fix(ci): repair Fuzzing workflow (checkout common_system, real target)#704
Merged
Conversation
The Fuzzing workflow failed on its first and only run (introduced in the v1.0.0 release #702) for two independent reasons: 1. It never checked out common_system, so Configure aborted at dependencies.cmake with "common_system is required but was not found" (MONITORING_WITH_COMMON_SYSTEM defaults ON and searches ./common_system/include, which was absent). 2. The matrix target json_import_fuzzer does not exist. The only fuzz target is protobuf_wire_fuzzer (fuzz/protobuf_wire_fuzzer.cpp, corpus fuzz/corpus/protobuf_wire). - Add the common_system checkout step, mirroring ci.yml, so the in-tree dependency search path is satisfied. - Point the matrix target and corpus path at the real protobuf_wire_fuzzer. Workflow only; no source changes. A dedicated json_import_fuzzer would be a separate feature (source + CMake target + corpus seeds).
The harness called free functions decode_tag(data,size,offset), decode_varint and decode_length_delimited that no longer exist; the decoder is now a stateful reader class. Rewrite LLVMFuzzerTestOneInput to construct a reader and drive decode_tag(reader&, field, wt) plus read_varint / read_fixed64 / read_fixed32 / read_length_delimited, preserving the forward-progress and graceful-rejection guarantees.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Repair the
Fuzzingworkflow so it builds and runs the real fuzz target.Change type: fix(ci) — workflow only, no source changes.
Why
The
Fuzzingworkflow has never succeeded (introduced in the v1.0.0 release#702, failed on its first scheduled run 2026-06-22) due to two independent
misconfigurations:
cmake/dependencies.cmakewithcommon_system is required but was not found.MONITORING_WITH_COMMON_SYSTEMdefaults ON and searches./common_system/include, but the workflow only checked out the main repo.matrix.targetisjson_import_fuzzer, but theonly fuzz target is
protobuf_wire_fuzzer(
fuzz/protobuf_wire_fuzzer.cpp, corpusfuzz/corpus/protobuf_wire).Where
.github/workflows/fuzzing.yml:Checkout common_systemstep (mirrorsci.yml,secrets.GITHUB_TOKEN).matrix.target:json_import_fuzzer->protobuf_wire_fuzzer.fuzz/corpus/json_import->fuzz/corpus/protobuf_wire.How (verification)
Verified by dispatching
Fuzzingon this branch (gh workflow run, shortmax_total_time): Configure finds common_system, Build producesprotobuf_wire_fuzzer, Run executes it against the corpus.A dedicated
json_import_fuzzer(if desired) is a separate feature: source +CMake target + corpus seeds.
Relates to #698 (release blocker — restores CI green precondition for the
signed v1.0.0 tag).