Yay :-)

Once that's done, it'd be good if cf could run it with some of ubsan's checks, see other bug.

I briefly thought about how I'd fuzz this yesterday. Since you want to test various combinations of + - * etc, I thought maybe defining a simple bytecode (with "checked add" etc instructions), making the fuzzer be a bytecode interpreter, and treating the random input bytes as bytecode could be a fun and effective approach. Feel free to ignore though, of course :-)

You started fixing this bug over two years ago. Are you still working on it? You can update the status to "archived", "wontfix", or "closed". You can remove yourself as owner and change status to "untriaged", but if this is still a real bug, please do not sit on it.