[racket-dev] fuzz testing the bytecode reader
I hope it doesn't delete DrDr's hard drive.
Jay
On Tue, Oct 19, 2010 at 1:51 PM, Carl Eastlund <cce at ccs.neu.edu> wrote:
> Caveat Emptor: be wary of running code designed to produce random,
> unsafe results if the computer you are running it on has any data you
> really care about. Chances of catastrophic failure *should* be low,
> but they may not be, and sometimes lightning does strike anyway.
>
> Carl Eastlund
>
> On Tue, Oct 19, 2010 at 4:42 PM, Sam Tobin-Hochstadt <samth at ccs.neu.edu> wrote:
>> Earlier today, I wrote a simple fuzz tester for bytecode reading and
>> evaluation. The code is attached. It takes an existing zo file, reads
>> it in as bytes, randomly flips some small portion of the bits (0.1%),
>> and then `read's and `eval's the results. This extremely quickly
>> finds segfaults in Racket. Here's a deterministic segfault with git
>> HEAD:
>>
>> [samth at hermes:~/tmp] racket fuzz.rkt -s 1046626898 -f
>> ~/sw/plt/collects/redex/tests/compiled/lw-test-util_rkt.zo
>> DrDr Ignore! random-seed 1046626898
>> name: /home/samth/sw/plt/collects/redex/tests/compiled/lw-test-util_rkt.zo
>> SIGSEGV MAPERR si_code 1 fault on addr 0x616ec898
>> Aborted
>>
>> Here's how to traverse a bunch of files to find a segfault:
>>> racket fuzz.rkt -d ~/sw/plt/collects/redex/
>>
>> I'll be adding this to the tree in the stress tests soon.
>>
>> Thanks to Robby for advice on the code, and to Lars Hansen for the idea.
>> --
>> sam th
>> samth at ccs.neu.edu
> _________________________________________________
> For list-related administrative tasks:
> http://lists.racket-lang.org/listinfo/dev
>
--
Jay McCarthy <jay at cs.byu.edu>
Assistant Professor / Brigham Young University
http://teammccarthy.org/jay
"The glory of God is Intelligence" - D&C 93
![[logo]](/logo.png){kind=logo}