Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MISC] initial Genesis Fuzz Support fuzz_target.py #202

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

Shivam7-1
Copy link

Introducing foundational fuzzing support for Genesis to help identify and resolve potential issues.

Once merged, I will submit a pull request to the OSS-Fuzz repo to enable fuzzing for this library on Google infrastructure. Any identified bugs will be reported to the Genesis maintainers.

Kindly review the OSS-Fuzz documentation and Bug Disclosure Guidelines before proceeding with the merge.

Thanks

@Shivam7-1
Copy link
Author

Hii @YilingQiao Could Team Review This PR as well as can I get maintainer list so I can Add them who get notified above Alerts

Thanks

@YilingQiao
Copy link
Collaborator

Hi Shivam,

Thank you for your PR. I’m not sure if we need this workflow at the moment. Are there other similar repositories using it? Our current priority is to address some urgent bugs. Let me discuss this with others and get back to you. Thank you so much for your time!

@Shivam7-1
Copy link
Author

Shivam7-1 commented Dec 22, 2024

Hii @YilingQiao
Okay Thanks For Response
Yes You can discuss and let me know also I had created Above Fuzz Target py file also
Ultimately it will Improves the System and Get Alerts as you will Review Documentation of it
Here are list of Project which is aling with ossfuzz https://github.com/google/oss-fuzz/tree/master/projects
Thanks again

@Shivam7-1
Copy link
Author

Shivam7-1 commented Dec 23, 2024

Introducing foundational fuzzing support for Genesis to help identify and resolve potential issues.

Once merged, I will submit a pull request to the OSS-Fuzz repo to enable fuzzing for this library on Google infrastructure. Any identified bugs will be reported to the Genesis maintainers.

Kindly review the OSS-Fuzz documentation and Bug Disclosure Guidelines before proceeding with the merge.

Thanks

Hii @YilingQiao @zhouxian Can I Proceed with this? If yes Could Team please Merge This PR to this Repo
Thanks

@ziyanx02 ziyanx02 changed the title initial Genesis Fuzz Support fuzz_target.py [MISC] initial Genesis Fuzz Support fuzz_target.py Dec 27, 2024
@Shivam7-1
Copy link
Author

Reminder
Hii @ziyanx02 @YilingQiao @zhouxian Can I Proceed with this? If yes Could Team please Merge This PR to this Repo
So then I will make PR in ossfuzz to integrate Project
Thanks

@YilingQiao
Copy link
Collaborator

Hi, @Shivam7-1 , can you elaborate further on why this is needed and why it is not yet a common practice for similar repositories (such as MuJoCo and Bullet3)? We are not entirely sure about the pros and cons of this additional workflow.

@Shivam7-1
Copy link
Author

Shivam7-1 commented Dec 29, 2024

Hii @YilingQiao @Kashu7100 @ziyanx02
Thanks For Response
The initial fuzz integration file is useful to ensure that we can identify potential issues early in the development process

  1. Automated Testing and Early Bug Detection:
    Fuzz testing automatically generates random, invalid, or unexpected inputs to test the system’s resilience. By integrating fuzzing into the project early, we can identify edge cases, vulnerabilities, and crashes that might otherwise be missed during manual testing. This significantly enhances the robustness of the system.

  2. Improving Code Quality:
    Fuzz testing helps detect flaws that could lead to security vulnerabilities, performance bottlenecks, or unexpected behavior. Integrating this into the Genesis project from the outset allows us to maintain high-quality, stable, and secure code as we move forward.

  3. Efficiency:
    Implementing fuzz testing early in the process can save both time and resources. Catching issues early in the development lifecycle helps avoid the higher costs of fixing bugs later in the process, especially when the system is more complex and harder to change.

For similiar Repo I am unaware about this but I think this would be better here to use or any project
Further you can also look into this OSS-Fuzz documentation and Bug Disclosure Guidelines

@Kashu7100
Copy link
Collaborator

Kashu7100 commented Jan 2, 2025

The PR code seems not providing valuable check at this moment to me. I don't see any benefit of including this at this point.

@Shivam7-1
Copy link
Author

Hii @Kashu7100 Thanks For Reviewing
What things Could make this more better check and can be added?

@Kashu7100
Copy link
Collaborator

First of all, what do you want to check with fuzzing (in your PR for example)? The purpose or intention is very unclear, which makes unlikely to be merged.
Second, we currently have the automated workflow for basic check. You haven't provided any merit of using this fuzzer over the current workflow that we have. Also you didn't give clear reason why similar projects such as MuJoCo and Bullet3 are not adapting your suggested workflow (I guess there's no need for fuzzing).

If you still want to convince us, could you update your PR to include the code that you think is actually beneficial for Genesis debugging?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants