ci: add libFuzzer harnesses + valgrind memcheck for the pure parsers#53
Merged
Conversation
…, regen seeds One selector byte could only target what=-2..253, leaving palette indices 254/255 unreachable. Use a 2-byte little-endian selector spanning all 258 values; regenerate the seed corpus so fg/bg/palette/rgba deterministically hit their target branches (replay coverage 5 -> 8). Add tests/fuzz/.gitignore so libFuzzer-discovered corpus units and crash artifacts are never committed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add libFuzzer harnesses for the three pure parsers (
lt__key_decode,lt__color_parse_osc_reply,lt__utf8_decode) plus a valgrind memcheck CI pass over the pure-unit test subset — covering ROADMAP DoD #7 ("fuzzer runs an hour without crashes; valgrind reports no leaks").Changes
LIBTERM_BUILD_FUZZERSCMake option (clang-only, default OFF),tests/fuzz/subdir,fuzz_keymapharness over the input decoder + seed corpus.fuzz_colorqover the OSC color-reply parser + seed corpus.fuzz_utf8over the UTF-8 decoder + seed corpus.valgrind_safeCTest label on the 11 pure, non-pty, non-timing tests; minimaltests/valgrind.supp.-runs=0) + a 30s exploratory run; fails on any crash.valgrind_safesubset under memcheck (--error-exitcode=1), covering uninitialized-read coverage the existing asan/ubsan job does not.fuzz-nightly.yml: schedule + dispatch, 3-target matrix, ~20 min/target (~1h combined), uploads crash artifacts.whattargets are reachable (replay coverage 5→8); broadened valgrind leak-kinds todefinite,indirect; addedtests/fuzz/.gitignoreso libFuzzer-discovered corpus units and crash artifacts are never committed.Testing
ctest→100% tests passed, 0 tests failed out of 34.exit=0.CC=gcc cmake -DLIBTERM_BUILD_FUZZERS=ON→CMake Error … requires clang.ctest -L valgrind_safe -N→Total Tests: 11(none of the excluded pty/timing tests).ci.ymlfuzz-smoke/valgrind,fuzz-nightly.ymlmatrix) parses valid.