Just some excerpts: 2. Test Harnesses 3. Anomaly Testing 3.1. Out-Of-Memory 3.3. Crash Testing 4. Fuzz Testing 4.1. SQL Fuzz 4.1.1. AFL 4.1.2. OSS Fuzz 4.1.4. third-party fuzzers ...
-
-
Prikaži ovu nit
-
4.1.4.third-party fuzzers 4.2.Malformed DB Files 4.3.Boundary Value Tests 5.Regression Testing 6.Automatic Resource Leak Detection 7.Test Coverage 7.6.Mutation testing 8.Dynamic Analysis 8.2.Valgrind 8.4.Mutex Asserts 8.6.Undefined Behavior Checks 10.Checklists 11.Static Analysis
Prikaži ovu nit -
Their fault injection approach is similar to systematic fault injection we use in syzkaller for
#linux kernel: https://lore.kernel.org/patchwork/patch/774420/ … That's the way for testing error paths. Lots of different fuzzers +1 Just one is never enough. Also continuous fuzzing on OSS-Fuzz.Prikaži ovu nit -
Measuring and knowing your test coverage +1 Lots of dynamic analysis +1 (though I am surprised to see Valgrind but not ASAN) Release checklists and tracking +1 (no "our release is all broken, but we did not even know")
Prikaži ovu nit -
Interesting note re static analysis (SA): "SA hasn't been helpful in finding bugs in SQLite. SA has found a few bugs in SQLite, but those are the exceptions. More bugs have been introduced into SQLite while trying to get it to compile without warnings than have been found by SA"
Prikaži ovu nit -
Though, the code base is clean of compiler warnings and _some_ static analysis warnings. Which makes sense.
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
We even used their performance tests to measure impact of compiler-based mitigations in the past. Comprehensive and in a complex enough project.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
SQLite is one of those few software gems you could trust your life with - unless of course your own code stomps over its memory.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.