Fuzzy Elephants with LLVM
Gregory Stark (email@example.com)
Greg Stark has been a Postgres developer since 2006.
No video of the event yet, sorry!
Using a computer to automate generating obscure test cases no human would have imagined allows us to test code that has gone untested for a long time. This technique, called fuzzing, is especially hot in the security security community where it has uncovered many of the major 0-day vulnerabilities that have received wide attention. Postgres has at least two efforts underway to apply this technique, this talk discusses one which applies largely to functions. It uses the LLVM coverage instrumentation to guide selecting and generating new test cases to maximize code coverage of the test corpus. Functions that warrant testing include both internal functions such as regexp_matches() and to_timestamp() as well as functions provided by extensions such as contrib modules or PostGIS. Some of these functions implement basic SQL functionality such as LIKE or even "=" for complex data types. If you're implementing your own extension functions such as bindings to external libraries or using a PL language such a pl/Python you may be interested to applying this tool to test your own code as well.
- 2017 March 29 10:40
- 50 min
- Liberty I
- PGConf US 2017