Wasmtime GitHub notifications bot (Mar 30 2026 at 17:15): Wasmtime GitHub notifications bot (Mar 30 2026 at 17:15):alexcrichton added the fuzz-bug label to Issue #12892.
Wasmtime GitHub notifications bot (Mar 30 2026 at 17:15):alexcrichton added the wasm-proposal:gc label to Issue #12892.
Wasmtime GitHub notifications bot (Mar 30 2026 at 17:15):alexcrichton opened issue #12892:
This input: input.txt yields:
$ cargo +nightly fuzz run -s none --dev --no-default-features gc_ops ~/Downloads/input.txt Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.18s Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.15s Running `target/aarch64-apple-darwin/debug/gc_ops -artifact_prefix=/Users/alex/code/wasmtime/fuzz/artifacts/gc_ops/ /Users/alex/Downloads/input.txt` WARNING: Failed to find function "__sanitizer_acquire_crash_state". Reason dlsym(RTLD_DEFAULT, __sanitizer_acquire_crash_state): symbol not found. WARNING: Failed to find function "__sanitizer_print_stack_trace". Reason dlsym(RTLD_DEFAULT, __sanitizer_print_stack_trace): symbol not found. WARNING: Failed to find function "__sanitizer_set_death_callback". Reason dlsym(RTLD_DEFAULT, __sanitizer_set_death_callback): symbol not found. INFO: found LLVMFuzzerCustomMutator (0x102eaa060). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 4258599345 INFO: Loaded 1 modules (1669276 inline 8-bit counters): 1669276 [0x10ee34e08, 0x10efcc6a4), INFO: Loaded 1 PC tables (1669276 PCs): 1669276 [0x10efcc6a8,0x110945068), target/aarch64-apple-darwin/debug/gc_ops: Running 1 inputs 1 time(s) each. Running: /Users/alex/Downloads/input.txt thread '<unnamed>' (135628) panicked at crates/fuzzing/src/generators/gc_ops/types.rs:176:9: assertion failed: self.is_well_formed(limits) note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace ==11876== ERROR: libFuzzer: deadly signal NOTE: libFuzzer has rudimentary signal handlers. Combine libFuzzer with AddressSanitizer or similar for better crash reports. SUMMARY: libFuzzer: deadly signal ──────────────────────────────────────────────────────────────────────────────── Error: Fuzz target exited with exit status: 77cc @khagankhan and @fitzgen
Wasmtime GitHub notifications bot (Mar 30 2026 at 17:18):khagankhan commented on issue #12892:
Assertion failure, _ha_?! Thanks @alexcrichton! Will take a look today
Wasmtime GitHub notifications bot (Mar 30 2026 at 21:09):khagankhan commented on issue #12892:
Well it turns out after libfuzzer's own mutation one type may appear in two rec groups. While we had an assertion for that in is_well_formed, we never actually enforced it during
fixup. Now it is fixed with a dedup pass in _step 2_:let mut seen = BTreeSet::new(); for members in self.rec_groups.values_mut() { members.retain(|tid| self.type_defs.contains_key(tid) && seen.insert(*tid)); }Addressed in the PR: #12900
The result:
khan22@node0:~/wasmtime/fuzz/fuzz_targets$ cargo +nightly fuzz run -s none --dev --no-default-features gc_ops ~/input.txt Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.23s Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.23s Running `/users/khan22/wasmtime/target/x86_64-unknown-linux-gnu/debug/gc_ops -artifact_prefix=/users/khan22/wasmtime/fuzz/artifacts/gc_ops/ /users/khan22/input.txt` WARNING: Failed to find function "__sanitizer_acquire_crash_state". WARNING: Failed to find function "__sanitizer_print_stack_trace". WARNING: Failed to find function "__sanitizer_set_death_callback". INFO: found LLVMFuzzerCustomMutator (0x55da7dc11170). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 247319589 INFO: Loaded 1 modules (794785 inline 8-bit counters): 794785 [0x55da83648810, 0x55da8370a8b1), INFO: Loaded 1 PC tables (794785 PCs): 794785 [0x55da8370a8b8,0x55da8432b2c8), /users/khan22/wasmtime/target/x86_64-unknown-linux-gnu/debug/gc_ops: Running 1 inputs 1 time(s) each. Running: /users/khan22/input.txt Executed /users/khan22/input.txt in 3 ms *** *** NOTE: fuzzing was not performed, you have only *** executed the target code on a fixed set of inputs. ***
Wasmtime GitHub notifications bot (Mar 31 2026 at 21:57):fitzgen closed issue #12892:
This input: input.txt yields:
$ cargo +nightly fuzz run -s none --dev --no-default-features gc_ops ~/Downloads/input.txt Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.18s Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.15s Running `target/aarch64-apple-darwin/debug/gc_ops -artifact_prefix=/Users/alex/code/wasmtime/fuzz/artifacts/gc_ops/ /Users/alex/Downloads/input.txt` WARNING: Failed to find function "__sanitizer_acquire_crash_state". Reason dlsym(RTLD_DEFAULT, __sanitizer_acquire_crash_state): symbol not found. WARNING: Failed to find function "__sanitizer_print_stack_trace". Reason dlsym(RTLD_DEFAULT, __sanitizer_print_stack_trace): symbol not found. WARNING: Failed to find function "__sanitizer_set_death_callback". Reason dlsym(RTLD_DEFAULT, __sanitizer_set_death_callback): symbol not found. INFO: found LLVMFuzzerCustomMutator (0x102eaa060). Disabling -len_control by default. INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 4258599345 INFO: Loaded 1 modules (1669276 inline 8-bit counters): 1669276 [0x10ee34e08, 0x10efcc6a4), INFO: Loaded 1 PC tables (1669276 PCs): 1669276 [0x10efcc6a8,0x110945068), target/aarch64-apple-darwin/debug/gc_ops: Running 1 inputs 1 time(s) each. Running: /Users/alex/Downloads/input.txt thread '<unnamed>' (135628) panicked at crates/fuzzing/src/generators/gc_ops/types.rs:176:9: assertion failed: self.is_well_formed(limits) note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace ==11876== ERROR: libFuzzer: deadly signal NOTE: libFuzzer has rudimentary signal handlers. Combine libFuzzer with AddressSanitizer or similar for better crash reports. SUMMARY: libFuzzer: deadly signal ──────────────────────────────────────────────────────────────────────────────── Error: Fuzz target exited with exit status: 77cc @khagankhan and @fitzgen
Last updated: Apr 12 2026 at 23:10 UTC