diff --git a/pkg/afl++/afl.c b/pkg/afl++/afl.c
index e085945c7..300da8729 100644
--- a/pkg/afl++/afl.c
+++ b/pkg/afl++/afl.c
@@ -22,8 +22,15 @@ void zig_fuzz_test(unsigned char *, ssize_t);
 // Linker-provided symbols marking the boundaries of the __sancov_guards section.
 // These must be declared extern so the linker provides the actual section boundaries
 // from the instrumented code, rather than creating new variables that shadow them.
+// On macOS (Mach-O), the linker uses a different naming convention for section
+// boundaries than Linux (ELF), so we use asm labels to reference them.
+#ifdef __APPLE__
+extern uint32_t __start___sancov_guards __asm("section$start$__DATA$__sancov_guards");
+extern uint32_t __stop___sancov_guards __asm("section$end$__DATA$__sancov_guards");
+#else
 extern uint32_t __start___sancov_guards;
 extern uint32_t __stop___sancov_guards;
+#endif
 void __sanitizer_cov_trace_pc_guard_init(uint32_t*, uint32_t*);
 
 
diff --git a/pkg/afl++/build.zig b/pkg/afl++/build.zig
index bd562256d..2bfb72050 100644
--- a/pkg/afl++/build.zig
+++ b/pkg/afl++/build.zig
@@ -3,7 +3,7 @@ const std = @import("std");
 pub fn addInstrumentedExe(
     b: *std.Build,
     obj: *std.Build.Step.Compile,
-) ?std.Build.LazyPath {
+) std.Build.LazyPath {
     const pkg = b.dependencyFromBuildZig(@This(), .{});
 
     const run_afl_cc = b.addSystemCommand(&.{
diff --git a/test/fuzz-libghostty/build.zig b/test/fuzz-libghostty/build.zig
index 43e5d4f89..5a0aea696 100644
--- a/test/fuzz-libghostty/build.zig
+++ b/test/fuzz-libghostty/build.zig
@@ -1,4 +1,5 @@
 const std = @import("std");
+const afl = @import("afl");
 
 pub fn build(b: *std.Build) void {
     const target = b.standardTargetOptions(.{});
@@ -31,29 +32,15 @@ pub fn build(b: *std.Build) void {
         });
 
         // Required to build properly with afl-cc
-        lib.bundle_compiler_rt = true;
-        lib.bundle_ubsan_rt = true;
         lib.root_module.stack_check = false;
+        lib.root_module.fuzz = true;
 
         break :lib lib;
     };
 
     // Build a C entrypoint with afl-cc that links against the generated
     // static Zig library. afl-cc is expecte to be on the PATH.
-    const exe = exe: {
-        const cc = b.addSystemCommand(&.{"afl-cc"});
-        cc.addArgs(&.{
-            "-std=c11",
-            "-O2",
-            "-g",
-            "-o",
-        });
-        const output = cc.addOutputFileArg("ghostty-fuzz");
-        cc.addFileArg(b.path("src/main.c"));
-        cc.addFileArg(lib.getEmittedBin());
-
-        break :exe output;
-    };
+    const exe = afl.addInstrumentedExe(b, lib);
 
     // Install
     b.installArtifact(lib);
diff --git a/test/fuzz-libghostty/build.zig.zon b/test/fuzz-libghostty/build.zig.zon
index 091730360..9fa2f65c1 100644
--- a/test/fuzz-libghostty/build.zig.zon
+++ b/test/fuzz-libghostty/build.zig.zon
@@ -5,6 +5,7 @@
     .minimum_zig_version = "0.15.1",
     .dependencies = .{
         .ghostty = .{ .path = "../../" },
+        .afl = .{ .path = "../../pkg/afl++" },
     },
     .paths = .{
         "build.zig",
diff --git a/test/fuzz-libghostty/src/lib.zig b/test/fuzz-libghostty/src/lib.zig
index a4d2cb765..f33560317 100644
--- a/test/fuzz-libghostty/src/lib.zig
+++ b/test/fuzz-libghostty/src/lib.zig
@@ -1,6 +1,13 @@
 const std = @import("std");
 const ghostty_vt = @import("ghostty-vt");
 
+pub export fn zig_fuzz_init() callconv(.c) void {}
+
+pub export fn zig_fuzz_test(buf: [*]const u8, len: isize) callconv(.c) void {
+    if (len <= 0) return;
+    ghostty_fuzz_parser(buf, @intCast(len));
+}
+
 pub export fn ghostty_fuzz_parser(
     input_ptr: [*]const u8,
     input_len: usize,