test: strengthen lazy phase2 fuzz replay

[membphis]

Summary

• strengthen fuzz_parse_lazy so successful LAZY parses replay getter-observable semantics against serde_json
• add path-safe location collection for root/cursor getters while excluding duplicate-key and path-ambiguous cases
• document the semantic replay policy and add a path-safe corpus seed

Refs #138

Local verification

• cargo test --manifest-path fuzz/Cargo.toml --target-dir fuzz/target --bin fuzz_parse_lazy -- --nocapture
• cargo +nightly fuzz run fuzz_parse_lazy -- -runs=0
• cargo +nightly fuzz run fuzz_parse_lazy /tmp/qjson-fuzz-parse-lazy.s2c7Pv -- -max_total_time=60
• cargo clippy --manifest-path fuzz/Cargo.toml --target-dir fuzz/target --all-targets -- -D warnings
• cargo test --release --no-default-features --lib
• make lint
• git diff --check

Summary by CodeRabbit

• Documentation

  • Updated fuzzing guidelines in contributor documentation to clarify path-safe behavior and semantic validation procedures.

• Tests

  • Enhanced fuzzing test infrastructure with improved semantic replay validation and path-safe accessor coverage.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 04485c5e-ca65-4e59-a6aa-325f9b5363cf

📥 Commits

Reviewing files that changed from the base of the PR and between 2173c1a and ac68bb4.

📒 Files selected for processing (3)

• CONTRIBUTING.md
• fuzz/corpus/fuzz_parse_lazy/path_safe_getters.json
• fuzz/fuzz_targets/fuzz_parse_lazy.rs

---

📝 Walkthrough

Walkthrough

This PR extends fuzz_parse_lazy with path-aware semantic replay. The harness now records getter-observable values during cursor traversal at path-safe checkpoints, then verifies that qjson root and cursor FFI getters match at each recorded path, covering number normalization, varied-order sibling lookups, and raw key handling.

Changes

Path-aware semantic replay in fuzz_parse_lazy

Layer / File(s)	Summary
Test setup and path data structures fuzz/fuzz_targets/fuzz_parse_lazy.rs (1–31, 85–196)	Conditionally gates no_main for non-test builds. Introduces PathCheck and PathExpected enums to record getter-observable values and expected outcomes. Adds path safety checks, segment formatting (dot and bracket syntax), and bounded recording utilities. Refactors cursor_to_value and type helpers to accept and maintain path state alongside path_safe flags.
Array and object recursive traversal with semantic replay fuzz/fuzz_targets/fuzz_parse_lazy.rs (230–465)	Reworks array and object recursion to thread path, path safety, and path checks through the traversal. Scans and preserves raw object key bytes from JSON input to derive stable keys for replay. Implements varied-order warm lookups for array indices and object fields. Conditionally computes field-lookup keys based on decoded-key uniqueness to validate qjson cursor field behavior. Adds JSON byte-skipping helpers (skip_json_ws, scan_json_string_end, skip_json_value, skip_json_container).
Root and cursor getter verification fuzz/fuzz_targets/fuzz_parse_lazy.rs (478–656)	Adds verify_path_getter_consistency to iterate recorded path checks and assert type consistency between root and cursor getters at each safe path. Validates getter observable values (null, bool, number, string, array/object length) against recorded expectations. Provides FFI-level byte-path plumbing and typed accessor helpers (root_*, cursor_*_at, root_len, cursor_len_at).
Fuzz harness integration fuzz/fuzz_targets/fuzz_parse_lazy.rs (56–63)	Integrates path tracking into fuzz_one: initializes path and path_checks, calls refactored cursor_to_value with path-aware parameters, asserts at least root-level recording, and invokes verification to cross-check getter consistency.
Test suite and fixtures fuzz/fuzz_targets/fuzz_parse_lazy.rs (704–787), fuzz/corpus/fuzz_parse_lazy/path_safe_getters.json	Adds test module validating path safety rules, segment formatting, value-to-summary mapping, raw key preservation (including escapes and newlines), field-lookup key conditions, and deterministic replay inputs exercising path-safe and ambiguous keys. Includes path_safe_getters.json fixture with diverse body structure and path-safe keys.
Documentation update CONTRIBUTING.md (179–189)	Expands fuzz_parse_lazy target description to explicitly document Phase 2 semantic replay, ordered object_entry_at and varied-order cursor field/index lookups, root-vs-cursor getter consistency for path-safe paths, f64 number normalization, and boundaries for duplicate and path-like key handling.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related issues

• #73: Phase 2 path-aware cursor walker and semantic replay implementation directly addresses the path-safe getter, varied-order sibling lookup, raw key scanning, and number handling objectives described in this issue.
• #138: Phase 2 semantic replay with path-aware traversal, object entry replay, and duplicate-key handling directly implement the goals and code-area changes proposed in this issue.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/issue-138-lazy-fuzz

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}