Skip to content

Add JSON encode fuzz runner #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
membphis wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Add JSON encode fuzz runner #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
617b216
docs: design json encode fuzz runner
membphis May 29, 2026
deacb38
docs: plan json encode fuzz runner
membphis May 29, 2026
1f6cebd
chore: ignore superpowers docs
membphis May 29, 2026
47a0ab1
chore: ignore local build outputs
membphis May 29, 2026
886cb3b
test: add fuzz encode library skeleton
membphis May 29, 2026
78507ab
fix: handle numeric sort keys override
membphis May 29, 2026
5872048
feat: generate json encode fuzz cases
membphis May 29, 2026
e7f9e4c
fix: tighten fuzz generator metadata
membphis May 29, 2026
f61898a
fix: reject fake rapidjson null sentinel
membphis May 29, 2026
4501a83
feat: validate json encode fuzz output
membphis May 29, 2026
ca5b742
fix: validate nested object key order
membphis May 29, 2026
1d00333
feat: add json encode fuzz runner
membphis May 29, 2026
16f843b
fix: fail fuzz run on encode errors
membphis May 29, 2026
6a2ab74
fix: tolerate json float round-trip drift
membphis May 29, 2026
51d17fa
feat: add time-based fuzz sample output
membphis May 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ CMakeFiles
cmake_install.cmake
json.so
json.dll
rapidjson.so
rapidjson.so.dSYM/
deps/
/*.src.rock
/rapidjson/test/
Expand All @@ -26,3 +28,4 @@ rapidjson/rapidjson.autopkg
rapidjson/travis-doxygen.sh
/cmake-build-debug
/.idea
/docs/superpowers/
62 changes: 62 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
.PHONY: fuzz

LUA ?= lua
DURATION ?= 3600
INTERVAL ?= 5
WORKERS ?= 1
SEED ?= $(shell date +%s)
SORT_KEYS ?= 1
SAMPLE_INTERVAL ?= 0
SAMPLE_LIMIT ?=

fuzz:
@set -u; \
tmpdir=$$(mktemp -d "$${TMPDIR:-/tmp}/lua-rapidjson-fuzz.XXXXXX"); \
pids=""; \
cleanup() { rm -rf "$$tmpdir"; }; \
stop_workers() { for pid in $$pids; do kill "$$pid" 2>/dev/null || true; done; cleanup; }; \
trap cleanup EXIT; \
trap stop_workers INT TERM; \
Comment on lines +17 to +19
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify trap + loop dependency on tmpdir markers.
rg -n -C2 'stop_workers\(\)|trap stop_workers|tmpdir|done_count|fail\.\*|done\.\*' Makefile

Repository: api7/lua-rapidjson

Length of output: 954

Stop the fuzz polling loop from continuing after INT/TERM cleanup
In Makefile’s fuzz target, stop_workers() (lines ~15–17) calls cleanup() which rm -rfs $$tmpdir, but the parent while :; do polling loop (lines ~39–50) keeps waiting on ls "$$tmpdir"/fail.* / ls "$$tmpdir"/done.*. After $$tmpdir is removed, fail.* never appears and done_count stays at 0, so the loop can sleep indefinitely.

Suggested fix 
-	stop_workers() { for pid in $$pids; do kill "$$pid" 2>/dev/null || true; done; cleanup; }; \
+	stop_workers() { \
+		for pid in $$pids; do kill "$$pid" 2>/dev/null || true; done; \
+		exit 130; \
+	}; \
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
stop_workers() { for pid in $$pids; do kill "$$pid" 2>/dev/null || true; done; cleanup; }; \
trap cleanup EXIT; \
trap stop_workers INT TERM; \
stop_workers() { \
for pid in $$pids; do kill "$$pid" 2>/dev/null || true; done; \
exit 130; \
}; \
trap cleanup EXIT; \
trap stop_workers INT TERM; \
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` around lines 15 - 17, The polling loop in the fuzz target can hang
after stop_workers() calls cleanup() and removes $$tmpdir; update the loop that
waits on ls "$$tmpdir"/fail.* / done.* (the while :; do ... done loop) so it
breaks if the temp directory is gone (e.g., add a check if [ ! -d "$$tmpdir" ];
then break; fi) or also check for a sentinel file; alternatively, have
stop_workers() create a sentinel outside $$tmpdir before calling cleanup() and
make the loop exit when that sentinel is present. Reference: stop_workers(),
cleanup, the fuzz target while loop, $$tmpdir, fail.*, and done_count.

worker=1; \
while [ "$$worker" -le "$(WORKERS)" ]; do \
seed=$$(( $(SEED) + $$worker - 1 )); \
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify mismatch between Makefile arithmetic requirement and fuzz lib seed normalization.
rg -n -C2 'seed=\$\$\(\(|SEED' Makefile
rg -n -C3 'normalize_seed|tonumber\(|SEED' tools/fuzz_encode_lib.lua

Repository: api7/lua-rapidjson

Length of output: 1770

🏁 Script executed:

#!/bin/bash
# Inspect Makefile around SEED and seed arithmetic.
sed -n '1,60p' Makefile

# Find other SEED usage in repo.
rg -n 'SEED\b' Makefile tools -S

Repository: api7/lua-rapidjson

Length of output: 1750

🏁 Script executed:

#!/bin/bash
# Inspect how SEED is passed into Lua and normalized.
sed -n '1,120p' tools/fuzz_encode.lua
sed -n '1,120p' tools/fuzz_encode_lib.lua

Repository: api7/lua-rapidjson

Length of output: 4798

Coerce SEED to numeric (matching Lua) before Make arithmetic
The fuzz recipe computes per-worker seeds with shell arithmetic (seed=$$(( $(SEED) + $$worker - 1 ))), which requires $(SEED) to be numeric; SEED=abc fails before Lua starts. Lua’s tools/fuzz_encode_lib.lua normalize_seed() already falls back to os.time() for non-numeric inputs, so the Makefile should apply the same numeric fallback (e.g., use date +%s when SEED isn’t an integer) instead of failing early.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` at line 20, The Makefile's fuzz recipe must coerce SEED to a
numeric fallback before doing shell arithmetic; modify the recipe to compute a
numeric SEED value (e.g., set SEED_NUM from SEED if it matches an integer,
otherwise use the current epoch like date +%s) and then compute per-worker seed
using that numeric SEED_NUM (replace the existing seed=$$(( $(SEED) + $$worker -
1 )) with arithmetic based on SEED_NUM). Reference the fuzz recipe, the SEED
variable, the per-worker seed calculation, and
tools/fuzz_encode_lib.lua::normalize_seed() so the behavior matches Lua's
fallback to os.time().

( \
DURATION="$(DURATION)" \
INTERVAL="$(INTERVAL)" \
WORKERS="$(WORKERS)" \
WORKER_ID="$$worker" \
SEED="$$seed" \
SORT_KEYS="$(SORT_KEYS)" \
SAMPLE_INTERVAL="$(SAMPLE_INTERVAL)" \
SAMPLE_LIMIT="$(SAMPLE_LIMIT)" \
"$(LUA)" tools/fuzz_encode.lua; \
rc=$$?; \
if [ "$$rc" -ne 0 ]; then \
echo "$$rc" > "$$tmpdir/fail.$$worker"; \
fi; \
echo "$$rc" > "$$tmpdir/done.$$worker"; \
) & \
pids="$$pids $$!"; \
worker=$$(( $$worker + 1 )); \
done; \
status=0; \
while :; do \
if ls "$$tmpdir"/fail.* >/dev/null 2>&1; then \
status=1; \
for pid in $$pids; do \
kill "$$pid" 2>/dev/null || true; \
done; \
break; \
fi; \
done_count=$$(ls "$$tmpdir"/done.* 2>/dev/null | wc -l | tr -d ' '); \
if [ "$$done_count" -ge "$(WORKERS)" ]; then \
break; \
fi; \
sleep 1; \
done; \
for pid in $$pids; do \
if ! wait "$$pid" 2>/dev/null; then \
status=1; \
fi; \
done; \
exit "$$status"
Loading