New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: re-introduce fuzzers #28930
base: master
Are you sure you want to change the base?
test: re-introduce fuzzers #28930
Conversation
Signed-off-by: David Korczynski <david@adalogics.com>
[REVIEW NOTIFICATION] This pull request has not been approved. To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
Welcome @DavidKorczynski! |
@DavidKorczynski thanks for your contribution! Can you elaborate a bit how this files work? Also please check the CI failure. I can see that these functions won't be referred from within the project. |
The goal is to re-enable what was committed here: #17250 The files are used by oss-fuzz (https://github.com/google/oss-fuzz) to continuously fuzz tidb and report any issues. Naturally, it would be great to have more fuzzers developed such that there is more code coverage. |
@DavidKorczynski thanks for your explanation. May you add a comment for those methods so that we don't remove them in accident (as they're unused within the project) again? Also I'd like to know how google/oss-fuzz works and how TiDB gains from this change explicitly. |
i know this is basically reverting #28085, but it looks very strange that
imo
|
This can be nice to have but not prevent this PR to merge. My concern is still what we gain from this change? Where does the fuzz run? I remove it because it seems like unused/dead code. |
The fuzzers are being run by the OSS-Fuzz service which is a service run by Google. This means the fuzzers run on a continuous basis (every day) in order to see if any bugs have been introduced or similar. The OSS-Fuzz set up for TiDB is here: https://github.com/google/oss-fuzz/tree/master/projects/tidb and you can see the list of maintainers receiving bug reports here: https://github.com/google/oss-fuzz/blob/master/projects/tidb/project.yaml under the The benefit from TiDB's perspective is that bugs will be found and reported. The goal is really to then develop more fuzzers such that more code of TiDB can be analysed. |
/cc @zhouqiang-cl |
@shuke987 PTAL |
I would love to see oss-fuzz support in TiDB.
PS: copied from crdb, haven't tested. |
@AdamKorcz knows a lot more about how to structure Go fuzzers as he has done this for a ton of projects. Will just CC him as he is also the one who integrated TiDB into OSS-Fuzz in the first place |
Just to clarify: TiDB is in fact integrated already as per #17250 However, the fuzzers were removed and thus the OSS-Fuzz set up is currently not working (since it is not able to compile the fuzzers that no longer exist). As such, if we re-enable the three fuzzers then OSS-Fuzz will start running them and we can continue with building up a more mature fuzzing set up of TiDB |
yes the |
Signed-off-by: David Korczynski <david@adalogics.com>
Fixed! |
Can this be merged soon so OSS-fuzz can continue to run TIDB's fuzzers? |
Signed-off-by: David Korczynski david@adalogics.com
This reintroduces the fuzzers as they were removed in #28085 and broke the OSS-Fuzz build. I added them with proper license headers now.
CC @AdamKorcz
What problem does this PR solve?
Issue Number: close #xxx
Problem Summary:
What is changed and how it works?
Proposal: xxx
What's Changed:
How it Works:
Check List
Tests
Side effects
Documentation
Release note