Add OSS-Fuzz integration for openxla/xla#15464
Open
ricaskew wants to merge 1 commit into
Open
Conversation
|
ricaskew is integrating a new project: |
Author
|
Companion harness PR in openxla/xla: openxla/xla#42055 |
DavidKorczynski
requested changes
May 11, 2026
Collaborator
DavidKorczynski
left a comment
DavidKorczynski
left a comment
There was a problem hiding this comment.
waiting for openxla/xla#42055 to be resolved
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add OSS-Fuzz integration for openxla/xla
This PR registers openxla/xla with OSS-Fuzz, adding continuous fuzzing
coverage for XLA's HLO text-format parser and proto deserialization path.
This is the first OSS-Fuzz integration for openxla/xla.
Companion PR in openxla/xla adding the harness sources:
openxla/xla#42055
Note: this integration depends on the companion PR above. The build.sh
guard will exit non-zero until openxla/xla#42055 merges and
xla/fuzz/BUILD is present in the upstream tree. Exact error message:
ERROR: xla/fuzz/BUILD missing — PR-A (upstream harness landing) must merge before this OSS-Fuzz integration builds cleanly.The OSS-Fuzz CI build will serve as the first end-to-end validation
in the clean pipeline environment.
Project details
homepage: https://openxla.org/xla
language: C++
sanitizers: address
fuzzing_engines: libfuzzer
primary_contact: xla-team@google.com
Harnesses
hlo_parser_fuzz — exercises
xla::ParseAndReturnUnverifiedModuleagainst arbitrary text input bytes. Targets the HLO text-format parser
surface.
hlo_proto_fuzz — exercises
xla::HloModule::CreateFromProtoagainstarbitrary byte sequences. Includes an explicit size guard against integer
overflow on the
ParseFromArraysize argument.Build notes
XLA uses a hermetic LLVM18 toolchain that dynamic-links libc++. The
base-runner image does not ship libc++, so build.sh resolves this by
embedding --linkopt=-Wl,-rpath,$ORIGIN and staging the required libc++
shared objects alongside the fuzzer binaries in $OUT/.
The Dockerfile uses base-builder:ubuntu-24-04 and installs OpenJDK 17
via install_java.sh (matching the pattern used by other Google ML
projects in OSS-Fuzz). Bazel is installed via Bazelisk v1.20.0, which
respects XLA's pinned .bazelversion file.
Testing
Both harnesses were smoke-tested inside the OSS-Fuzz Docker base image:
hlo_parser_fuzz: 100 runs, zero crashes, 2,371 coverage PCs withgrowth into
xla::HloLexerand related parser code pathshlo_proto_fuzz: 100 runs, zero crashes, 819 coverage PCs withgrowth into
xla::HloModuleConfigand protobufTcParserfamily