Things to fuzz?

[darrenldl]

Recently fuzzing effort from another project resulted in discovery of a bug (#338). And following from the discussion, a small fuzzing suite was added (#339).

It seems that further fuzzing (via AFL) could be useful for covering areas that qcheck may not be able to test efficiently.

If anyone has ideas on what to fuzz, please drop them here.

[darrenldl]

One primary target brought up by @c-cube would be CCUtf8_string, which right now only uchar_to_bytes is fuzzed against an alternative implementation.

[c-cube]

I think it would be good to fuzz against uutf, which is very robust. .

[darrenldl]

Actually yeah - does uutf suffice as replacement for CCUtf8_string? Or is CCUtf8_string for better packaging/dependency management

[c-cube]

CCUtf8_string is a basic text abstraction for utf8 encoded strings, with a basic encoder/decoder. The point is that it ships with containers, so no additional dependencies. Uutf is a unicode decoder/encoder that supports a lot more encodings (utf16/utf32 notably) and is well tested, but is a bit more complicated to use imho. So, it makes sense to compare with uutf when checking for correctness of the encoding/decoding :-)

[darrenldl]

Aha, that makes sense.

I will submit another PR soon TM.

[c-cube]

It'd be extra nice to fuzz CCString.Split, which contains a not completely trivial implemenation of KMP.

[darrenldl]

Hm...is there an existing implementation to compare to?

If not then I'm tempted to just write a generator (say interleave string to be used with by and strings which do not contain said string as a substring) and start from there.

[c-cube]

There's already some random tests using qcheck. One can also compare to a reference implementation that does the slow thing (test all substrings of the same length as the pattern).

[darrenldl]

Coolio, I'll do both then.