admin/ast-project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ast-project/part1
T
History
admin fd930e15cb ---
2026-06-24 13:47:14 +02:00
..
bug-reproducers
---
2026-06-24 13:47:14 +02:00
results
---
2026-06-24 13:47:14 +02:00
additional.sql
---
2026-06-24 13:47:14 +02:00
corrupt001.db
---
2026-06-24 13:47:14 +02:00
Dockerfile
---
2026-06-24 13:47:14 +02:00
employee.db
---
2026-06-24 13:47:14 +02:00
entrypoint.sh
---
2026-06-24 13:47:14 +02:00
fuzzer.py
---
2026-06-24 13:47:14 +02:00
manyblobs-512.db
---
2026-06-24 13:47:14 +02:00
mutator_corpus_splicing.py
---
2026-06-24 13:47:14 +02:00
mutator_equivalent_rewrites.py
---
2026-06-24 13:47:14 +02:00
mutator_extra_statements.py
---
2026-06-24 13:47:14 +02:00
mutator_operators.py
---
2026-06-24 13:47:14 +02:00
mutator_values.py
---
2026-06-24 13:47:14 +02:00
mutator.py
---
2026-06-24 13:47:14 +02:00
oracle.py
---
2026-06-24 13:47:14 +02:00
random-json.db
---
2026-06-24 13:47:14 +02:00
README.md
---
2026-06-24 13:47:14 +02:00
Report.pdf
---
2026-06-24 13:47:14 +02:00
requirements.txt
---
2026-06-24 13:47:14 +02:00
rot13.c
---
2026-06-24 13:47:14 +02:00
runner.py
---
2026-06-24 13:47:14 +02:00
sqlite_static_helper.py
---
2026-06-24 13:47:14 +02:00
stats.py
---
2026-06-24 13:47:14 +02:00

README.md

Instructions

Build

docker build -t fuzzer .

Fuzz

docker run -it -v "$(pwd)/bugs:/fuzzer/bugs" fuzzer

Additional Options

Get a shell

docker run -it -v "$(pwd)/bugs:/fuzzer/bugs" --entrypoint bash fuzzer

Flags

Flag Default Description
--seeds /home/test/seeds Directory containing seed .sql files for mutation
--buggy /home/test/sqlite3-src/build/sqlite3 Path to the buggy SQLite binary being tested
--reference /usr/bin/sqlite3 Path to the reference SQLite binary for comparison
--count 10000 Number of queries to generate and execute
--mutate-timeout 0.5 Per-mutation timeout in seconds (prevents hanging mutations)
--max-query-length 100000 Hard character limit for generated queries (longer queries reset to seed)
--workers multiprocessing.cpu_count() Number of parallel check() worker threads
--validate-seeds False Run upfront validation pass on all seeds before fuzzing
--run-baseline False Run seeds without mutation (baseline coverage measurement)

Customize the fuzzer, e.g.

test-db --validate-seeds --count 5000 --mutate-timeout 0.1 --max-query-length 100000
Reference in New Issue View Git Blame Copy Permalink