Beyond blind stress
Plain stress testing leaves interleavings to luck. A concurrency fuzzer actively perturbs the schedule by inserting preemptions and delays at chosen points.
How a schedule fuzzer works
The fuzzer treats scheduling choices as inputs to mutate:
- it picks points to pause a thread and let others run
- it favors interleavings near recently changed code or shared accesses
- coverage feedback steers it toward unexplored orderings
By mutating where context switches happen, it reaches rare schedules far faster than random timing.
Bounded search ideas
Some fuzzers limit how many preemptions a single run uses, because many real bugs surface with only a few well placed context switches. This small preemption heuristic finds bugs without exploring every ordering.
Key idea
A concurrency fuzzer mutates scheduling decisions rather than data, using coverage and a small preemption bound to steer toward the interleavings most likely to break the code.