{"id":15023218,"url":"https://github.com/blaind/bevy_fuzz","last_synced_at":"2025-10-26T16:30:58.354Z","repository":{"id":41047739,"uuid":"450261842","full_name":"blaind/bevy_fuzz","owner":"blaind","description":"Experimental high-performance fuzz-testing for bevy systems, emulating user UI interaction","archived":false,"fork":false,"pushed_at":"2023-03-06T20:23:03.000Z","size":66,"stargazers_count":4,"open_issues_count":2,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-31T21:34:25.777Z","etag":null,"topics":["bevy","fuzzing","rust","testing"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/blaind.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-01-20T21:22:08.000Z","updated_at":"2024-01-10T13:09:30.000Z","dependencies_parsed_at":"2022-09-20T21:12:48.223Z","dependency_job_id":null,"html_url":"https://github.com/blaind/bevy_fuzz","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blaind%2Fbevy_fuzz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blaind%2Fbevy_fuzz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blaind%2Fbevy_fuzz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blaind%2Fbevy_fuzz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/blaind","download_url":"https://codeload.github.com/blaind/bevy_fuzz/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238366809,"owners_count":19460189,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bevy","fuzzing","rust","testing"],"created_at":"2024-09-24T19:58:50.874Z","updated_at":"2025-10-26T16:30:58.049Z","avatar_url":"https://github.com/blaind.png","language":"Rust","readme":"# bevy_fuzz \u0026emsp; [![Build Status]][actions] [![Latest Version]][crates.io] [![Docs Version]][docs]\n\n[build status]: https://img.shields.io/github/workflow/status/blaind/bevy_fuzz/test\n[actions]: https://github.com/blaind/bevy_fuzz/actions?query=branch%3Amain\n[latest version]: https://img.shields.io/crates/v/bevy_fuzz.svg\n[crates.io]: https://crates.io/crates/bevy_fuzz\n[docs version]: https://docs.rs/bevy_fuzz/badge.svg\n[docs]: https://docs.rs/bevy_fuzz\n\nExperimental high-performance code coverage-based fuzz-testing for bevy systems, emulating user UI interaction. This plugin works by constructing and sending random input events to the application\n\nThe purpose is to find combinations of user interactions that produce crashes. The package uses\n[cargo-fuzz](https://github.com/rust-fuzz/cargo-fuzz) as a Rust frontend, which itself uses\n[libFuzzer](https://llvm.org/docs/LibFuzzer.html) to run the fuzzing.\n\nThe fuzzing is smart in a sense, that it tries to find inputs that cover as much code space as possible. Currently captured/fuzzed inputs:\n\n- bevy_input / mouse / MouseButtonInput\n- bevy_input / mouse / MouseWheel\n- bevy_input / mouse / MouseMotion\n- bevy_input / keyboard / KeyboardInput\n- bevy_window / CursorMoved\n- bevy_window / WindowResized\n\n### Warnings / Please note\n\n- The produced binary files are not currently compatible between various bevy_fuzz (and bevy) versions\n- Only built-in `CoreStage`'s are run currently. Subapps (and render graph) are ignored\n- Public API (e.g. function \u0026 struct names) will most probably change in the future\n- This is still a \"tech preview\", and feasibility of UI fuzzing for actually finding bugs remains to be seen\n- Currently tested only on Linux\n\n## Quick start\n\n### Running an integrated example\n\nInstall the required tooling (`cargo-fuzz`)\n\n    cargo install cargo-fuzz\n\nClone the repository and go to sample directory\n\n    git clone https://github.com/blaind/bevy_fuzz.git\n    cd bevy_fuzz/examples/fuzzed_bevy_app\n\nRun the app in a input-recording mode. It will show a grey window, try pressing various keys, including key A. You should see the output of key A in the console.\n\n    cargo run --features fuzz -- record\n\nThis will produce a file called `input-recording.bin`. Optional: you can view the recording by:\n\n    cargo run --features fuzz -- view input-recording.bin\n\nCopy the file to fuzzing corpus directory:\n\n    mkdir -p fuzz/corpus/fuzz_target_1/\n    cp input-recording.bin fuzz/corpus/fuzz_target_1/\n\nRun the fuzzer. For now, the `-s none` (sanitizer = none) is an important build toggle. This will recompile the app using LLVM instructions. The fuzzing -compilation is slower than standard compilation.\n\n    cargo fuzz run -s none fuzz_target_1 -- -detect_leaks=0 -rss_limit_mb=8192\n\nEventually, this should crash as the fuzzer finds a keypress Z (which intentionally panics). The output should be similar to:\n\n    WARNING: Failed to find function \"__sanitizer_acquire_crash_state\".\n    WARNING: Failed to find function \"__sanitizer_print_stack_trace\".\n    WARNING: Failed to find function \"__sanitizer_set_death_callback\".\n    INFO: Running with entropic power schedule (0xFF, 100).\n    INFO: Seed: 1184633377\n    INFO: Loaded 1 modules   (979081 inline 8-bit counters): 979081 [0x55a818b8d889, 0x55a818c7c912),\n    INFO: Loaded 1 PC tables (979081 PCs): 979081 [0x55a818c7c918,0x55a819b6d1a8),\n    INFO:      848 files found in bevy_fuzz/examples/fuzzed_bevy_app/fuzz/corpus/fuzz_target_1\n    INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes\n    INFO: seed corpus: files: 848 min: 32b max: 1346b total: 815506b rss: 68Mb\n    #256\tpulse  cov: 3603 ft: 9014 corp: 216/89Kb exec/s: 128 rss: 74Mb\n    'A' currently pressed\n    'A' just pressed\n    (presses repeated)\n    thread '\u003cunnamed\u003e' panicked at ''Z' pressed - causes panic!', bevy_fuzz/examples/fuzzed_bevy_app/src/lib.rs:48:9\n    note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace\n    ==3696259== ERROR: libFuzzer: deadly signal\n    NOTE: libFuzzer has rudimentary signal handlers.\n        Combine libFuzzer with AddressSanitizer or similar for better crash reports.\n    SUMMARY: libFuzzer: deadly signal\n    MS: 0 ; base unit: 0000000000000000000000000000000000000000\n\nOutput will also print the binary sequence that caused the crash. You can rerun the crashing artifact again either with\n\nA. the provided main-wrapper (faster, preferred)\n\n    cargo run --features fuzz apply fuzz/artifacts/fuzz_target_1/crash-[filename]\n\nB. cargo fuzz (slower)\n\n    cargo fuzz run --sanitizer=none fuzz_target_1 fuzz/artifacts/fuzz_target_1/crash-[filename]\n\n**NOTE! If the above commands do not reproduce the crash, the run is not deterministic**. This is\ncurrently hard to debug, please file an issue. One cause can be that you have `.insert_resource`'s\nin your `Plugin` builder `fn build(\u0026self, app: \u0026mut App)`. These resources can not be reset\nfor each run currently - you should move them to a startup system.\n\nOften it's also good to try to minimize the crash\n\n    cargo fuzz tmin --sanitizer=none fuzz_target_1 fuzz/artifacts/fuzz_target_1/crash-[filename]\n\n### Integrating to own app\n\nInstructions coming. For now, see the [examples/fuzzed_bevy_app](examples/fuzzed_bevy_app) example.\n\n## Other resources\n\nhttps://rust-fuzz.github.io/book/introduction.html\n\n## License\n\nLicensed under either of\n\n- \u003ca href=\"LICENSE-APACHE\"\u003eApache License, Version 2.0\u003c/a\u003e or\n- \u003ca href=\"LICENSE-MIT\"\u003eMIT license\u003c/a\u003e\n\nat your option.\n\n### Contribution\n\nUnless you explicitly state otherwise, any contribution intentionally submitted\nfor inclusion in the software by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblaind%2Fbevy_fuzz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblaind%2Fbevy_fuzz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblaind%2Fbevy_fuzz/lists"}