tests: internal: fuzzers: avoid destroying active input fuzzer tasks

[edsiper]

Fix the input fuzzer teardown path so it does not force-destroy tasks or chunks that are still owned by the engine.

The OSS-Fuzz crash was caused by the harness destroying active tasks while output completion events were still pending. That cleared the task map entry, and the engine later dereferenced the missing task from handle_output_event().

This keeps the forced cleanup limited to idle test tasks with no users, retries, or routes, and skips chunks still attached to a task.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Tests
  • Conditional failure simulation now only enabled in the OSS-Fuzz test build.
  • Added allocation and validation for an additional fuzz-derived input buffer.
  • Safer cleanup: skip destroying tasks or chunks that are still in use or referenced.
  • Ensure the fuzz entry point returns a defined success value after teardown.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6332c08f-4b6e-4fca-94ac-2bcde9dd0c3b

📥 Commits

Reviewing files that changed from the base of the PR and between b11e8a0 and c175746.

📒 Files selected for processing (1)

• tests/internal/fuzzers/input_fuzzer.c

---

📝 Walkthrough

Walkthrough

Input fuzzer malloc-failure injection is limited to OSS-Fuzz builds; a third fuzz-derived input buffer is allocated with null-checks; cleanup skips destroying in-use tasks/chunks; the function returns 0 after stopping and destroying the Fluent Bit context.

Changes

Input fuzzer stability improvements

Layer / File(s)	Summary
OSS-Fuzz initialization and input setup tests/internal/fuzzers/input_fuzzer.c	Conditional #ifdef FLB_HAVE_TESTS_OSSFUZZ wraps malloc-failure injection so it runs only in OSS-Fuzz builds. Adds creation and null-check for a third fuzz-derived buffer via get_null_terminated(...), freeing prior buffers on failure.
Safe cleanup and completion tests/internal/fuzzers/input_fuzzer.c	Cleanup loops skip destroying tasks with nonzero users or pending retries/routes, and skip destroying input chunks still attached to a task (ic->task != NULL). Adds explicit return 0; after flb_stop(ctx) and flb_destroy(ctx).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• cosmo0920

Poem

🐰 A tiny fuzzer hops with care,
buffers three set in gentle air.
OSS-Fuzz checks the malloc gate,
cleanup spares the linked and late.
At end I whisper: "return zero" — all is fair.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: avoiding destruction of active tasks in the input fuzzer, which matches the core fix described in the PR objectives.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch output-event-null-task-472177582

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/internal/fuzzers/input_fuzzer.c`:
- Around line 75-77: When checking the result of the third allocation
(input_buffer3 == NULL) you must free previously allocated buffers to avoid
leaks; update the error path that currently returns 0 to call
free(input_buffer1) and free(input_buffer2) (matching the pattern used in the
other allocation-failure blocks) before returning, ensuring all three buffers
are freed on any allocation failure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 69ffd30a-da59-4a57-9633-c769a56d89dd

📥 Commits

Reviewing files that changed from the base of the PR and between f6126eb and b11e8a0.

📒 Files selected for processing (1)

• tests/internal/fuzzers/input_fuzzer.c