Skip to content

fuzzing: reject non-wasm files quickly and execute aot after compilation #4780

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
lum1n0us wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

fuzzing: reject non-wasm files quickly and execute aot after compilation #4780

lum1n0us wants to merge 6 commits into from
+84 −51

Conversation

@lum1n0us
Copy link
Contributor

@lum1n0us lum1n0us commented Jan 5, 2026

No description provided.

@lum1n0us lum1n0us changed the title fix: reject non-wasm files quickly fuzzing: reject non-wasm files quickly and execute aot after compilation Jan 5, 2026
@lum1n0us
fix: disable unsigned integer overflow sanitization in build configur…
b94a92f 
…ations

FYI: from https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

`-fsanitize=unsigned-integer-overflow`: Unsigned integer overflow, where the result of an unsigned integer computation cannot be represented in its type. Unlike signed integer overflow, this is not undefined behavior, but it is often unintentional. This sanitizer does not check for lossy implicit conversions performed before such a computation.

It brings a more common question: which is better, pre-additional-check or post-additional-check to fix a potential unsigned integer overflow? A pre-additional-check involves using a check to prevent integer overflow from the very beginning. A post-additional-check involves using a check after addition to see if there is an overflow.

In this project, post-additional-checking is widely used. let's follow the routine.

for performance sensitive logic, use __builtin_add_overflow etc. provide something like https://github.com/yamt/toywasm/blob/9a5622791e99395e26e6e96cef830af3d91a1685/lib/platform.h#L176-L191 and encourage the use of them.

ref. bytecodealliance#4549 (comment)
@lum1n0us
fix: ensure proper definition checks for build options in CMakeLists …
f1e34d3 
…of wasm-mutator
@lum1n0us
optimize how to involve sanitizer flags
7fe2d3b
@lum1n0us
fix: update LLVM branch and refine sanitizer flags in CMake configura…
84a3273 
…tions
@lum1n0us
fix: add requests package to development requirements
e41465d
@lum1n0us
fix: update AOT compiler configuration and enhance error handling in …
c6adf0e 
…fuzz tests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TianlongLiang TianlongLiang Awaiting requested review from TianlongLiang TianlongLiang will be requested when the pull request is marked ready for review TianlongLiang is a code owner

@yamt yamt Awaiting requested review from yamt yamt will be requested when the pull request is marked ready for review yamt is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lum1n0us