DevConf.CZ 2019

This is based on my experience with fuzzing in systemd and casync using google's oss-fuzz. I'll discuss the general idea, libraries which can be used for fuzzing (afl, libfuzzer) and testing (address sanitizer, valgrind, ...), how to easily add fuzzing to any compiled project, and how to use online fuzzing resources. I think that almost any project can benefit, but this is still relatively unknown and many people don't realize how is it easy to add fuzzing, and how quickly this finds bugs. Fuzzing is yet another tool that is a necessary part of the toolbox.

I expect that attendees will be know how to add fuzzing to their projects after the session even if they knew nothing about the subject beforehand.

Red Hat's CKI ("cookie") project is building a CI for kernel patches being sent to maillists, both its own and public. We are putting our extensive park of hard-to-obtain hardware to the task of testing patches before they're even reviewed, and we strive to give you the test results with no strings attached, just like cookies.

We've been running the system internally for a while, and are getting ready to apply it to upstream patches and start sending reports to contributors. We would like to tell you how our system works so far, what ideas we have, and hear how you would like it to work for you, on upstream maillists!

Naturally, real cookies are involved in the presentation!

There are rather a lot of bits of automated infrastructure related to Fedora QA that do things like creating those release validation wiki pages you may have seen, forwarding automated results to various places, sending out email reports, and so on. This session will try to provide an overview of all these little things, which I like to call robots because it sounds cooler, their functions, where they run, and how they work together to help save people work and make Fedora work better.