From 57492db8e3857b520822cce09e93a3947e992565 Mon Sep 17 00:00:00 2001
From: Alex Beregszaszi <alex@rtfs.hu>
Date: Wed, 9 Sep 2020 00:07:00 +0100
Subject: [PATCH 1/4] ci: Add Github Action for codeql

---
 .github/workflows/codeql-analysis.yml | 62 +++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 000000000..df009e48c
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,62 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+#  schedule:
+#    - cron: '0 7 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        # Override automatic language detection by changing the below list
+        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
+        language: ['cpp', 'python']
+        # Learn more...
+        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

From 4e06a3fd4828bdfb7f1ae662d139ac1aebc6e2f8 Mon Sep 17 00:00:00 2001
From: Alex Beregszaszi <alex@rtfs.hu>
Date: Wed, 7 Oct 2020 12:13:47 +0100
Subject: [PATCH 2/4] Run build

---
 .github/workflows/codeql-analysis.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index df009e48c..3b55c022a 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -44,8 +44,8 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+    #- name: Autobuild
+    #  uses: github/codeql-action/autobuild@v1
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -54,9 +54,10 @@ jobs:
     #    and modify them (or add more) to build your code if your project
     #    uses a compiled language
 
-    #- run: |
-    #   make bootstrap
-    #   make release
+    - run: |
+       mkdir build && cd build
+       cmake .. -DCMAKE_BUILD_TYPE=Release -DFIZZY_TESTING=ON -DFIZZY_WASI=ON
+       cmake --build .
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v1

From 53f827e6a81d8ca6d8b05e2ba7e45318cfcf69e0 Mon Sep 17 00:00:00 2001
From: Andrei Maiboroda <andrei@ethereum.org>
Date: Thu, 28 Jan 2021 12:07:53 +0100
Subject: [PATCH 3/4] Add explicit constructors to Import

This fixes Import being not copy-constructible in GCC older than 8.3, where std::optional is not trivially constructible.
---
 lib/fizzy/types.hpp | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/lib/fizzy/types.hpp b/lib/fizzy/types.hpp
index 7f4272159..9079ff206 100644
--- a/lib/fizzy/types.hpp
+++ b/lib/fizzy/types.hpp
@@ -324,12 +324,34 @@ enum class ExternalKind : uint8_t
 // https://webassembly.github.io/spec/core/binary/modules.html#import-section
 struct Import
 {
+    Import() = default;
+    Import(const Import& other) : module(other.module), name(other.name), kind(other.kind)
+    {
+        switch (other.kind)
+        {
+        case ExternalKind::Function:
+            desc.function_type_index = other.desc.function_type_index;
+            break;
+        case ExternalKind::Table:
+            desc.table = other.desc.table;
+            break;
+        case ExternalKind::Memory:
+            desc.memory = other.desc.memory;
+            break;
+        case ExternalKind::Global:
+            desc.global = other.desc.global;
+            break;
+        }
+    }
+    // TODO needs move constructor
+
     std::string module;
     std::string name;
     ExternalKind kind = ExternalKind::Function;
-    union
+    union Desc
     {
-        TypeIdx function_type_index = 0;
+        Desc() : function_type_index(0) {}
+        TypeIdx function_type_index;
         Memory memory;
         GlobalType global;
         Table table;

From 7f19e0e56534898c018038d9d6062d6fc3e0ae90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Bylica?= <chfast@gmail.com>
Date: Mon, 1 Feb 2021 10:11:55 +0100
Subject: [PATCH 4/4] Convert no_sanitize attributes to C++ syntax

---
 lib/fizzy/execute.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/fizzy/execute.cpp b/lib/fizzy/execute.cpp
index ef7d7d61e..add758651 100644
--- a/lib/fizzy/execute.cpp
+++ b/lib/fizzy/execute.cpp
@@ -459,7 +459,7 @@ T fnearest(T value) noexcept
 }
 
 template <typename T>
-__attribute__((no_sanitize("float-divide-by-zero"))) inline constexpr T fdiv(T a, T b) noexcept
+[[gnu::no_sanitize("float-divide-by-zero")]] inline constexpr T fdiv(T a, T b) noexcept
 {
     static_assert(std::is_floating_point_v<T>);
     static_assert(std::numeric_limits<T>::is_iec559);
@@ -495,8 +495,7 @@ inline T fmax(T a, T b) noexcept
 }
 
 
-__attribute__((no_sanitize("float-cast-overflow"))) inline constexpr float demote(
-    double value) noexcept
+[[gnu::no_sanitize("float-cast-overflow")]] inline constexpr float demote(double value) noexcept
 {
     // The float-cast-overflow UBSan check disabled for this conversion. In older clang versions
     // (up to 8.0) it reports a failure when non-infinity f64 value is converted to f32 infinity.