FirefoxSummit/2006/ProposedSessions/FuzzTesting
From MozillaWiki
Session Title
Fuzz-testing Gecko
Session Leader
Jesse Ruderman
Summary
Fuzz testing is the art of creating "random" but interesting input to a program. For example, someone wanting to test an HTML parser might feed it thousands of horribly invalid HTML files. But someone testing code that displays SVG would want to use well-formed XML, only using SVG tags and attributes in random combinations and sometimes in invalid ways.
Hundreds of bugs have been fixed as a result of fuzz-testing components of Gecko over the last 15 months. Many of these were bogus assertion failures or obscure hangs, but some were security holes.
Agenda
- How the Gecko fuzzers work
- The state of Gecko (with respect to fuzzing)
- Strategies for creating new fuzzers that are effective at finding bugs and facilitate creating reduced testcases after finding bugs
- What Gecko features, components, and APIs haven't been fuzz-tested and should be?
Interested Attendees
Please add your name here if you're likely to attend this session, this will help prioritize sessions and minimize conflicts
- Jeff Walden
- Gavin
- tor
- David Baron
- Zach Lipton
- Christopher Aillon
- rbs
- Steven Michaud
- Olli Pettay
- Jonas Sicking
- chofmann
- Roc
- ispiked
- Ryan Flint
- Martijn Wargers
- robcee
- Crowder
- Zak Greant
- Noam Rathaus