Stream: git-wasmtime

Topic: wasmtime / issue #11492 Failed `unwrap()` in `table_ops` ...

view this post on Zulip Wasmtime GitHub notifications bot (Aug 21 2025 at 17:27):

fitzgen opened issue #11492:

https://issues.oss-fuzz.com/issues/435228855

Test Case

table-ops-input.txt

(not actually a text file, just to get it to upload to github)

Steps to Reproduce

$ cargo fuzz run -s none table_ops table-ops-input.txt

This is an unwrap() on the result of instantiating the test case. This means that the Wasm binary is valid, since we can create a wasmtime::Module for it, but that it cannot be instantiated at runtime for whatever reason.

Relevant part of the stack trace:

#11 0x5b52efa9b775 in core::result::unwrap_failed::hdf92484becbba54e /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:1761:5
        #12 0x5b52efc4d3ff in core::result::Result$LT$T$C$E$GT$::unwrap::h22d2afba997c4a60 /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:1167:23
        #13 0x5b52efc4d3ff in wasmtime_fuzzing::oracles::table_ops::h3f545fa10cd3ab07 [wasmtime/crates/fuzzing/src/oracles.rs:917](https://github.com/bytecodealliance/wasmtime/blob/7074afb633446d1f0ef0d246deaaa2cbe5b457c9/crates/fuzzing/src/oracles.rs#L917):64
        #14 0x5b52efb61b83 in table_ops::_::__libfuzzer_sys_run::h5b228f3df854d86e [wasmtime/fuzz/fuzz_targets/table_ops.rs:24](https://github.com/bytecodealliance/wasmtime/blob/7074afb633446d1f0ef0d246deaaa2cbe5b457c9/fuzz/fuzz_targets/table_ops.rs#L24):13

I suspect the fuzz-generated config is imposing a limit on table size or something and our externref table is larger than that limit. At the start of the oracle, we have an opportunity to clamp the config's limits to our own limits before we create a wasmtime::Config and wasmtime::Engine and all that from the fuzz config and we are probably just overlooking something there.

+cc @khagankhan

view this post on Zulip Wasmtime GitHub notifications bot (Aug 21 2025 at 17:27):

fitzgen added the fuzz-bug label to Issue #11492.

view this post on Zulip Wasmtime GitHub notifications bot (Aug 21 2025 at 17:30):

fitzgen commented on issue #11492:

Oops nevermind, this one is already fixed and I failed to look at the OSS-Fuzz status.

view this post on Zulip Wasmtime GitHub notifications bot (Aug 21 2025 at 17:30):

fitzgen closed issue #11492:

https://issues.oss-fuzz.com/issues/435228855

Test Case

table-ops-input.txt

(not actually a text file, just to get it to upload to github)

Steps to Reproduce

$ cargo fuzz run -s none table_ops table-ops-input.txt

This is an unwrap() on the result of instantiating the test case. This means that the Wasm binary is valid, since we can create a wasmtime::Module for it, but that it cannot be instantiated at runtime for whatever reason.

Relevant part of the stack trace:

#11 0x5b52efa9b775 in core::result::unwrap_failed::hdf92484becbba54e /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:1761:5
        #12 0x5b52efc4d3ff in core::result::Result$LT$T$C$E$GT$::unwrap::h22d2afba997c4a60 /rustc/3014e79f9c8d5510ea7b3a3b70d171d0948b1e96/library/core/src/result.rs:1167:23
        #13 0x5b52efc4d3ff in wasmtime_fuzzing::oracles::table_ops::h3f545fa10cd3ab07 [wasmtime/crates/fuzzing/src/oracles.rs:917](https://github.com/bytecodealliance/wasmtime/blob/7074afb633446d1f0ef0d246deaaa2cbe5b457c9/crates/fuzzing/src/oracles.rs#L917):64
        #14 0x5b52efb61b83 in table_ops::_::__libfuzzer_sys_run::h5b228f3df854d86e [wasmtime/fuzz/fuzz_targets/table_ops.rs:24](https://github.com/bytecodealliance/wasmtime/blob/7074afb633446d1f0ef0d246deaaa2cbe5b457c9/fuzz/fuzz_targets/table_ops.rs#L24):13

I suspect the fuzz-generated config is imposing a limit on table size or something and our externref table is larger than that limit. At the start of the oracle, we have an opportunity to clamp the config's limits to our own limits before we create a wasmtime::Config and wasmtime::Engine and all that from the fuzz config and we are probably just overlooking something there.

+cc @khagankhan

Last updated: Dec 06 2025 at 06:05 UTC