fuzz: add dedicated number boundary fuzzer#160
Conversation
Implements structured number fuzzing using the arbitrary crate to test RFC 8259 compliance and numeric decode correctness. Key features: - Boundary-biased generation (70%): exponent limits (1e308, 1e-308, 1e309, 1e-324), integer boundaries (i64::MAX±1, u64::MAX±1), leading zeros (00, 01), invalid signs (+1, --1) - Random generation (30%): arbitrary sign/integer/fraction/exponent combinations - Whitespace variation: tests numbers with various surrounding whitespace - Dual-mode validation: EAGER mode must reject RFC 8259 violations, LAZY mode defers to access time - Cross-validation: compares accept/reject decisions with serde_json - Extraction verification: validates decoded i64/f64 values match expected results Test vectors include: - Exponent boundaries: 1e308, 1e-308, 1e309 (overflow), 1e-324 (underflow) - Integer boundaries: i64::MAX, i64::MAX+1, i64::MIN, i64::MIN-1, u64::MAX, u64::MAX+1 - Leading zeros: 00, 01, -00 (invalid RFC 8259) - Invalid signs: +1, --1 - Decimal precision: up to 20-digit mantissas The fuzzer wraps generated numbers in JSON arrays [number] and tests both parse-time validation (EAGER vs LAZY) and access-time decode via qjson_get_i64/qjson_get_f64 FFI calls.
Add 10 i_number_*.json files from JSONTestSuite as initial corpus: - Edge cases for huge exponents (positive and negative) - Overflow and underflow scenarios - Very large integers beyond standard limits These seed inputs target number parsing edge cases in the fuzz_numbers harness.
Add fuzz_numbers target to the weekly fuzzing workflow. The target exercises number parsing edge cases including large exponents, precision boundaries, and RFC 8259 compliance.
|
Warning Review limit reached
More reviews will be available in 20 minutes and 39 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (13)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.05.
| Benchmark suite | Current: 3633fe8 | Previous: ce8642b | Ratio |
|---|---|---|---|
parse_lazy/parse/deep_nesting |
2841 ns/iter (± 11) |
2488 ns/iter (± 14) |
1.14 |
This comment was automatically generated by workflow using github-action-benchmark.
1 participant
Summary
Add a dedicated fuzz target (
fuzz_numbers) that generates numbers biased toward parsing boundaries to stress-test the number decoder.Closes #153
Changes
arbitrarycrate to generate structured number components with ~70% boundary biasi_number_*casesfuzz_numbersto timed fuzzing scheduleNumber Patterns Generated
1e308,1e-308,1e309(overflow),1e-324(underflow)i64::MAX,i64::MIN,u64::MAX, overflow variants00,01,-00(RFC 8259 violations)-0,+1(invalid),--1(invalid)Validation