
Finding UI crashes by fuzzing input events with american fuzzy lop - buovjaga
http://caolanm.blogspot.com/2015/10/finding-ui-crashes-by-fuzzing-input.html
======
mdwrigh2
For those of you writing Android apps, this is essentially what the monkey[1]
tool is for.

[1]:
[http://developer.android.com/tools/help/monkey.html](http://developer.android.com/tools/help/monkey.html)

~~~
tedmielczarek
The difference here is that AFL is not just banging on the keyboard at random
--it's doing a guided search to find inputs that change the program state in
interesting ways. This is more likely to find bugs in a finite amount of time.

------
legulere
This article kind of makes me wonder if there's much sense into finding (and
fixing) bugs in the high level parts of a program (where no other code depends
on) if it normally doesn't occur.

~~~
osivertsson
Fixing these kinds of bugs also improve developer productivity in my
experience.

Code that can trigger crashes like this often has problems with ownership
and/or concurrent access. At least I often get stuck on such code when doing
modifications, asking myself how on earth they guard against null ptr derefs
etc. In many cases that sneaking suspicion is founded and there really are
bugs lurking in the code I'm supposed to extend in some way.

~~~
illumen
Yeah, it's a great way to find smelly bits of code.

------
jonhohle
After the last AFL article I ran it on a side project with a good input test
suite where I was not the original author. Really easy to integrate, and I was
impressed with the bugs it found. Running the generated input through valgrind
made fixing problems really simple.

Add in the clang static analyzer and there are a lot of really nice tools for
reasoning about memory issues.

------
pzone
I would love to have a general purpose Qt input event fuzzing library.

------
marktwain2
Cool, would this also work for testing websites with phantomjs?

~~~
senthilnayagam
tools like metasploit and arachni scanner are designed for that task

------
williamle8300
Fuzzy Dunlop?

