Find and fix by exhaustion
Find and fix by exhaustion
Posted Dec 26, 2014 1:38 UTC (Fri) by davecb (subscriber, #1574)Parent article: The "too small to fail" memory-allocation rule
For each caller of an allocator, record it's name and address
For each of these, start a standard regression test.
When the allocator is called
- turn on coverage tracking
- return error from the allocator
- run for another 10 instructions or so
- stop and mail the tcov results to the subsystem maintainer.
continue the loop with the next call
For each of these, start a standard regression test.
When the allocator is called
- turn on coverage tracking
- return error from the allocator
- run for another 10 instructions or so
- stop and mail the tcov results to the subsystem maintainer.
continue the loop with the next call
The maintainers then see if their error-handers work.
We used to a variant on this in Solaris, specifically using interposers to catch, report and continue after some #%#^!!! unwise person wrote
if (*p != '\0') instead of if (p != NULL & *p != '\0').
The trick is generalizable, so you can run in can't-fail mode on individual calls until they're all converted to handling failures properly.
It takes lots of calendar time, but not much time per individual maintainer, so it scales.
--dave