Skip to content

fix(ci): repair Fuzzing workflow (checkout common_system, real target)#704

Merged
kcenon merged 2 commits into
developfrom
fix/ci-fuzzing-target-and-dep
Jun 23, 2026
Merged

fix(ci): repair Fuzzing workflow (checkout common_system, real target)#704
kcenon merged 2 commits into
developfrom
fix/ci-fuzzing-target-and-dep

Conversation

@kcenon

@kcenon kcenon commented Jun 23, 2026

Copy link
Copy Markdown
Owner

What

Repair the Fuzzing workflow so it builds and runs the real fuzz target.

Change type: fix(ci) — workflow only, no source changes.

Why

The Fuzzing workflow has never succeeded (introduced in the v1.0.0 release
#702, failed on its first scheduled run 2026-06-22) due to two independent
misconfigurations:

  1. Missing dependency checkout — Configure aborts at
    cmake/dependencies.cmake with common_system is required but was not found. MONITORING_WITH_COMMON_SYSTEM defaults ON and searches
    ./common_system/include, but the workflow only checked out the main repo.
  2. Non-existent targetmatrix.target is json_import_fuzzer, but the
    only fuzz target is protobuf_wire_fuzzer
    (fuzz/protobuf_wire_fuzzer.cpp, corpus fuzz/corpus/protobuf_wire).

Where

.github/workflows/fuzzing.yml:

  • Add a Checkout common_system step (mirrors ci.yml, secrets.GITHUB_TOKEN).
  • matrix.target: json_import_fuzzer -> protobuf_wire_fuzzer.
  • Run corpus path: fuzz/corpus/json_import -> fuzz/corpus/protobuf_wire.

How (verification)

Verified by dispatching Fuzzing on this branch (gh workflow run, short
max_total_time): Configure finds common_system, Build produces
protobuf_wire_fuzzer, Run executes it against the corpus.

A dedicated json_import_fuzzer (if desired) is a separate feature: source +
CMake target + corpus seeds.

Relates to #698 (release blocker — restores CI green precondition for the
signed v1.0.0 tag).

kcenon added 2 commits June 23, 2026 13:14
The Fuzzing workflow failed on its first and only run (introduced in the
v1.0.0 release #702) for two independent reasons:

1. It never checked out common_system, so Configure aborted at
   dependencies.cmake with "common_system is required but was not found"
   (MONITORING_WITH_COMMON_SYSTEM defaults ON and searches
   ./common_system/include, which was absent).
2. The matrix target json_import_fuzzer does not exist. The only fuzz target
   is protobuf_wire_fuzzer (fuzz/protobuf_wire_fuzzer.cpp, corpus
   fuzz/corpus/protobuf_wire).

- Add the common_system checkout step, mirroring ci.yml, so the in-tree
  dependency search path is satisfied.
- Point the matrix target and corpus path at the real protobuf_wire_fuzzer.

Workflow only; no source changes. A dedicated json_import_fuzzer would be a
separate feature (source + CMake target + corpus seeds).
The harness called free functions decode_tag(data,size,offset), decode_varint and decode_length_delimited that no longer exist; the decoder is now a stateful reader class. Rewrite LLVMFuzzerTestOneInput to construct a reader and drive decode_tag(reader&, field, wt) plus read_varint / read_fixed64 / read_fixed32 / read_length_delimited, preserving the forward-progress and graceful-rejection guarantees.
@kcenon kcenon merged commit e6e9196 into develop Jun 23, 2026
8 checks passed
@kcenon kcenon deleted the fix/ci-fuzzing-target-and-dep branch June 23, 2026 04:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant