Harden fuzz checks for range int arrays

[aviggiano]

Summary

• add invariant checks for range int array results in fuzz targets
• bias fuzz inputs toward start=0 sparse-range cases
• fix 64-bit fuzzer range/getintarray result-size types
• expand API fuzzers with invariants for setbit semantics, getbits consistency, clearbits(_count) effects, and min/max cross-checks
• validate int-array ordering/presence and bit-array round-trips with bounded checks
• add bounded subset/superset assertions for AND/OR in operations fuzzer

Testing

• not run (fuzz build requires clang)

[aviggiano]

Fixes #139

[Copilot]

Pull request overview

This PR hardens the fuzzing infrastructure by adding comprehensive invariant checks for bitmap range operations, bit arrays, and API semantics. The changes introduce validation helpers to verify correctness of range queries, int/bit array conversions, and set operation properties.

Key changes:

• Added bounded validation helpers for range int arrays with nth-element cross-checks and full-array consistency verification
• Introduced biased fuzzing inputs toward sparse ranges (start=0, elements at 0/8/16) to increase edge-case coverage
• Expanded API fuzzer with invariant checks for setbit return values, getbits/clearbits consistency, min/max correctness, and jaccard bounds

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
tests/fuzz/fuzz_common.h	Adds validation constants (MAX_RANGE_VALIDATE_CARDINALITY, MAX_BITARRAY_VALIDATE_SIZE) and helper functions for checking range int arrays, int arrays, bit arrays, and input bit arrays for both 32-bit and 64-bit bitmaps
tests/fuzz/fuzz_bitmap_serialization.c	Adds biased fuzzing inputs for sparse ranges, integrates validation checks for int arrays and range operations, and validates bit array round-trips within bounded sizes
tests/fuzz/fuzz_bitmap_operations.c	Adds subset/superset validation for AND operations (all result elements must be in all inputs) and OR operations (all input elements must be in result)
tests/fuzz/fuzz_bitmap_api.c	Adds invariant checks for setbit return value matching previous state, getbits consistency with getbit, clearbits effects, min/max correctness via nth-element, jaccard bounds, and integrates validation for int/bit arrays
tests/fuzz/fuzz_bitmap64_api.c	Mirrors 32-bit API fuzzer enhancements with 64-bit type corrections (uint64_t for result_size/result_count), includes same invariant checks adapted for 64-bit API

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Potential overflow when end equals SIZE_MAX and start is less than SIZE_MAX. The expression end - start + 1 would overflow. Although current usage patterns may not trigger this, consider adding overflow protection for robustness, such as checking if end == SIZE_MAX before the addition.