Fuzz testing in Chrome OS

Fuzzing is a testing technique that feeds auto-generated inputs to a piece of target code in an attempt to crash the code. It's one of the most effective methods we have for finding security and non-security bugs (also see go/fuzzing-success). This guide introduces Chrome OS developers to fuzz testing.

You can learn more about the benefits of fuzzing at go/why-fuzz.

Getting Started

In Chrome OS, you can easily create and submit fuzz targets. The targets are automatically built by buildbots, and then uploaded to the distributed ClusterFuzz fuzzing system to run at scale.

Create your first fuzz target and submit it by stepping through our Quickstart Guide.

Further Reading

Trophies

  • Issues found with in-process fuzzing and automatically filed by ClusterFuzz.

Other Links