Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FasterGrammarFuzzer should store deep copy of result from expansion_to_children #130

Closed
CuriousGeorgiy opened this issue May 8, 2022 · 0 comments · Fixed by #131
Closed

Comments

@CuriousGeorgiy
Copy link
Contributor

Describe the bug
Consider the following snippet:

result = super().expansion_to_children(expansion)
self._expansion_cache[expansion] = result
return result

Instead of storing a deep copy of the result, a reference to result is stored which interferes with the in-place modification of the derivation tree: this can potentially lead to infinite recursion (which is pretty easily reproducible)

To Reproduce
Steps to reproduce the behavior:

  1. Run this snippet:
for i in range(1000):
    f = FasterGrammarFuzzer(EXPR_GRAMMAR, min_nonterminals=3, max_nonterminals=4)
    print(f.fuzz())
  1. Observe the snippet hang.

Expected behavior
The snippet does not hang.

Screenshots
Screen Shot 2022-05-08 at 11 44 43

Desktop (please complete the following information):

  • OS: macOS
  • Browser: safari
  • Python version: 3.8
CuriousGeorgiy added a commit to CuriousGeorgiy/fuzzingbook that referenced this issue May 8, 2022
…se#130)

Instead of storing a deep copy of `super.expansion_to_children` result in
cache, a reference to `result` is stored which interferes with the
in-place modification of the derivation tree: this can potentially lead to
infinite recursion: store deep copy of result.

Closes uds-se#130
CuriousGeorgiy added a commit to CuriousGeorgiy/fuzzingbook that referenced this issue May 9, 2022
…se#130)

Instead of storing a deep copy of `super.expansion_to_children` result in
cache, a reference to `result` is stored which interferes with the
in-place modification of the derivation tree: this can potentially lead to
infinite recursion: store deep copy of result.

Closes uds-se#130
andreas-zeller added a commit that referenced this issue May 18, 2022
…r-deepcopy-of-expansion-to-children

FasterGrammarFuzzer: store deep copy of `expansion_to_children` (#130)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant