Generate psuedorandom gc_zeal_alloc_counter values for fuzzing (#13084)

fitzgen · alexcrichton · web-flow · commit da45b5328ee4 · 2026-04-14T18:49:38.000Z
* Generate psuedorandom `gc_zeal_alloc_counter` values for fuzzing * Fix plain wasmtime-fuzzing tests * Actually plumb stack-switching in wast tests The fix in #13087 was incomplete. This completes it (in theory). --------- Co-authored-by: Alex Crichton <alex@alexcrichton.com>
diff --git a/crates/cli-flags/src/lib.rs b/crates/cli-flags/src/lib.rs
@@ -4,6 +4,7 @@ use clap::Parser;
 use serde::Deserialize;
 use std::{
     fmt, fs,
+    num::NonZeroU32,
     path::{Path, PathBuf},
     time::Duration,
 };
@@ -211,6 +212,10 @@ wasmtime_option_group! {
         #[serde(default)]
         #[serde(deserialize_with = "crate::opt::cli_parse_wrapper")]
         pub pooling_pagemap_scan: Option<wasmtime::Enabled>,
+
+        /// XXX: For internal fuzzing and debugging use only!
+        #[doc(hidden)]
+        pub gc_zeal_alloc_counter: Option<NonZeroU32>,
     }
 
     enum Optimize {
@@ -921,6 +926,12 @@ impl CommonOptions {
             config.table_lazy_init(enable);
         }
 
+        if let Some(n) = self.opts.gc_zeal_alloc_counter
+            && (cfg!(gc_zeal) || cfg!(fuzzing))
+        {
+            config.gc_zeal_alloc_counter(Some(n))?;
+        }
+
         // If fuel has been configured, set the `consume fuel` flag on the config.
         if self.wasm.fuel.is_some() {
             config.consume_fuel(true);
diff --git a/crates/cli-flags/src/opt.rs b/crates/cli-flags/src/opt.rs
@@ -9,11 +9,12 @@ use crate::{KeyValuePair, WasiNnGraph};
 use clap::builder::{StringValueParser, TypedValueParser, ValueParserFactory};
 use clap::error::{Error, ErrorKind};
 use serde::de::{self, Visitor};
+use std::num::NonZeroU32;
 use std::path::PathBuf;
 use std::str::FromStr;
 use std::time::Duration;
 use std::{fmt, marker};
-use wasmtime::{Result, bail};
+use wasmtime::{Result, bail, format_err};
 
 /// Characters which can be safely ignored while parsing numeric options to wasmtime
 const IGNORED_NUMBER_CHARS: [char; 1] = ['_'];
@@ -375,6 +376,19 @@ impl WasmtimeOptionValue for u32 {
     }
 }
 
+impl WasmtimeOptionValue for NonZeroU32 {
+    const VAL_HELP: &'static str = "=N";
+
+    fn parse(val: Option<&str>) -> Result<Self> {
+        let n = <u32 as WasmtimeOptionValue>::parse(val)?;
+        NonZeroU32::new(n).ok_or_else(|| format_err!("value must be non-zero"))
+    }
+
+    fn display(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "{self}")
+    }
+}
+
 impl WasmtimeOptionValue for u64 {
     const VAL_HELP: &'static str = "=N";
     fn parse(val: Option<&str>) -> Result<Self> {
diff --git a/crates/fuzzing/Cargo.toml b/crates/fuzzing/Cargo.toml
@@ -59,6 +59,7 @@ features = [
   'pulley',
   'threads',
   'parallel-compilation',
+  'stack-switching',
 ]
 
 # We rely on precompiled v8 binaries, but rusty-v8 doesn't have a precompiled
diff --git a/crates/fuzzing/src/generators/config.rs b/crates/fuzzing/src/generators/config.rs
@@ -3,6 +3,7 @@
 use super::{AsyncConfig, CodegenSettings, InstanceAllocationStrategy, MemoryConfig, ModuleConfig};
 use crate::oracles::{StoreLimits, Timeout};
 use arbitrary::{Arbitrary, Unstructured};
+use std::num::NonZeroU32;
 use std::time::Duration;
 use wasmtime::Result;
 use wasmtime::{Enabled, Engine, Module, Store};
@@ -151,7 +152,7 @@ impl Config {
             hogs_memory: _,
             nan_canonicalization: _,
             gc_types: _,
-            stack_switching: _,
+            stack_switching,
             spec_test: _,
         } = test.config;
 
@@ -171,6 +172,7 @@ impl Config {
         self.module_config.component_model_map = component_model_map.unwrap_or(false);
         self.module_config.component_model_fixed_length_lists =
             component_model_fixed_length_lists.unwrap_or(false);
+        self.module_config.stack_switching = stack_switching.unwrap_or(false);
 
         // Enable/disable proposals that wasm-smith has knobs for which will be
         // read when creating `wasmtime::Config`.
@@ -290,6 +292,10 @@ impl Config {
             16 << 20,
             self.wasmtime.memory_guaranteed_dense_image_size,
         ));
+        cfg.opts.gc_zeal_alloc_counter = self
+            .wasmtime
+            .gc_zeal_alloc_counter
+            .map(|c| c.clamp(NonZeroU32::new(1).unwrap(), NonZeroU32::new(1024).unwrap()));
         cfg.wasm.async_stack_zeroing = Some(self.wasmtime.async_stack_zeroing);
         cfg.wasm.bulk_memory = Some(self.module_config.config.bulk_memory_enabled);
         cfg.wasm.component_model_async = Some(self.module_config.component_model_async);
@@ -615,6 +621,7 @@ pub struct WasmtimeConfig {
     /// Configuration for the compiler to use.
     pub compiler_strategy: CompilerStrategy,
     collector: Collector,
+    gc_zeal_alloc_counter: Option<NonZeroU32>,
     table_lazy_init: bool,
 
     /// Configuration for whether wasm is invoked in an async fashion and how

Original file line number	Diff line number	Diff line change
`@@ -59,6 +59,7 @@ features = [`
`59`	`59`	`'pulley',`
`60`	`60`	`'threads',`
`61`	`61`	`'parallel-compilation',`
	`62`	`+ 'stack-switching',`
`62`	`63`	`]`
`63`	`64`
`64`	`65`	`# We rely on precompiled v8 binaries, but rusty-v8 doesn't have a precompiled`