Skip to content

ci: buffer fuzz timeout above max_total_time so libFuzzer self-exits#40

Merged
27Bslash6 merged 1 commit into
mainfrom
ci/fuzz-timeout-buffer
Jun 6, 2026
Merged

ci: buffer fuzz timeout above max_total_time so libFuzzer self-exits#40
27Bslash6 merged 1 commit into
mainfrom
ci/fuzz-timeout-buffer

Conversation

@27Bslash6
Copy link
Copy Markdown
Contributor

@27Bslash6 27Bslash6 commented May 31, 2026
edited by coderabbitai Bot
Loading

What

Widen the outer timeout wrapping cargo fuzz run in both the Quick Fuzz and Deep Fuzzing jobs so it sits above libFuzzer's -max_total_time, not equal to it.

Job timeout -max_total_time Slack
Quick Fuzz 120 → 150 120 +30s
Deep Fuzzing 28800 → 28980 28800 +3min (within 540min job cap)

Why

libFuzzer self-exits gracefully at -max_total_time with a final Done N runs + corpus consolidation. Its clock starts after build + corpus-load, so an equal outer timeout always wins the race — it SIGTERMs the process first, every run logs run interrupted, and a genuine hang becomes indistinguishable from normal end-of-budget completion. The buffer makes timeout a hang safety-net only.

Exit code 124 (timeout fired = real hang) remains tolerated.

Notes

Summary by CodeRabbit

  • Chores
    • Increased outer timeouts for fuzzing runs: Quick Fuzz raised from 120s to 150s; Deep Fuzzing raised from 28,800s to 28,980s.
    • Maintained tolerance for exit code 124.
    • Expanded inline documentation clarifying the timing interaction between outer timeout and the fuzzer’s internal timing.

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 31, 2026
edited
Loading

Too many files changed? Review this PR in Change Stack to see how the pieces fit before you dive in.

Review Change Stack

Walkthrough

Updated security workflow timeout handling for libFuzzer fuzzing jobs. Quick Fuzz outer timeout increased from 120 to 150 seconds, Deep Fuzz from 28800 to 28980 seconds, both preserving their inner -max_total_time limits. Added explanatory comments detailing the timing race and exit code 124 tolerance rationale.

Changes

Fuzzing workflow timeout tuning

Layer / File(s) Summary
Quick Fuzz timeout adjustment
.github/workflows/security.yml		 Outer timeout increased to 150 seconds (from 120) while keeping -max_total_time=120, with comments explaining how the timing gap prevents misinterpreting normal libFuzzer completion as an interrupt or hang; exit code 124 tolerance preserved.
Deep Fuzz timeout adjustment
.github/workflows/security.yml		 Outer timeout increased to 28980 seconds (from 28800) while keeping -max_total_time=28800, with expanded comments documenting the 180-second slack to avoid job cap early termination and to keep hang/kill behaviour distinguishable from normal completion.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

  • cachekit-io/cachekit-core#33: Prior PR modified Deep Fuzzing timeout configuration; this PR builds on those changes by adding timeout slack and expanded documentation about libFuzzer clock timing.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarises the primary change: adding a buffer between the outer CI timeout and libFuzzer's max_total_time to allow libFuzzer to self-exit properly.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch ci/fuzz-timeout-buffer

Comment @coderabbitai help to get the list of available commands and usage tips.

@27Bslash6 27Bslash6 mentioned this pull request Jun 4, 2026
Closed
@27Bslash6
ci: buffer fuzz timeout above max_total_time so libFuzzer self-exits
81b82ad 
The outer `timeout` wrapping `cargo fuzz run` must exceed -max_total_time.
libFuzzer's clock starts after build + corpus-load, so an equal timeout
always wins the race and SIGTERMs the process before its graceful "Done"
self-exit — every run then logs "run interrupted", making a genuine hang
indistinguishable from normal end-of-budget completion.

- Quick Fuzz:   timeout 120   -> 150   (max_total_time stays 120, +30s slack)
- Deep Fuzzing: timeout 28800 -> 28980 (max_total_time stays 28800, +3min slack, within 540min job cap)

Exit code 124 (genuine hang killed by timeout) remains tolerated.
@27Bslash6 27Bslash6 force-pushed the ci/fuzz-timeout-buffer branch from cab6ba3 to 81b82ad Compare June 6, 2026 00:28
@27Bslash6
Copy link
Copy Markdown
Contributor Author

27Bslash6 commented Jun 6, 2026

@coderabbitai approve

coderabbitai[bot]
coderabbitai Bot requested changes Jun 6, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/security.yml:
- Around line 190-197: The shell command using the GitHub Actions template
expansion `${{ matrix.target }}` should be quoted to prevent word-splitting or
injection if the matrix values change; update the timeout/cargo fuzz invocation
(the line calling `timeout 28980 cargo fuzz run ${{ matrix.target }} --
-max_total_time=28800 || [ $? -eq 124 ]`) to wrap the template expansion in
quotes (e.g., use `"$...` around `${{ matrix.target }}`) so the matrix target is
passed as a single argument to `cargo fuzz run`.
- Around line 127-132: Update the shell command that runs fuzzing to quote the
matrix expansion to avoid word-splitting or injection: change the invocation
"timeout 150 cargo fuzz run ${{ matrix.target }} -- -runs=0 -max_total_time=120
|| [ $? -eq 124 ]" so the template expansion is wrapped in double quotes (e.g.
"${{ matrix.target }}"), leaving the rest of the command and the timeout/error
handling unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 68e3bb38-839b-4824-a55b-960bb1548cda

📥 Commits

Reviewing files that changed from the base of the PR and between cab6ba3 and 81b82ad.

📒 Files selected for processing (1)
  • .github/workflows/security.yml

Comment thread .github/workflows/security.yml
Comment thread .github/workflows/security.yml
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Jun 6, 2026

✅ Action performed

Comments resolved and changes approved.

@27Bslash6 27Bslash6 merged commit 57ebdc5 into main Jun 6, 2026
30 checks passed
@27Bslash6 27Bslash6 deleted the ci/fuzz-timeout-buffer branch June 6, 2026 03:41
@coderabbitai coderabbitai Bot mentioned this pull request Jun 6, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@27Bslash6