|Date of the premiere of the system:||2011|
|Last Release Date:||February, 2019|
|Technology:||Development tools of applications|
ClusterFuzz — the platform developed by Google intended for identification of errors and vulnerabilities in the software. The tool uses so-called fuzzing-testing of the code when on a program input the wrong, unexpected or accidental data move. The main idea of such approach consists in in a random way to change the input data expected by the program in any places. Often the method is applied to detection of violations of integrity of data in RAM and by verifications of the assumptions of behavior of the program.
2019: Disclosure of source codes
| ||We developed ClusterFuzz more than 8 years ago freely to be integrated into workflows of developers and to simplify search and elimination of errors — participants of the developing ClusterFuzz of a command Abkhishek Arya, Oliver Chiang, Max Moroz, Martin Barbella and Johnathan Mettsman write in the blog of Google. — ClusterFuzz provides continuous automation — from error trapping and sorting (exact deduplication, binary search), before drawing up reports on errors and, at last, before automatic closing of such reports.|| |
By the time of disclosure of source codes of ClusterFuzz which were laid out on the GitHub portal the platform revealed more than 16 thousand bugs in the Chrome browser and more than 11 thousand errors in 160 open projects connected to OSS-Fuzz service. The last was started by Google at the end of 2016 for providing access to ClusterFuzz in service quality.
The ClusterFuzz system is initially expected the organization distributed testing on a large number of nodes — for example, the internal cluster of ClusterFuzz includes more than 25 thousand machines in Google. For accomplishment of the open version of ClusterFuzz it is possible to use both cloud services of Google, and any computing clusters.