[webkit-dev] Fuzzinator, a mutation based web fuzzer

[Philip Rogers]

+1 to fuzzing!

If this could be setup as a continuously running bot, we could remove
several fuzzer Layouttests which unnecessarily stress the testing
infrastructure.

Philip


On Tue, Jun 25, 2013 at 12:48 PM, Benjamin Poulain <benjamin at webkit.org>wrote:

> On Tue, Jun 25, 2013 at 1:56 AM, Renáta Hodován <hodovan at inf.u-szeged.hu>wrote:
>
>> as many of you know already I'm working on an universal web fuzzer, which
>> is able to generate random test cases for both svg, html, css and js, and
>> test them against any browser. With this method we can catch crashes,
>> assertions, memory corruptions and all the funny things.
>>
>> A few words about it: Fuzzinator learns from existing test cases and
>> based on this information it generates new tests that are syntactically
>> correct. Beside this randomized step I also put some language specific
>> knowledge into the tests too. Further details about the theoretical
>> background will be shared in a blogpost soon.
>>
>> However the results are available in public already and they are
>> collected under a metabug in bugzilla:
>> https://bugs.webkit.org/show_bug.cgi?id=116980. So should any of you
>> feel like browsing or fixing them, don't hesitate to start with it ;)
>>
>
> First, I would like to say welcome to our new fuzzing overlords. :)
>
> What is your plan for the tool itself? Is it opensource? Will it be added
> to webkit.org?
> Experience shows our tools are the most useful when they are completely
> automated behind maintained bots doing most of the jobs. Do you have any
> long term plans like that?
>
> Benjamin
>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> https://lists.webkit.org/mailman/listinfo/webkit-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20130625/4f8fb9d0/attachment.html>