Fuzzing #127

sharkdp · 2023-07-24T18:03:56Z

~~This is just a reminder how to do fuzzing with the Numbat parser. Not supposed to be merged (right now).~~

Dump save of the corpus found so far: corpus.zip

I was running the fuzzer using

cargo +nightly fuzz run interpreter -- -max_len=400

The max length is to avoid stack overflows for inputs like ((((((((((((((((((((((. This should also be fixed at some point.

Noteable bugs found using fuzzing:

dimension X = Length^(6/(5/(99999999999999999999999999999999999999))), overflow in exponent division, fix in a10832c
0**0⁻⁸ (triggers a panic in an .unwrap(). This had a TODO attached but it wasn't clear to me if this could be triggered), fix in eb47136
Do not allow identifiers/units named _ or ans #130
-true (missing type check for unary operators)

numbat/src/parser.rs

sharkdp commented Jul 24, 2023

View reviewed changes

numbat/src/parser.rs Outdated Show resolved Hide resolved

sharkdp force-pushed the fuzzing branch 4 times, most recently from 5253ce2 to 7e14a0f Compare July 25, 2023 19:33

sharkdp force-pushed the master branch from 276a67a to e33f85d Compare July 25, 2023 19:34

sharkdp force-pushed the fuzzing branch 2 times, most recently from d083c50 to b6119d6 Compare July 25, 2023 19:38

sharkdp force-pushed the fuzzing branch from b6119d6 to ca2b470 Compare September 11, 2023 21:26

Add fuzzing target

4039873

sharkdp force-pushed the fuzzing branch from ca2b470 to 4039873 Compare September 11, 2023 21:30

sharkdp changed the title ~~Fuzzing [do not merge]~~ Fuzzing Sep 11, 2023

sharkdp merged commit a3b9f75 into master Sep 11, 2023
1 check passed

sharkdp deleted the fuzzing branch September 11, 2023 21:32

Provide feedback