Stream: git-wasmtime

Topic: wasmtime / issue #10596 Audit fuzzing of wasm GC and supp...

view this post on Zulip Wasmtime GitHub notifications bot (Apr 16 2025 at 17:06):

alexcrichton added the fuzzing label to Issue #10596.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 16 2025 at 17:06):

alexcrichton added the wasm-proposal:gc label to Issue #10596.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 16 2025 at 17:06):

alexcrichton opened issue #10596:

I wanted to file a tracking issue for support of fuzzing wasm-gc with wasm-smith. Currently this is enabled on OSS-Fuzz but I believe that wasm-smith is still lacking some somewhat major features for fuzzing the GC proposal. The purpose of this issue is to track various items we know we need to fuzz but haven't implemented yet.

view this post on Zulip Wasmtime GitHub notifications bot (Apr 18 2025 at 18:23):

fitzgen commented on issue #10596:

Currently only a pretty small set of opcodes are generated and this additionally doesn't include opcodes such as any.convert_extern or extern.convert_any (a recent addition to the spec to clarify these are intended happened recently)

This should be pretty easy to address.

I don't believe that wasm-smith has much support for non-nullable types given that they don't have a great default, but that also means that non-nullable types I don't think are fuzzed too much with wasm-smith.

This is correct, but is a bit trickier to fix. We could potentially keep track of, for each type, whether a type is part of a non-nullable cycle or not, and avoid generating globals and what not of that type. And also add a code path to recursively create instances of a particular type in a top-down style. This is a bit of a heavy hammer, but I can't think of a better alternative off the top of my head.

Last updated: Dec 06 2025 at 06:05 UTC