@@ -241,255 +241,72 @@ jobs:
241241 github_token : ${{ secrets.GITHUB_TOKEN }}
242242 show_full_output : true
243243 prompt : |
244- # Fuzzer Crash Fix Automation
244+ # Fuzzer Crash Fix - Issue #${{ env.ISSUE_NUMBER }}
245245
246- You are analyzing a fuzzer-detected crash to attempt an automated fix. This issue was created by our fuzzing automation.
246+ ## Context
247247
248- ## Your Mission
248+ A fuzzer crash has been detected, downloaded, and reproduced. Your job is to analyze it and attempt a fix.
249249
250- 1. **Download and reproduce the crash**
251- 2. **Analyze the root cause** using the stack trace and source code
252- 3. **Create a fix** if the issue is straightforward
253- 4. **Write regression tests** that would fail without your fix
254- 5. **Verify the fix** by running the fuzzer and tests
255- 6. **Post your findings** as a comment on the issue
250+ **Crash file**: `${{ env.CRASH_FILE_PATH }}`
251+ **Crash log**: `crash_reproduction.log` (already run with RUST_BACKTRACE=full)
252+ **Target**: ${{ env.TARGET }}
256253
257- ## Issue Details
254+ ## Your Task
258255
259- - **Issue**: #${{ env.ISSUE_NUMBER }}
260- - **Title**: ${{ env.ISSUE_TITLE }}
261- - **Target**: ${{ env.TARGET }}
262- - **Crash File**: ${{ env.CRASH_FILE }}
256+ 1. **Analyze**: Read `crash_reproduction.log` to understand the crash
257+ 2. **Fix**: If straightforward (missing bounds check, validation, edge case), fix it
258+ 3. **Test**: Write a regression test using the crash file
259+ 4. **Verify**: Run the test and fuzzer to confirm fix works
260+ 5. **Post**: Comment on issue #${{ env.ISSUE_NUMBER }} with your analysis
263261
264- ## ✅ Pre-Validated Information
262+ ## Important
265263
266- **Good news!** The crash artifact has already been downloaded and the crash has been reproduced.
264+ - Read the crash log first: `cat crash_reproduction.log`
265+ - Keep fixes minimal - only fix the specific bug
266+ - Follow CLAUDE.md code style guidelines
267+ - **YOU MUST post a comment on issue #${{ env.ISSUE_NUMBER }}** using `gh issue comment` when done
267268
268- - **Crash file location**: `${{ env.CRASH_FILE_PATH }}`
269- - **Crash reproduction log**: `crash_reproduction.log`
269+ ## Fixability Guidelines
270270
271- The crash has been confirmed to still exist on the current codebase, so you can proceed with analysis and fixing.
271+ **Can fix** (do it): Missing bounds check, validation, edge case, off-by-one
272+ **Can't fix** (analyze only): Architecture issues, complex logic, requires domain knowledge
272273
273- ## Step 1: Analyze the Crash
274+ ## Comment Template
274275
275- Read the crash reproduction log to see the actual crash output:
276-
277- ```bash
278- cat crash_reproduction.log
279- ```
280-
281- This will show you the panic message, stack trace, and any debug output.
282-
283- ## Step 2: Analyze the Root Cause
284-
285- 1. Read the **Stack Trace** from the crash reproduction log
286- 2. Identify the **Crash Location** (file and line)
287- 3. Read the source code at that location
288- 4. Understand what input caused the crash (check the Debug Output in the issue)
289- 5. Determine the root cause:
290- - Bounds check missing?
291- - Invalid assumption?
292- - Edge case not handled?
293- - Integer overflow?
294- - etc.
295-
296- ## Step 3: Assess Fixability
297-
298- Determine if this is something you can fix:
299-
300- **CAN FIX** (straightforward):
301- - Missing bounds check
302- - Missing validation
303- - Edge case handling
304- - Simple panic that should be an error
305- - Off-by-one error
306-
307- **CANNOT FIX** (needs human):
308- - Architectural issues
309- - Complex logic errors
310- - Requires domain knowledge
311- - Multiple files/modules affected
312- - Unclear requirements
313-
314- ## Step 4: If Fixable - Create the Fix
315-
316- 1. **Modify the source code** to fix the issue
317- 2. **Add validation** or bounds checks as needed
318- 3. **Handle the edge case** properly
319- 4. **Follow the project's code style** (see CLAUDE.md)
320- 5. **Keep changes minimal** - only fix the specific issue
321-
322- ## Step 5: Write Regression Tests
323-
324- Create tests that:
325- 1. **Would fail before your fix** (reproduce the crash)
326- 2. **Pass after your fix** (verify it's solved)
327- 3. **Use the crash file as input** (the actual fuzzer input that triggered it)
328- 4. **Are placed in the right location** (near the code being tested)
329-
330- Example structure:
331- ```rust
332- #[test]
333- fn test_fuzzer_crash_issue_${{ env.ISSUE_NUMBER }}() {
334- // This test reproduces the crash from issue #${{ env.ISSUE_NUMBER }}
335- // The fuzzer discovered this input that caused a panic
336-
337- let input = /* minimal reproducing input */;
338-
339- // This should not panic
340- let result = function_that_crashed(input);
341-
342- // Assert the expected behavior
343- assert!(result.is_ok() || result.is_err()); // depending on expected outcome
344- }
345- ```
346-
347- ## Step 6: Verify Your Fix
348-
349- 1. Run the new regression test:
350- ```bash
351- cargo test test_fuzzer_crash_issue_${{ env.ISSUE_NUMBER }}
352- ```
353-
354- 2. Run the fuzzer with the crash file (with full backtrace):
355- ```bash
356- RUST_BACKTRACE=full cargo +nightly fuzz run --sanitizer=none ${{ env.TARGET }} ${{ env.CRASH_FILE_PATH }} -- -runs=100
357- ```
358-
359- 3. Run related tests:
360- ```bash
361- cargo test --package <affected-package>
362- ```
363-
364- 4. Check for lint issues:
365- ```bash
366- cargo clippy --all-targets --all-features
367- ```
368-
369- 5. Format code:
276+ When done, post your findings using:
370277 ```bash
371- cargo +nightly fmt --all
278+ gh issue comment ${{ env.ISSUE_NUMBER }} --body "YOUR_COMMENT_HERE"
372279 ```
373280
374- ## Step 7: Post Your Analysis
281+ **If you fixed it**, include:
282+ - Root cause (2-3 sentences)
283+ - Files modified
284+ - Test name and verification results
285+ - Note: "This is an automated fix - please review carefully"
375286
376- Comment on issue #${{ env.ISSUE_NUMBER }} with your findings:
377-
378- ### If You Created a Fix:
379-
380- ```markdown
381- ## 🤖 Automated Fix Attempt
382-
383- I've analyzed this crash and created a potential fix.
384-
385- ### Root Cause Analysis
386-
387- [Explain what caused the crash in 2-3 sentences]
388-
389- ### The Fix
390-
391- **Modified files:**
392- - `path/to/file.rs` - [brief description of changes]
393-
394- **Key changes:**
395- - [Bullet point summary of what you changed]
396-
397- ### Regression Tests
398-
399- Created test(s):
400- - `test_fuzzer_crash_issue_${{ env.ISSUE_NUMBER }}()` in `path/to/test.rs`
401-
402- **Test verification:**
403- ```
404- [Output from running the test]
405- ```
406-
407- ### Verification
408-
409- ✅ Regression test passes
410- ✅ Fuzzer no longer crashes on the input
411- ✅ Related tests pass
412- ✅ Clippy checks pass
413- ✅ Code formatted
414-
415- ### Next Steps
416-
417- Please review the fix and:
418- 1. Verify the logic is correct
419- 2. Check if additional edge cases should be handled
420- 3. Consider if this fix should be applied elsewhere
421- 4. Merge if satisfactory or provide feedback
422-
423- **Note**: This is an automated fix attempt. Please review carefully before merging.
424- ```
425-
426- Use the `gh issue comment` command to post this.
427-
428- ### If You Cannot Fix It:
429-
430- ```markdown
431- ## 🤖 Automated Analysis
432-
433- I've analyzed this crash but cannot create an automated fix.
434-
435- ### Root Cause Analysis
436-
437- [Explain what caused the crash]
438-
439- ### Why I Can't Fix It
440-
441- [Explain why this needs human intervention - e.g., architectural issue, requires domain knowledge, etc.]
442-
443- ### Suggested Approach
444-
445- [Provide suggestions for how a human might fix this:
446- - What code needs to change
447- - What validation might be needed
448- - Potential approaches to consider]
449-
450- ### Reproduction Verified
451-
452- [If you were able to reproduce it, confirm here]
453-
454- **Note**: This issue requires human analysis and fixing.
455- ```
456-
457- ## Important Guidelines
458-
459- - **Be conservative**: Only create fixes for straightforward issues
460- - **Minimal changes**: Don't refactor, just fix the specific bug
461- - **Test thoroughly**: Your regression tests must actually catch the bug
462- - **Follow CLAUDE.md**: Use project conventions
463- - **Comment your reasoning**: Help reviewers understand the fix
464- - **Don't commit yet**: Post your analysis first for review
465-
466- ## Available Tools
467-
468- You have access to:
469- - Full repository source code (Read/Write/Edit)
470- - Cargo toolchain (build, test, clippy, fmt, fuzz)
471- - Git operations (for creating branches if requested)
472- - GitHub CLI (for commenting on issues)
473-
474- ## Issue Body
475-
476- Here's the full issue body for reference:
477-
478- ```
479- ${{ env.ISSUE_BODY }}
480- ```
481-
482- ## Start Here
483-
484- Begin by reading the issue body carefully to extract:
485- 1. The stack trace
486- 2. The crash location
487- 3. The error message
488- 4. The artifact download URL
489- 5. Any debug output
490-
491- Then proceed with your analysis. Good luck! 🚀
287+ **If you can't fix it**, include:
288+ - Root cause analysis
289+ - Why it needs human intervention
290+ - Suggested approach
492291claude_args : |
493292 --model claude-opus-4-20250514
494- --max-turns 40
293+ --max-turns 60
495294 --allowedTools "Read,Write,Edit,Glob,Grep,Bash(cargo:*),Bash(gh issue comment:*),Bash(gh run download:*),Bash(curl:*),Bash(find:*),Bash(ls:*),Bash(cat:*),Bash(RUST_BACKTRACE=*:*)"
295+
296+ name : Verify Claude posted comment
297+ if : steps.reproduce.outputs.crash_reproduced == 'true'
298+ env :
299+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
300+ run : |
301+ ISSUE_NUM="${{ (github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call') && inputs.issue_number || github.event.issue.number }}"
302+
303+ # Check if there are any new comments from claude-code-action
304+ COMMENT_COUNT=$(gh api repos/${{ github.repository }}/issues/$ISSUE_NUM/comments --jq 'length')
305+
306+ if [ "$COMMENT_COUNT" -eq 0 ]; then
307+ echo "⚠️ WARNING: Claude did not post a comment on issue #$ISSUE_NUM"
308+ echo "This may indicate Claude hit max turns or encountered an error"
309+ exit 1
310+ else
311+ echo "✅ Claude posted analysis comment on issue #$ISSUE_NUM"
312+ fi
0 commit comments