Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add a note about OSS Fuzz to the testing document. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
f464b0a21998c676d53c0c071160c601 |
User & Date: | drh 2017-01-06 17:28:27.457 |
Context
2017-01-14
| ||
14:31 | Update the download message for prerelease snapshots. Fix a typo in the 2017 dates of the chronology. (Leaf check-in: c22f7ef4b3 user: drh tags: branch-3.16) | |
2017-01-12
| ||
19:43 | Update the speed and size spreadsheet with the latest measurements from trunk. (check-in: 033eb12bb9 user: drh tags: trunk) | |
2017-01-06
| ||
17:28 | Add a note about OSS Fuzz to the testing document. (check-in: f464b0a219 user: drh tags: trunk) | |
16:49 | Second attempt at changing the date in news.html to 2017-01-06. (check-in: 05efe84bdd user: dan tags: trunk) | |
Changes
Changes to pages/testing.in.
︙ | ︙ | |||
102 103 104 105 106 107 108 | </tcl> <h1>Introduction</h1> <p>The reliability and robustness of SQLite is achieved in part by thorough and careful testing.</p> | | | 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | </tcl> <h1>Introduction</h1> <p>The reliability and robustness of SQLite is achieved in part by thorough and careful testing.</p> <p>As of [version 3.16.2] ([dateof:3.16.2]), the SQLite library consists of approximately <tcl>KB {$stat(coreSLOC)}</tcl> KSLOC of C code. (KSLOC means thousands of "Source Lines Of Code" or, in other words, lines of code excluding blank lines and comments.) By comparison, the project has <tcl> hd_puts "[expr {int($stat(totalSLOC)/$stat(coreSLOC))}] times as much" |
︙ | ︙ | |||
396 397 398 399 400 401 402 403 404 405 406 407 408 409 | Both SQL statements and database files are fuzzed. Billions and billions of mutations have been tried, but AFL's instrumentation has narrowed them down to less than 50,000 test cases that cover all distinct behaviors. Newly discovered test cases are periodically captured and added to the [TCL test suite] where they can be rerun using the "make fuzztest" or "make valgrindfuzz" commands. <h2>Malformed Database Files</h2> <p>There are numerous test cases that verify that SQLite is able to deal with malformed database files. These tests first build a well-formed database file, then add corruption by changing one or more bytes in the file by some means other than SQLite. Then SQLite is used to read the database. | > > > > > > > > > > > > > > > | 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 | Both SQL statements and database files are fuzzed. Billions and billions of mutations have been tried, but AFL's instrumentation has narrowed them down to less than 50,000 test cases that cover all distinct behaviors. Newly discovered test cases are periodically captured and added to the [TCL test suite] where they can be rerun using the "make fuzztest" or "make valgrindfuzz" commands. <tcl>hd_fragment ossfuzz {OSS Fuzz}</tcl> <h3>Google OSS Fuzz</h3> <p>Beginning in 2016, a team of engineers at Google started the [https://github.com/google/oss-fuzz|OSS Fuzz] project. OSS Fuzz uses a AFL-style guided fuzzer running on Google's infrastructure. The Fuzzer automatically downloads the latest check-ins for participating projects, fuzzes them, and sends email to the developers reporting any problems. When a fix is checked in, the fuzzer automatically detects this and emails a confirmation to the developers. <p>SQLite is one of many open-source projects that OSS Fuzz tests. The [https://www.sqlite.org/src/file/test/ossfuzz.c|test/ossfuzz.c] source file in the SQLite repository is SQLite's interface to OSS fuzz. <h2>Malformed Database Files</h2> <p>There are numerous test cases that verify that SQLite is able to deal with malformed database files. These tests first build a well-formed database file, then add corruption by changing one or more bytes in the file by some means other than SQLite. Then SQLite is used to read the database. |
︙ | ︙ |