fuzzing involves sending random data at a piece of software to crash it and capturing the conditions at the time of the crash.
libFuzzer attacked individual components of Chrome, sending the random data directly to the API. It’s a coverage-guided fuzzer, meaning it measures “code coverage for every input, and accumulate test cases that increase overall coverage”.
Guided coverage is also what Mountain View wants to offer for the world of open source software.
Described as in an “early stage”, the authors say their current focus is on libFuzzer, with documentation teaching users how to:
Add fuzzing to an open source project:
How to build and run fuzzers into a target source code repo; and
Build and run external fuzzers.