vortex-data
diff --git a/‎.github/actions/report-fuzz-failure/action.yml‎
Lines changed: 219 additions & 0 deletions b/‎.github/actions/report-fuzz-failure/action.yml‎
Lines changed: 219 additions & 0 deletions
diff --git a/‎.github/workflows/claude.yml‎
Lines changed: 9 additions & 3 deletions b/‎.github/workflows/claude.yml‎
Lines changed: 9 additions & 3 deletions
@@ -0,0 +1,219 @@
+name: "Report Fuzz Failure"
+description: "Analyzes fuzzer crashes and creates or updates GitHub issues using Claude"
+inputs:
+  fuzz_target:
+    description: "Name of the fuzz target (e.g., file_io, array_ops)"
+    required: true
+  crash_file:
+    description: "Name of the crash file"
+    required: true
+  artifact_url:
+    description: "URL to the crash artifact"
+    required: true
+  artifact_name:
+    description: "Name of the artifact (e.g., io-fuzzing-crash-artifacts)"
+    required: true
+  logs_artifact_name:
+    description: "Name of the logs artifact"
+    required: true
+  branch:
+    description: "Branch name"
+    required: true
+  commit:
+    description: "Commit SHA"
+    required: true
+  claude_code_oauth_token:
+    description: "Claude Code OAuth token"
+    required: true
+  github_token:
+    description: "GitHub token"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout repository
+      uses: actions/checkout@v5
+
+    - name: Download fuzzer logs
+      uses: actions/download-artifact@v4
+      with:
+        name: ${{ inputs.logs_artifact_name }}
+        path: ./logs
+
+    - name: Analyze and report crash with Claude
+      env:
+        CRASH_FILE: ${{ inputs.crash_file }}
+        ARTIFACT_URL: ${{ inputs.artifact_url }}
+        BRANCH: ${{ inputs.branch }}
+        COMMIT: ${{ inputs.commit }}
+        FUZZ_TARGET: ${{ inputs.fuzz_target }}
+        ARTIFACT_NAME: ${{ inputs.artifact_name }}
+      uses: anthropics/claude-code-action@v1
+      with:
+        claude_code_oauth_token: ${{ inputs.claude_code_oauth_token }}
+        github_token: ${{ inputs.github_token }}
+        show_full_output: true
+        prompt: |
+          # Fuzzer Crash Analysis and Reporting
+
+          A fuzzing run for the `$FUZZ_TARGET` target has detected a crash. Analyze it and report by creating or updating a GitHub issue.
+
+          ## Step 1: Analyze the Crash
+
+          1. Read the fuzzer log: `logs/fuzz_output.log`
+          2. Extract:
+             - Stack trace (lines with `#0`, `#1`, etc.)
+             - Error message ("panicked at" or "ERROR:")
+             - Crash location (top user code frame, not std/core/libfuzzer)
+             - Debug output (look for "Output of `std::fmt::Debug`:" section before the crash)
+          3. Read the source code at the crash location to understand root cause
+
+          ## Step 2: Check for Duplicates
+
+          1. List existing fuzzer issues:
+             ```bash
+             gh issue list --repo ${{ github.repository }} --label fuzzer --state open --json number,title,body --limit 50
+             ```
+
+          2. For each existing issue, compare:
+             - **Crash location**: Same file + function? (line numbers can differ)
+             - **Error pattern**: Same error after normalizing values?
+               - "index 5 out of bounds" = "index 12 out of bounds" (SAME)
+               - "len is 100" = "len is 5" (SAME)
+             - Read source code if needed to verify same root cause
+
+          3. Determine duplication level:
+             - **EXACT DUPLICATE**: Same crash location + same error pattern → Add reaction
+             - **SIMILAR**: Same general area but unclear → Add comment
+             - **NEW BUG**: Different location or different error type → Create new issue
+
+          ## Step 3: Take Action
+
+          ### If EXACT DUPLICATE (high confidence):
+          Update or create a tracking comment to count occurrences:
+
+          1. First, check if there's already a tracking comment (look for a comment starting with "<!-- occurrences: ")
+          2. If found, extract the count, increment it, and edit the comment
+          3. If not found, create a new comment
+
+          Comment format:
+          ```markdown
+          <!-- occurrences: N -->
+          **Crash seen N time(s)**
+
+          Latest occurrence:
+          - Crash file: $CRASH_FILE
+          - Artifact: $ARTIFACT_URL
+          - Branch: $BRANCH
+          - Commit: $COMMIT
+          ```
+
+          Use:
+          - `gh api repos/${{ github.repository }}/issues/ISSUE_NUM/comments` to list comments
+          - `gh api repos/${{ github.repository }}/issues/comments/COMMENT_ID -X PATCH` to update
+          - `gh issue comment ISSUE_NUM` to create new
+
+          ### If SIMILAR (medium confidence):
+          Comment on the existing issue with analysis:
+          ```bash
+          gh issue comment ISSUE_NUM --repo ${{ github.repository }} --body "..."
+          ```
+
+          Include in comment:
+          - Note that another crash was detected
+          - Your confidence level and reasoning
+          - Key differences if any
+          - Crash file: $CRASH_FILE
+          - Workflow: $WORKFLOW_RUN
+
+          ### If NEW BUG (not a duplicate):
+          Create a new issue with `gh issue create`:
+          ```bash
+          gh issue create --repo ${{ github.repository }} \
+            --title "Fuzzing Crash: [brief description]" \
+            --label "bug,fuzzer" \
+            --body "..."
+          ```
+
+          Issue body must include:
+          ```markdown
+          ## Fuzzing Crash Report
+
+          ### Analysis
+
+          **Crash Location**: `file.rs:function_name`
+
+          **Error Message**:
+          ```
+          [error message]
+          ```
+
+          **Stack Trace**:
+          ```
+          [top 5-7 frames - keep in code block to prevent markdown rendering issues]
+          ```
+
+          Note: Keep stack traces in code blocks to prevent `#0`, `#1` from being interpreted as markdown headers.
+
+          **Root Cause**: [Your analysis]
+
+          <details>
+          <summary>Debug Output</summary>
+
+          ```
+          [Include the complete "Output of std::fmt::Debug:" section from the fuzzer log]
+          ```
+          </details>
+
+          ### Summary
+
+          - **Target**: `$FUZZ_TARGET`
+          - **Crash File**: `$CRASH_FILE`
+          - **Branch**: $BRANCH
+          - **Commit**: $COMMIT
+          - **Crash Artifact**: $ARTIFACT_URL
+
+          ### Reproduction
+
+          1. Download the crash artifact:
+             - **Direct download**: $ARTIFACT_URL
+             - Or find `$ARTIFACT_NAME` at: $WORKFLOW_RUN
+             - Extract the zip file
+
+          2. Reproduce locally:
+          ```bash
+          # The artifact contains $FUZZ_TARGET/$CRASH_FILE
+          cargo +nightly fuzz run --sanitizer=none $FUZZ_TARGET $FUZZ_TARGET/$CRASH_FILE
+          ```
+
+          3. Get full backtrace:
+          ```bash
+          RUST_BACKTRACE=full cargo +nightly fuzz run --sanitizer=none $FUZZ_TARGET $FUZZ_TARGET/$CRASH_FILE
+          ```
+
+          ---
+          *Auto-created by fuzzing workflow with Claude analysis*
+          ```
+
+          ## Important Guidelines
+
+          - Be conservative: when unsure, prefer creating a new issue over marking as duplicate
+          - Focus on ROOT CAUSE, not specific values in error messages
+          - You have full repo access - read source code to understand crashes
+          - Only use +1 reaction for truly identical crashes
+
+          ## Environment Variables
+
+          - CRASH_FILE: $CRASH_FILE
+          - ARTIFACT_URL: $ARTIFACT_URL (direct link to crash artifact)
+          - BRANCH: $BRANCH
+          - COMMIT: $COMMIT
+          - FUZZ_TARGET: $FUZZ_TARGET
+          - ARTIFACT_NAME: $ARTIFACT_NAME
+
+          Start by reading `logs/fuzz_output.log`.
+        claude_args: |
+          --model claude-sonnet-4-5-20250929
+          --max-turns 25
+          --allowedTools "Read,Write,Bash(gh issue list:*),Bash(gh issue view:*),Bash(gh issue create:*),Bash(gh issue comment:*),Bash(gh api:*),Bash(echo:*),Bash(cat:*),Bash(jq:*),Bash(grep:*),Bash(cargo +nightly fuzz run:*),Bash(RUST_BACKTRACE=* cargo +nightly fuzz run:*)"
@@ -45,15 +45,21 @@ jobs:
           additional_permissions: |
             actions: read
 
+          # Optional: Specify model (defaults to Claude Sonnet 4, uncomment for Claude Opus 4)
+          # model: "claude-opus-4-20250514"
+
           # Optional: Customize the trigger phrase (default: @claude)
           # trigger_phrase: "/claude"
 
           # Optional: Trigger when specific user is assigned to an issue
           # assignee_trigger: "claude-bot"
 
-          claude_args: |
-            --allowedTools "Bash(cargo nextest:*),Bash(cargo check:*),Bash(cargo clippy:*),Bash(cargo fmt:*),Bash(uv run:*)"
-            --system-prompt "You have been granted tools for editing files and running cargo commands (cargo nextest, cargo check, cargo clippy, cargo fmt) and uv for running pytest (e.g. via uv run --all-packages pytest)"
+          allowed_tools: "Bash(cargo nextest:*),Bash(cargo check:*),Bash(cargo clippy:*),Bash(cargo fmt:*),Bash(uv run:*)"
+
+          # Optional: Add custom instructions for Claude to customize its behavior for your project
+          custom_instructions: "You have also been granted tools:
+           - for editing files and running cargo commands (cargo nextest, cargo check, cargo clippy, cargo fmt).
+           - uv for running pytest (e.g. via uv run --all-packages pytest)"
 
           # Optional: Custom environment variables for Claude
           # claude_env: |