From d2b8ff9ce30a35d6d3cc9ce68068cc80a1b90491 Mon Sep 17 00:00:00 2001
From: Matthew Knight <mattnite@proton.me>
Date: Fri, 6 Mar 2026 09:44:48 -0800
Subject: [PATCH] Replay crashing inputs

---
 actions/cairn-zig-fuzz-afl/action.yml | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/actions/cairn-zig-fuzz-afl/action.yml b/actions/cairn-zig-fuzz-afl/action.yml
index 7c9ae40..c44d082 100644
--- a/actions/cairn-zig-fuzz-afl/action.yml
+++ b/actions/cairn-zig-fuzz-afl/action.yml
@@ -249,12 +249,28 @@ runs:
                   ;;
               esac
 
+              # Replay the crash input to capture the stack trace.
+              STACK_TRACE=""
+              CRASH_MSG="AFL++ crash (${FUZZ_TARGET}): ${CRASH_NAME}"
+              REPLAY_OUTPUT=$(timeout 10 "${FUZZ_BIN}" < "${crash_file}" 2>&1 || true)
+              if [ -n "${REPLAY_OUTPUT}" ]; then
+                STACK_TRACE="${REPLAY_OUTPUT}"
+                # Extract a concise crash message from the first meaningful line.
+                FIRST_LINE=$(echo "${REPLAY_OUTPUT}" | grep -m1 -iE 'panic|error|fault|abort|overflow|undefined|sanitizer|SUMMARY' || true)
+                if [ -n "${FIRST_LINE}" ]; then
+                  CRASH_MSG="${FIRST_LINE}"
+                fi
+              fi
+
               echo "Uploading crash: ${CRASH_NAME}"
               set -- -server "${CAIRN_SERVER}" -repo "${REPO}" -owner "${OWNER}" \
                 -commit "${COMMIT}" -run-id "${RUN_ID}" -type fuzz -file "${crash_file}" \
                 -kind crash \
-                -crash-message "AFL++ crash (${FUZZ_TARGET}): ${CRASH_NAME}"
+                -crash-message "${CRASH_MSG}"
 
+              if [ -n "${STACK_TRACE}" ]; then
+                set -- "$@" -stack-trace "${STACK_TRACE}"
+              fi
               if [ -n "${TARGET_PLATFORM}" ]; then
                 set -- "$@" -target "${TARGET_PLATFORM}"
               fi