From: beebe@math.utah.edu (Nelson H. F. Beebe)
Subject: [TUHS] Bugs in V6 'dcheck'
Date: Tue, 3 Jun 2014 10:38:21 -0600 (MDT) [thread overview]
Message-ID: <CMM.0.95.0.1401813501.beebe@psi.math.utah.edu> (raw)
In-Reply-To: <201405312324.s4VNOvFV028181@stowe.cs.dartmouth.edu>
Doug McIlroy <doug at cs.dartmouth.edu> wrote on Sat, 31 May 2014
19:24:57 -0400:
>> ...
>> In an idle moment one day, Dennis fed a huge line of input to most
>> everything in /bin. To the surprise of nobody, including Dennis, lots
>> of programs crashed. We WERE surprised a few years later, when a
>> journal published this fact as a research result. Does anybody
>> remember who published that deep new insight and/or where?
>> ...
I suspect that two relevant papers that Doug is recalling are these (I
routinely use their fuzz-test code on my own software):
@String{j-CACM = "Communications of the ACM"}
@Article{Miller:1990:ESR,
author = "Barton P. Miller and Lars Fredriksen and Bryan So",
title = "An empirical study of the reliability of {UNIX}
utilities",
journal = j-CACM,
volume = "33",
number = "12",
pages = "32--44",
month = dec,
year = "1990",
CODEN = "CACMA2",
ISSN = "0001-0782 (print), 1557-7317 (electronic)",
ISSN-L = "0001-0782",
bibdate = "Wed Sep 25 09:24:48 2002",
bibsource = "ftp://ftp.ira.uka.de/pub/bibliography/Misc/IMMD_IV.bib;
http://www.acm.org/pubs/toc/;
http://www.math.utah.edu/pub/tex/bib/cacm1990.bib",
note = "This is a fascinating paper on what happens when
random input streams are fed into important UNIX
utilities on several commercial UNIX systems. In some
cases, the tests were able to crash the entire
operating system. In 1995, a (sadly, unpublished)
followup study showed that many of the failures
diagnosed in 1990 still had not been repaired in the
commercial systems, and that the GNU implementations
were generally more robust. Both 1990 and 1995 papers,
and the fuzz-generating software, are available at the
authors' FTP site at
\path|ftp://grilled.cs.wisc.edu/technical_papers/fuzz.ps|
and
\path|ftp://grilled.cs.wisc.edu/technical_papers/fuzz-revisited.ps|.",
URL = "ftp://grilled.cs.wisc.edu/technical_papers/fuzz-revisited.ps;
ftp://grilled.cs.wisc.edu/technical_papers/fuzz.ps;
http://www.acm.org/pubs/toc/Abstracts/0001-0782/96279.html",
acknowledgement = ack-nhfb,
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J79",
keywords = "design; reliability; security",
note2 = "[25-Sep-2002]: The fuzz software archive has been
moved to
\path|ftp://ftp.cs.wisc.edu/pub/paradyn/fuzz/|, and the
technical reports to
\path|ftp://ftp.cs.wisc.edu/pub/paradyn/technical_papers/fuzz*|.",
subject = "{\bf D.4.5}: Software, OPERATING SYSTEMS, Reliability.
{\bf D.4.0}: Software, OPERATING SYSTEMS, General,
UNIX. {\bf D.4.9}: Software, OPERATING SYSTEMS, Systems
Programs and Utilities. {\bf D.2.5}: Software, SOFTWARE
ENGINEERING, Testing and Debugging.",
}
@String{j-OPER-SYS-REV = "Operating Systems Review"}
@Article{Miller:2007:ESR,
author = "Barton P. Miller and Gregory Cooksey and Fredrick
Moore",
title = "An empirical study of the robustness of {MacOS}
applications using random testing",
journal = j-OPER-SYS-REV,
volume = "41",
number = "1",
pages = "78--86",
month = jan,
year = "2007",
CODEN = "OSRED8",
DOI = "http://doi.acm.org/10.1145/1228291.1228308",
ISSN = "0163-5980 (print), 1943-586X (electronic)",
ISSN-L = "0163-5980",
bibdate = "Fri Jun 20 17:15:27 MDT 2008",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/opersysrev.bib",
abstract = "We report on the fourth in a series of studies on the
reliability of application programs in the face of
random input. Over the previous 15 years, we have
studied the reliability of UNIX command line and
X-Window based (GUI) applications and Windows
applications. In this study, we apply our fuzz testing
techniques to applications running on the Mac OS X
operating system. We continue to use a simple, or even
simplistic technique: unstructured black-box random
testing, considering a failure to be a crash or hang.
As in the previous three studies, the technique is
crude but seems to be effective in locating bugs in
real programs. We tested the reliability of 135
command-line UNIX utilities and thirty graphical
applications on Mac OS X by feeding random input to
each. We report on application failures --- crashes
(dumps core) or hangs (loops indefinitely) --- and, where
source code is available, we identify the causes of
these failures and categorize them. Our testing crashed
only 7\% of the command-line utilities, a considerably
lower rate of failure than observed in almost all cases
of previous studies. We found the GUI-based
applications to be less reliable: of the thirty that we
tested, only eight did not crash or hang. Twenty others
crashed, and two hung. These GUI results were
noticeably worse than either of the previous Windows
(Win32) or UNIX (X-Windows) studies.",
acknowledgement = ack-nhfb,
fjournal = "ACM SIGOPS Operating Systems Review",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J597",
keywords = "fuzz; random testing",
}
-------------------------------------------------------------------------------
- Nelson H. F. Beebe Tel: +1 801 581 5254 -
- University of Utah FAX: +1 801 581 4148 -
- Department of Mathematics, 110 LCB Internet e-mail: beebe at math.utah.edu -
- 155 S 1400 E RM 233 beebe at acm.org beebe at computer.org -
- Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe/ -
-------------------------------------------------------------------------------
next prev parent reply other threads:[~2014-06-03 16:38 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-31 23:24 Doug McIlroy
2014-06-01 0:17 ` Kevin Schoedel
2014-06-01 22:54 ` scj
2014-06-01 23:48 ` A. P. Garcia
2014-06-02 1:11 ` Ronald Natalie
2014-06-02 2:10 ` A. P. Garcia
2014-06-03 16:38 ` Nelson H. F. Beebe [this message]
-- strict thread matches above, loose matches on Subject: below --
2014-06-03 17:33 Nelson H. F. Beebe
2014-06-02 3:34 Noel Chiappa
2014-06-02 4:05 ` Mary Ann Horton
2014-06-02 6:12 ` arnold
2014-06-03 12:11 ` emanuel stiebler
2014-06-02 3:18 Noel Chiappa
2014-06-02 2:14 Michael Spacefalcon
2014-06-02 2:51 ` John Cowan
2014-05-31 15:55 Noel Chiappa
2014-05-31 16:18 ` Ron Natalie
2014-05-31 14:19 Noel Chiappa
2014-05-31 13:30 Norman Wilson
2014-05-31 16:03 ` John Cowan
[not found] ` <20140531161620.GL28034@mcvoy.com>
2014-05-31 17:16 ` John Cowan
2014-05-31 13:15 Noel Chiappa
2014-05-31 13:23 ` Ronald Natalie
2014-05-31 18:58 ` Tim Newsham
2014-05-31 19:48 ` Clem Cole
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CMM.0.95.0.1401813501.beebe@psi.math.utah.edu \
--to=beebe@math.utah.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).