Welcome to "Generating Software Tests"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. Recent years have seen the development of novel techniques that lead to dramatic improvements in test generation and software testing. They now are mature enough to be assembled in a book – even with executable code.
from fuzzingbook_utils import YouTubeVideo
YouTubeVideo("w4u5gCgPlmg")
<iframe
width="640"
height="360"
src="https://www.youtube.com/embed/w4u5gCgPlmg"
frameborder="0"
allowfullscreen
></iframe>
You can use this book in three ways:
-
You can read chapters in your browser. Check out the list of chapters in the menu above, or start right away with the introduction to testing or the introduction to fuzzing. All code is available for download.
-
You can interact with chapters as Jupyter Notebooks (beta). This allows you to edit and extend the code, experimenting live in your browser. Simply select "Resources
$\rightarrow$ Edit as Notebook" at the top of each chapter. Try interacting with the introduction to fuzzing. -
You can present chapters as slides. This allows for presenting the material in lectures. Just select "Resources
$\rightarrow$ View slides" at the top of each chapter. Try viewing the slides for the introduction to fuzzing.
This work is designed as a textbook for a course in software testing; as supplementary material in a software testing or software engineering course; and as a resource for software developers. We cover random fuzzing, mutation-based fuzzing, grammar-based test generation, symbolic testing, and much more, illustrating all techniques with code examples that you can try out yourself.
This book is work in progress, with new chapters coming out every week. To get notified when a new chapter comes out, follow us on Twitter.
This book is written by Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian Holler. All of us are long-standing experts in software testing and test generation; and we have written or contributed to some of the most important test generators and fuzzers on the planet. As an example, if you are reading this in a Firefox, Chrome, or Edge Web browser, you can do so safely partly because of us, as the very techniques listed in this book have found more than 2,600 bugs in their JavaScript interpreters so far. We are happy to share our expertise and making it accessible to the public.
The interactive notebook uses the mybinder.org service, which runs notebooks on their own servers. Starting Jupyter through mybinder.org normally takes about 30 seconds, depending on your Internet connection. If, however, you are the first to invoke binder after a book update, binder recreates its environment, which will take a few minutes. Reload the page occasionally.
mybinder.org imposes a limit of 100 concurrent users for a repository. Also, as listed on the mybinder.org status and reliability page,
As mybinder.org is a research pilot project, the main goal for the project is to understand usage patterns and workloads for future project evolution. While we strive for site reliability and availability, we want our users to understand the intent of this service is research and we offer no guarantees of its performance in mission critical uses.
There are alternatives to mybinder.org; see below.
If mybinder.org does not work or match your needs, you have a number of alternatives:
-
Download the Python code (using the menu at the top) and edit and run it in your favorite environment. This is easy to do and does not require lots of resources.
-
Download the Jupyter Notebooks (using the menu at the top) and open them in Jupyter. Here's how to install jupyter notebook on your machine.
-
Run the notebook locally in a Docker container. For more information, see How to use the book with Docker.
-
If you want to use the book in a classroom, and depend on your users having access to the interactive notebooks, consider using or deploying a JupyterHub or BinderHub instance.
We try to keep the code as general as possible, but occasionally, when we interact with the operating system, we assume a Unix-like environment (because that is what Binder provides). To run these examples on your own Windows machine, you can install a Linux VM or a Docker environment.
Technically, yes; but this would cost money and effort, which we'd rather spend on the book at this point. If you'd like to host a JupyterHub or BinderHub instance for the public, please do so and let us know.
Here's our current release plan. New chapters are coming out every Tuesday.
- Introduction to Software Testing – 2018-10-30
- Fuzzing: Breaking Things with Random Inputs – 2018-10-30
- Getting Coverage – 2018-11-06
- Mutation-Based Fuzzing – 2018-11-06
- Fuzzing with Grammars – 2018-11-13
- Efficient Grammar Fuzzing – 2018-11-20
- Grammar Coverage – 2018-11-27
- Testing Configurations – 2018-12-04
- Parsing and Recombining Inputs – 2018-12-11
- Probabilistic Grammar Fuzzing – 2018-12-18
- Fuzzing with Generators – 2019-01-08
- Fuzzing APIs – 2019-01-15
- Carving Unit Tests – 2019-01-22
- Reducing Failure-Inducing Inputs – 2019-01-29
- Web Testing – 2019-02-05
- GUI Testing – 2019-02-12
- Mining Input Grammars – 2019-02-19
- Tracking Information Flow – 2019-03-05
- Search-Based Fuzzing – 2019-03-12
- Fuzzing with Input Fragments – 2019-03-19
- Dynamic Invariants – 2019-03-26
- Symbolic Fuzzing – 2019-04-02
- Search-Based Grammar Fuzzing – 2019-04-09
- Fast Mutation-Based Fuzzing – 2019-04-16
- Fuzzing with Natural Language - 2019-04-23
- Mutation Analysis – 2019-04-30
- Fuzzing in the Large – 2019-05-06
- When to Stop Fuzzing – 2019-05-13
See the table of contents for those chapters that are already done.
Thanks for referring to our work! Once the book is complete, you will be able to cite it in the traditional way. In the meantime, just click on the "cite" button at the bottom of the Web page for each chapter to get a citation entry.
We're always happy to get suggestions! If we missed an important reference, we will of course add it. If you'd like specific material to be covered, the best way is to write a notebook yourself; see our Guide for Authors for instructions on coding and writing. We can then refer to it or even host it.
Of course! Just respect the license (including attribution and share alike). If you want to use the material for commercial purposes, contact us.
Yes! Again, please see the license for details.
We have successfully used the material in various courses.
-
Initially, we used the slides and code and did live coding in lectures to illustrate how a technique works.
-
Now, the goal of the book is to be completely self-contained; that is, it should work without additional support. Hence, we now give out completed chapters to students in a flipped classroom setting, with the students working on the notebooks at their leisure. We would meet in the classroom to discuss experiences with past notebooks and discuss future notebooks.
When running a course, do not rely on mybinder.org – it will not provide sufficient resources for a larger group of students. Instead, install and run your own hub.
Our Sitemap lists the dependencies between the individual chapters. After you have gone through the basics of fuzzing, you can, for instance, limit yourself to lexical (character-based) fuzzing, and take a path towards mutation-based "AFL-style" fuzzing. Or you can go for Web and GUI testing and take the path through syntactical (grammar-based) fuzzing instead.
Download the Jupyter Notebooks (using the menu at the top) and adapt the notebooks at your leisure (see above), including "Slide Type" settings. Then,
- Download slides from Jupyter Notebook; or
- Use the RISE extension (instructions) to present your slides right out of Jupyter notebook.
At this point, we do not provide support for PDF versions. We will be producing PDF and print versions once the book is complete.
You can tweet to @fuzzingbook on Twitter, allowing the community of readers to chime in. For bugs you'd like to get fixed, report an issue on the development page.
We prioritize issues as follows:
- Bugs in code published on fuzzingbook.org
- Bugs in text published on fuzzingbook.org
- Writing missing chapters
- Issues in yet unpublished code or text
- Issues related to development or construction
- Things marked as "beta"
- Everything else
We're glad you ask that. The development page has all sources and some supplementary material. Pull requests that fix issues are very welcome.
Again, we're glad you're here! We are happy to accept
- Code fixes and improvements. Please place any code under the MIT license such that we can easily include it.
- Additional text, chapters, and notebooks on specialized topics. We plan to set up a special folder for third-party contributions.
See our Guide for Authors for instructions on coding and writing.