479 = fmul v113, v113
    v480 = fcmp ne v479, v479
    v481 = f64const +NaN
    v114 = select v480, v481, v479  ; v481 = +NaN
    v482 = fmul v114, v114
    v483 = fcmp ne v482, v482
    v484 = f64const +NaN
    v115 = select v483, v484, v482  ; v484 = +NaN
    v485 = fmul v115, v115
    v486 = fcmp ne v485, v485
    v487 = f64const +NaN
    v116 = select v486, v487, v485  ; v487 = +NaN
    v488 = fmul v116, v116
    v489 = fcmp ne v488, v488
    v490 = f64const +NaN
    v117 = select v489, v490, v488  ; v490 = +NaN
    v491 = fmul v117, v117
    v492 = fcmp ne v491, v491
    v493 = f64const +NaN
    v118 = select v492, v493, v491  ; v493 = +NaN
    v494 = fmul v118, v118
    v495 = fcmp ne v494, v494
    v496 = f64const +NaN
    v119 = select v495, v496, v494  ; v496 = +NaN
    v497 = fmul v119, v119
    v498 = fcmp ne v497, v497
    v499 = f64const +NaN
    v120 = select v498, v499, v497  ; v499 = +NaN
    v500 = fmul v120, v120
    v501 = fcmp ne v500, v500
    v502 = f64const +NaN
    v121 = select v501, v502, v500  ; v502 = +NaN
    v503 = fmul v121, v121
    v504 = fcmp ne v503, v503
    v505 = f64const +NaN
    v122 = select v504, v505, v503  ; v505 = +NaN
    v506 = fmul v122, v122
    v507 = fcmp ne v506, v506
    v508 = f64const +NaN
    v123 = select v507, v508, v506  ; v508 = +NaN
    v509 = fmul v123, v123
    v510 = fcmp ne v509, v509
    v511 = f64const +NaN
    v124 = select v510, v511, v509  ; v511 = +NaN
    v512 = fmul v124, v124
    v513 = fcmp ne v512, v512
    v514 = f64const +NaN
    v125 = select v513, v514, v512  ; v514 = +NaN
    v515 = fmul v125, v125
    v516 = fcmp ne v515, v515
    v517 = f64const +NaN
    v126 = select v516, v517, v515  ; v517 = +NaN
    br_table v95, block19, jt2

block5:
    v518 = fmul.f64 v127, v127
    v519 = fcmp ne v518, v518
    v520 = f64const +NaN
    v128 = select v519, v520, v518  ; v520 = +NaN
    v521 = fmul v128, v128
    v522 = fcmp ne v521, v521
    v523 = f64const +NaN
    v129 = select v522, v523, v521  ; v523 = +NaN
    v524 = fmul v129, v129
    v525 = fcmp ne v524, v524
    v526 = f64const +NaN
    v130 = select v525, v526, v524  ; v526 = +NaN
    v527 = fmul v130, v130
    v528 = fcmp ne v527, v527
    v529 = f64const +NaN
    v131 = select v528, v529, v527  ; v529 = +NaN
    v530 = fmul v131, v131
    v531 = fcmp ne v530, v530
    v532 = f64const +NaN
    v132 = select v531, v532, v530  ; v532 = +NaN
    nop
    nop
    nop
    nop
    nop
    nop
    nop
    v135 = isub.i16 v133, v134
    v138 = iadd.i128 v136, v137
    v140 = sextend.i16 v139  ; v139 = 65
    v143 = rotr.i64 v141, v142
    v144 = iadd.i8 v142, v139  ; v139 = 65
    v146 = sextend.i64 v145
    v147 = ishl v146, v138
    v148 = sshr v138, v147
    v149 = ishl.i128 v136, v140
    nop
    v151 = iadd v140, v150
    v152 = rotl.i128 v136, v149
    v154 = sshr.i8 v153, v147  ; v153 = 65
    v155 = sshr v144, v136
    v156 = ishl.i32 v145, v150
    v157 = rotr v147, v156
    v533 = fdiv v132, v132
    v534 = fcmp ne v533, v533
    v535 = f64const +NaN
    v158 = select v534, v535, v533  ; v535 = +NaN
    v159 = sshr v152, v156
    v160 = ushr v157, v150
    v161 = ushr.i16 v150, v160
    v162 = rotr v156, v160
    v163 = rotr v162, v160
    v164 = rotr v163, v160
    v165 = rotr v164, v160
    v166 = rotr v165, v160
    v167 = rotr v166, v160
    v168 = rotr v167, v160
    v169 = rotr v168, v160
    v170 = rotr v169, v160
    v171 = rotr v170, v160
    v172 = rotr v171, v160
    v173 = rotr v172, v160
    v174 = rotr v173, v160
    v175 = rotr v174, v160
    v176 = rotr v175, v160
    v177 = rotr v176, v160
    v178 = rotr v177, v160
    v179 = rotr v178, v160
    v180 = rotr v179, v160
    v181 = rotr v180, v160
    brnz v160, block6(v284, v155, v135, v160, v181, v136, v144, v159, v139, v151, v142, v161, v337, v344)  ; v139 = 65, v344 = 0x1.820000p3
    jump block14(v160, v136, v181, v284, v155, v135, v144, v159, v139, v151, v142, v161, v337, v344)  ; v139 = 65, v344 = 0x1.820000p3

block6(v182: i16, v183: i8, v185: i16, v186: i64, v188: i32, v189: i128, v193: i8, v199: i128, v204: i8, v206: i16, v212: i8, v214: i16, v218: f32, v219: f32):
    v184 = sshr v182, v183
    v187 = sshr v185, v186
    v190 = rotr v188, v189
    v191 = ushr v189, v190
    stack_store v191, ss1+45
    v192 = ushr v190, v191
    v194 = isub v193, v193
    v195 = ishl v192, v186
    v196 = ishl v195, v186
    v197 = ishl v196, v186
    v198 = ishl v197, v186
    v200 = iadd v191, v199
    v201 = udiv v185, v185
    nop
    nop
    nop
    nop
    nop
    nop
    v202 = iadd v186, v186
    nop
    nop
    nop
    v203 = isub v187, v187
    v205 = icmp nof v204, v183
    v207 = sshr v206, v202
    v208 = rotl v202, v207
    v209 = rotl v208, v207
    v210 = rotl v209, v207
    v211 = rotl v210, v207
    v213 = sshr v212, v200
    v215 = sshr v214, v183
    nop
    nop
    nop
    v216 = ushr v214, v211
    v217 = ushr v216, v211
    return v217, v217, v211, v205, v218, v218, v183, v218, v219, v218, v218

block7:
    v356 = iconst.i8 0
    v225 -> v356
    v355 = f32const 0.0
    v224 -> v355
    v354 = bconst.b1 false
    v223 -> v354
    v353 = iconst.i64 0
    v222 -> v353
    v352 = iconst.i16 0
    v221 -> v352
    v351 = iconst.i16 0
    v220 -> v351
    return v220, v221, v222, v223, v224, v224, v225, v224, v224, v224, v224  ; v220 = 0, v221 = 0, v222 = 0, v223 = false, v224 = 0.0, v224 = 0.0, v225 = 0, v224 = 0.0, v224 = 0.0, v224 = 0.0, v224 = 0.0

block8:
    v368 = f32const 0.0
    v345 -> v368
    v367 = f32const 0.0
    v338 -> v367
    v366 = iconst.i16 0
    v321 -> v366
    v365 = iconst.i128 0
    v310 -> v365
    v364 = iconst.i8 0
    v304 -> v364
    v363 = iconst.i128 0
    v302 -> v363
    v362 = iconst.i16 0
    v285 -> v362
    v361 = iconst.i8 0
    v234 -> v361
    v360 = iconst.i16 0
    v232 -> v360
    v359 = iconst.i16 0
    v230 -> v359
    v358 = iconst.i64 0
    v228 -> v358
    v357 = iconst.i32 0
    v226 -> v357
    v227 = ireduce.i8 v226  ; v226 = 0
    nop
    nop
    nop
    v229 = ishl v227, v228  ; v228 = 0
    v231 = rotl v226, v230  ; v226 = 0, v230 = 0
    v233 = rotl v231, v232  ; v232 = 0
    nop
    v235 = iadd v227, v234  ; v234 = 0
    v236 = rotl v232, v232  ; v232 = 0, v232 = 0
    nop
    nop
    nop
    nop
    nop
    nop
    nop
    nop
    nop
    nop
    brnz v232, block6(v285, v229, v236, v228, v233, v302, v304, v310, v235, v321, v227, v232, v338, v345)  ; v232 = 0, v285 = 0, v228 = 0, v302 = 0, v304 = 0, v310 = 0, v321 = 0, v232 = 0, v338 = 0.0, v345 = 0.0
    jump block14(v228, v302, v233, v285, v229, v236, v304, v310, v235, v321, v227, v232, v338, v345)  ; v228 = 0, v302 = 0, v285 = 0, v304 = 0, v310 = 0, v321 = 0, v232 = 0, v338 = 0.0, v345 = 0.0

block9(v237: i16, v238: i64, v239: b1, v240: f32, v241: i8, v242: f32):
    return v237, v237, v238, v239, v240, v240, v241, v240, v242, v240, v240

block10:
    v394 = f32const 0.0
    v346 -> v394
    v393 = f32const 0.0
    v339 -> v393
    v392 = iconst.i16 0
    v332 -> v392
    v391 = iconst.i8 0
    v327 -> v391
    v390 = iconst.i16 0
    v322 -> v390
    v389 = iconst.i8 0
    v316 -> v389
    v388 = iconst.i128 0
    v311 -> v388
    v387 = iconst.i8 0
    v305 -> v387
    v386 = iconst.i128 0
    v303 -> v386
    v385 = iconst.i64 0
    v301 -> v385
    v384 = iconst.i16 0
    v296 -> v384
    v383 = iconst.i8 0
    v291 -> v383
    v382 = iconst.i16 0
    v286 -> v382
    v381 = iconst.i32 0
    v243 -> v381
    br_table v243, block20, jt2  ; v243 = 0

block11(v44: i64, v45: i64, v46: i64, v47: i64, v48: i64, v49: i64, v50: i64, v51: i64, v52: f64, v53: i64, v54: i64, v55: i64, v56: i64, v57: i64, v58: i64):
    v407 = f32const 0.0
    v347 -> v407
    v406 = f32const 0.0
    v340 -> v406
    v405 = iconst.i16 0
    v333 -> v405
    v404 = iconst.i8 0
    v328 -> v404
    v403 = iconst.i16 0
    v323 -> v403
    v402 = iconst.i8 0
    v317 -> v402
    v401 = iconst.i128 0
    v312 -> v401
    v400 = iconst.i8 0
    v306 -> v400
    v399 = iconst.i16 0
    v297 -> v399
    v398 = iconst.i8 0
    v292 -> v398
    v397 = iconst.i16 0
    v287 -> v397
    v396 = iconst.i32 0
    v248 -> v396
    v395 = iconst.i128 0
    v244 -> v395
    v245 = rotl v58, v244  ; v244 = 0
    v246 = rotl v245, v244  ; v244 = 0
    v247 = rotl v246, v244  ; v244 = 0
    br_table v248, block21, jt2  ; v248 = 0

block12:
    v421 = f32const 0.0
    v348 -> v421
    v420 = f32const 0.0
    v341 -> v420
    v419 = iconst.i16 0
    v334 -> v419
    v418 = iconst.i8 0
    v329 -> v418
    v417 = iconst.i16 0
    v324 -> v417
    v416 = iconst.i8 0
    v318 -> v416
    v415 = iconst.i128 0
    v313 -> v415
    v414 = iconst.i8 0
    v307 -> v414
    v413 = iconst.i16 0
    v298 -> v413
    v412 = iconst.i8 0
    v293 -> v412
    v411 = iconst.i16 0
    v288 -> v411
    v410 = iconst.i32 0
    v254 -> v410
    v409 = iconst.i128 0
    v250 -> v409
    v408 = iconst.i64 0
    v249 -> v408
    v251 = rotl v249, v250  ; v249 = 0, v250 = 0
    v252 = rotl v251, v250  ; v250 = 0
    v253 = rotl v252, v250  ; v250 = 0
    br_table v254, block22, jt2  ; v254 = 0

block13:
    v423 = iconst.i32 0
    v258 -> v423
    v422 = iconst.i128 0
    v256 -> v422
    v257 = rotl v255, v256  ; v256 = 0
    v255 -> v257
    br_table v258, block13, jt2  ; v258 = 0

block14(v259: i64, v260: i128, v264: i32, v289: i16, v294: i8, v299: i16, v308: i8, v314: i128, v319: i8, v325: i16, v330: i8, v335: i16, v342: f32, v349: f32):
    v261 = rotl v259, v260
    v262 = rotl v261, v260
    v263 = rotl v262, v260
    br_table v264, block23, jt2

block15 cold:
    v267 = rotl.i64 v265, v266
    v268 = rotl v267, v266
    v269 = rotl v268, v266
    br_table v270, block24, jt2

block16:
    v457 = iconst.i16 0
    v442 -> v457
    v456 = iconst.i8 0
    v440 -> v456
    v455 = iconst.i128 0
    v438 -> v455
    v454 = iconst.i16 0
    v435 -> v454
    v453 = iconst.i8 0
    v433 -> v453
    v452 = iconst.i16 0
    v431 -> v452
    v451 = iconst.i32 0
    v429 -> v451
    v450 = iconst.i128 0
    v427 -> v450
    v449 = f32const 0.0
    v380 -> v449
    v448 = f32const 0.0
    v378 -> v448
    v447 = bconst.b1 false
    v376 -> v447
    v446 = iconst.i64 0
    v372 -> v446
    v445 = iconst.i16 0
    v370 -> v445
    v444 = iconst.i8 0
    v283 -> v444
    v443 = iconst.i8 0
    v271 -> v443
    jump block3(v283, v370, v372, v376, v378, v380, v427, v429, v431, v433, v435, v271, v438, v440, v442)  ; v283 = 0, v370 = 0, v372 = 0, v376 = false, v378 = 0.0, v380 = 0.0, v427 = 0, v429 = 0, v431 = 0, v433 = 0, v435 = 0, v271 = 0, v438 = 0, v440 = 0, v442 = 0

block18:
    jump block3(v6, v10, v1, v5, v2, v59, v4, v0, v11, v61, v8, v60, v7, v62, v9)  ; v59 = 0x1.820000p3, v61 = 65, v60 = 31, v62 = 65

block19:
    jump block3(v105, v103, v104, v5, v2, v59, v4, v95, v99, v106, v8, v60, v93, v62, v96)  ; v59 = 0x1.820000p3, v60 = 31, v62 = 65

block20:
    jump block6(v286, v291, v296, v301, v243, v303, v305, v311, v316, v322, v327, v332, v339, v346)  ; v286 = 0, v291 = 0, v296 = 0, v301 = 0, v243 = 0, v303 = 0, v305 = 0, v311 = 0, v316 = 0, v322 = 0, v327 = 0, v332 = 0, v339 = 0.0, v346 = 0.0

block21:
    jump block6(v287, v292, v297, v247, v248, v244, v306, v312, v317, v323, v328, v333, v340, v347)  ; v287 = 0, v292 = 0, v297 = 0, v248 = 0, v244 = 0, v306 = 0, v312 = 0, v317 = 0, v323 = 0, v328 = 0, v333 = 0, v340 = 0.0, v347 = 0.0

block22:
    jump block6(v288, v293, v298, v253, v254, v250, v307, v313, v318, v324, v329, v334, v341, v348)  ; v288 = 0, v293 = 0, v298 = 0, v254 = 0, v250 = 0, v307 = 0, v313 = 0, v318 = 0, v324 = 0, v329 = 0, v334 = 0, v341 = 0.0, v348 = 0.0

block23:
    jump block6(v289, v294, v299, v263, v264, v260, v308, v314, v319, v325, v330, v335, v342, v349)

block24:
    jump block6(v290, v295, v300, v269, v270, v266, v309, v315, v320, v326, v331, v336, v343, v350)

block25:
    jump block9(v10, v1, v5, v2, v6, v59)  ; v59 = 0x1.820000p3

block26:
    jump block14(v1, v4, v0, v11, v61, v8, v60, v7, v62, v9, v6, v10, v2, v59)  ; v61 = 65, v60 = 31, v62 = 65, v59 = 0x1.820000p3
}

; Note: the results in the below test cases are simply a placeholder and probably will be wrong

; run: u1:0(1094778880, 4702111234474975041, -0x1.8a8282p10, 0x1.1c4c4c4c4c4c4p-91, 86738054358596004396143335630373470529, true, 65, -78431660791002327147871142131349241535, 101, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]
; run: u1:0(0, 0, 0.0, 0.0, 0, false, 0, 0, 0, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]
; run: u1:0(0, 0, 0.0, 0.0, 0, false, 0, 0, 0, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]
; run: u1:0(0, 0, 0.0, 0.0, 0, false, 0, 0, 0, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]
; run: u1:0(0, 0, 0.0, 0.0, 0, false, 0, 0, 0, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]
; run: u1:0(0, 0, 0.0, 0.0, 0, false, 0, 0, 0, 0, 0, 0) == [0, 0, 0, false, 0.0, 0.0, 0, 0.0, 0.0, 0.0, 0.0]

Stack trace or other relevant details

thread '<unnamed>' panicked at 'assertion failed: `(left == right)`
  left: `Success([I16(-47), I16(-47), I64(5389746176), B(false), F32(Ieee32(3301229889)), F32(Ieee32(3301229889)), I8(65), F32(Ieee32(3301229889)), F32(Ieee32(3301229889)), F32(Ieee32(1153845057)), F32(Ieee32(3301229889))])`,
 right: `Success([I16(-47), I16(-47), I64(5389746176), B(true), F32(Ieee32(3301229889)), F32(Ieee32(3301229889)), I8(65), F32(Ieee32(3301229889)), F32(Ieee32(3301229889)), F32(Ieee32(1153845057)), F32(Ieee32(3301229889))])`', fuzz/fuzz_targets/cranelift-fuzzgen.rs:127:9
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
==1271595== ERROR: libFuzzer: deadly signal
    #0 0x5567569ef801 in __sanitizer_print_stack_trace /rustc/llvm/src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
    #1 0x556757972f40 in fuzzer::PrintStackTrace() (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a5ff40) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #2 0x55675794daba in fuzzer::Fuzzer::CrashCallback() (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a3aaba) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #3 0x7f975e0d43bf  (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf) (BuildId: e54761f7b554d0fcc1562959665d93dffbebdaf0)
    #4 0x7f975ddbc18a in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4618a) (BuildId: 099b9225bcb0d019d9d60884be583eb31bb5f44e)
    #5 0x7f975dd9b858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x25858) (BuildId: 099b9225bcb0d019d9d60884be583eb31bb5f44e)
    #6 0x5567579b2f76 in std::sys::unix::abort_internal::h3b0901ce356c22d1 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/sys/unix/mod.rs:293:14
    #7 0x5567569717e6 in std::process::abort::h83b24ab2a10787f7 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/process.rs:2119:5
    #8 0x55675794b423 in libfuzzer_sys::initialize::_$u7b$$u7b$closure$u7d$$u7d$::h8f978e2d47ef84ec libfuzzer_sys.0ab2efac-cgu.0
    #9 0x5567579b0acc in std::panicking::rust_panic_with_hook::hc28f14d82ed14558 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/panicking.rs:702:17
    #10 0x5567579b0926 in std::panicking::begin_panic_handler::_$u7b$$u7b$closure$u7d$$u7d$::ha1c0943c6489bd68 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/panicking.rs:588:13
    #11 0x5567579aeefb in std::sys_common::backtrace::__rust_end_short_backtrace::h4de14e278bbbc4c9 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/sys_common/backtrace.rs:138:18
    #12 0x5567579b0641 in rust_begin_unwind /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/std/src/panicking.rs:584:5
    #13 0x556756972bb2 in core::panicking::panic_fmt::h984245802f2b1439 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/core/src/panicking.rs:142:14
    #14 0x5567579ccc5a in core::panicking::assert_failed_inner::hbdafd1d6b4ea5ce5 /rustc/ce36e88256f09078519f8bc6b21e4dc88f88f523/library/core/src/panicking.rs
    #15 0x5567568ae9a5 in core::panicking::assert_failed::h48e3e6dd52a9cc1f cranelift_fuzzgen.3643d4eb-cgu.0
    #16 0x556756a4494c in rust_fuzzer_test_input (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0xb3194c) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #17 0x55675794b491 in __rust_try libfuzzer_sys.0ab2efac-cgu.0
    #18 0x55675794a868 in LLVMFuzzerTestOneInput (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a37868) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #19 0x55675794dffc in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a3affc) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #20 0x55675794e6fa in fuzzer::Fuzzer::MinimizeCrashLoop(std::vector<unsigned char, fuzzer::fuzzer_allocator<unsigned char> > const&) (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a3b6fa) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #21 0x55675795efc5 in fuzzer::MinimizeCrashInputInternalStep(fuzzer::Fuzzer*, fuzzer::InputCorpus*) (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a4bfc5) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #22 0x55675796bc72 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0x1a58c72) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #23 0x556756973086 in main (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0xa60086) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)
    #24 0x7f975dd9d0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) (BuildId: 099b9225bcb0d019d9d60884be583eb31bb5f44e)
    #25 0x5567569730dd in _start (/home/acrichto/code/wasmtime/target/x86_64-unknown-linux-gnu/release/cranelift-fuzzgen+0xa600dd) (BuildId: 36b7504699082b7be66f869bf70727e8053ccb84)

[afonso360]

The clif test case printed in this bug report is also not runnable which is interesting:

FAIL .\lmao.clif: failed to parse .\lmao.clif

Caused by:
    530: type variable required for polymorphic opcode, e.g. 'rotl.i32'; can't infer from v255 which is not yet defined
1 tests
Error: 1 failure

I suspect this is a separate issue with the clif printer, since the actual code did run in both the interpreter and the backend.

Relevant lines in block13:

    v257 = rotl v255, v256  ; v256 = 0
    v255 -> v257

[afonso360]

Minimized this to:

test interpret
test run
target x86_64

function %a() -> b1 {
block0:
    v0 = iconst.i8 193
    v1 = iconst.i8 65
    v2 = icmp.i8 nof v1, v0
    return v2
}
; run: %a() == false

[afonso360]

Tracked this down to 63c2d1e, reverting that seems to fix this (although probably not what we want to do here). CC: @elliottt

[jameysharp]

    v257 = rotl v255, v256  ; v256 = 0
    v255 -> v257

Although this isn't relevant to the fuzz bug, I'm actually kind of worried about this: the definition of v257 uses v255, but that's just an alias for v257, so this instruction depends on itself.

[afonso360]

v257 = rotl v255, v256 ; v256 = 0
v255 -> v257

Although this isn't relevant to the fuzz bug, I'm actually kind of worried about this: the definition of v257 uses v255, but that's just an alias for v257, so this instruction depends on itself.

Yeah that is really weird. I won't be able to properly look into this until the weekend, but here's my thoughts:

I think this is either a bug in the frontend or the inst printer.

We don't directly emit aliases in fuzzgen, we always use variables for all operations and let the frontend figure it out.

I think we run the verifier via the JIT on all inputs (I had a quick look and I don't see us disable it anywhere, ill have to double check), so at least the verifier thought this was ok? But once printed its no longer ok, that's what initially made me suspect this was a inst printer issue.