Speaker: Tina Ulbrich, Niel Waldren

Audience level: Intermediate

Fuzzing is an automated testing technique which repeatedly generates input data, feeds it into a program and monitors the resulting behaviour. It is generally associated with improving the robustness and security of software, but it can be useful in other contexts.

Finding the right input data to exercise specific regions of code during regression testing can be difficult. This can lead to excessive and time consuming end-to-end testing. Fuzzing can help identify more targeted inputs providing the same coverage in a fraction of the time.

We will provide

• a brief overview of coverage guided fuzzing using libFuzzer with Clang.
• a demonstration of how fuzzing can be used to generate targeted regression test cases.
• some of the lessons we have learned while getting legacy systems under test.