[webkit-dev] Fuzzinator, a mutation based web fuzzer
pdr at google.com
Tue Jun 25 13:14:13 PDT 2013
+1 to fuzzing!
If this could be setup as a continuously running bot, we could remove
several fuzzer Layouttests which unnecessarily stress the testing
On Tue, Jun 25, 2013 at 12:48 PM, Benjamin Poulain <benjamin at webkit.org>wrote:
> On Tue, Jun 25, 2013 at 1:56 AM, Renáta Hodován <hodovan at inf.u-szeged.hu>wrote:
>> as many of you know already I'm working on an universal web fuzzer, which
>> is able to generate random test cases for both svg, html, css and js, and
>> test them against any browser. With this method we can catch crashes,
>> assertions, memory corruptions and all the funny things.
>> A few words about it: Fuzzinator learns from existing test cases and
>> based on this information it generates new tests that are syntactically
>> correct. Beside this randomized step I also put some language specific
>> knowledge into the tests too. Further details about the theoretical
>> background will be shared in a blogpost soon.
>> However the results are available in public already and they are
>> collected under a metabug in bugzilla:
>> https://bugs.webkit.org/show_bug.cgi?id=116980. So should any of you
>> feel like browsing or fixing them, don't hesitate to start with it ;)
> First, I would like to say welcome to our new fuzzing overlords. :)
> What is your plan for the tool itself? Is it opensource? Will it be added
> to webkit.org?
> Experience shows our tools are the most useful when they are completely
> automated behind maintained bots doing most of the jobs. Do you have any
> long term plans like that?
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the webkit-dev