wip

Author: joseph-isaacs

.github/workflows/wasm-fuzz.yml

@@ -1,13 +1,6 @@
 name: WASM Fuzz
 
 on:
-  workflow_dispatch:
-    inputs:
-      fuzz_duration:
-        description: "Fuzzing duration in hours"
-        required: false
-        default: "4"
-        type: string
   schedule:
     # Run daily at 2 AM UTC
     - cron: "0 2 * * *"
@@ -65,32 +58,40 @@ jobs:
           echo "hours=$HOURS" >> $GITHUB_OUTPUT
 
       - name: Run wasmfuzz
+        id: fuzz
         run: |
-          mkdir -p corpus
+          mkdir -p corpus-wasm
+          # Capture exit code - wasmfuzz exits with error on crash
+          set +e
           wasmfuzz fuzz \
             --timeout="${{ steps.duration.outputs.hours }}h" \
             --cores 2 \
-            --dir corpus/ \
+            --dir corpus-wasm/ \
             target/wasm32-wasip1/release/array_ops_wasm.wasm
+          FUZZ_EXIT=$?
+          set -e
+          echo "exit_code=$FUZZ_EXIT" >> $GITHUB_OUTPUT
+          if [ $FUZZ_EXIT -ne 0 ]; then
+            echo "crash_found=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Replay crash inputs
+        if: steps.fuzz.outputs.crash_found == 'true'
+        run: |
+          echo "::error::Crash found during fuzzing! Replaying inputs for debug output..."
+          for input in corpus-wasm/*; do
+            echo "=== Replaying: $input ==="
+            wasmfuzz run --trace target/wasm32-wasip1/release/array_ops_wasm.wasm "$input" || true
+          done
 
       - name: Upload corpus
+        if: always()
         uses: actions/upload-artifact@v4
         with:
-          name: fuzz-corpus
-          path: corpus/
+          name: corpus-wasm
+          path: corpus-wasm/
           retention-days: 30
 
-      - name: Check for crashes
-        run: |
-          if [ -d "crashes" ] && [ "$(ls -A crashes 2>/dev/null)" ]; then
-            echo "::error::Crashes found during fuzzing!"
-            ls -la crashes/
-            exit 1
-          fi
-
-      - name: Upload crashes
-        uses: actions/upload-artifact@v4
-        with:
-          name: fuzz-crashes
-          path: crashes/
-          retention-days: 90
+      - name: Fail if crash found
+        if: steps.fuzz.outputs.crash_found == 'true'
+        run: exit 1