Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

MathML fuzzing and access to libfuzzer stats

6 views
Skip to first unread message

Frédéric Wang

unread,
Jun 29, 2022, 1:45:02 AM6/29/22
to cluster...@chromium.org, Dominik Röttsches

Hello,

Igalia sent the intent-to-ship for MathML in Chromium ( see https://groups.google.com/a/chromium.org/g/blink-dev/c/n4zf_3FWmAA ) and there were questions about support for MathML in fuzzers.

MathML code has some parts in third_party/blink/renderer/core/ for the actual parsing, layout and rendering. But also in third_party/blink/renderer/platform/fonts/opentype/ for OpenType MATH font.

My understanding is that MathML fuzzing is currently done via HTML fuzzers, which in particular take WPT tests as input (which have plenty of MathML tests). However, I don't know if complex paths (e.g. relying on OpenType MATH font features) are tested by fuzzers.

I was suggested by Dominik (cc'ed) to look at fuzzer stats, but I'm lacking access to https://github.com/google/oss-fuzz/issues/7919 or to https://clusterfuzz.com/fuzzer-stats/by-fuzzer/fuzzer/libFuzzer/job/libfuzzer_chrome_asan ; can you please help me to get access?

In any case, I started to improve coverage for HarfBuzz in https://github.com/harfbuzz/harfbuzz/issues/3688 and I want to experiment more about libfuzzer in chromium.

PS: also discussed on #security in Chromium slack channel.

Thanks,

-- 
Frédéric Wang

Oliver Chang

unread,
Jun 29, 2022, 11:52:38 PM6/29/22
to Frédéric Wang, cluster...@chromium.org, Dominik Röttsches
Hi Frédéric,

For the fuzzer stats, unfortunately we don't have a good way to share this with you, unless you have a @chromium.org email. Perhaps one of the @chromium.org developers can help you with getting the necessary data? That said, I'm not sure how much the info in fuzzer stats will help, as we don't currently have code coverage reports for chromium fuzzers.

For the OSS-Fuzz access, could you please create a pull request per https://github.com/google/oss-fuzz/issues/7919#issuecomment-1169951609 to add yourself? We have coverage reports in OSS-Fuzz. 

Thanks,
Oliver

Frédéric Wang

unread,
Jun 30, 2022, 2:15:52 AM6/30/22
to Oliver Chang, cluster...@chromium.org, Dominik Röttsches
Hello Olivier,

You can you use my chromium address: fw...@chromium.org

I'll create a PR for OSS-Fuzz

Thanks!
-- 
Frédéric Wang

Oliver Chang

unread,
Jul 1, 2022, 2:41:07 AM7/1/22
to Frédéric Wang, cluster...@chromium.org, Dominik Röttsches
We merged our OSS-Fuzz PR and I've granted access to fw...@chromium.org for the fuzzer stats. 

Cheers,
Oliver

Frédéric Wang

unread,
Jul 4, 2022, 4:00:43 AM7/4/22
to Oliver Chang, cluster...@chromium.org, Dominik Röttsches
Thank you Olivier. I'll try and play a bit more with this, but just for the record in


the code coverage is mentioned. Also I don't have access to the console.cloud.google.com data.
-- 
Frédéric Wang

Frédéric Wang

unread,
Jul 4, 2022, 4:02:46 AM7/4/22
to Oliver Chang, cluster...@chromium.org, Dominik Röttsches
On 04/07/2022 10:00, Frédéric Wang wrote:
> Also I don't have access to the console.cloud.google.com data.

Apparently I don't have 'storage.objects.list' permission.


--
Frédéric Wang

Reply all
Reply to author
Forward
0 new messages