Fuzzing – Measuring the Quality Of Unit Tests

I’ve recently thought a lot about good unit tests. First and foremost, you want unit tests to cover most of the source code inside your application. That’s why you usually monitor the Code Coverage of your unit tests, essentially counting the number of times a particular source code line has been executed during the test period.

However, running some code does not necessarily mean that a test actually checks the correct behavior! Exactly this is what Fuzzer is all about. It’s an open source tool for FLOW3 which mutates (modifies) your source code step-by-step, for example by commenting out a single line. Then, it checks if the code is still valid PHP, and if so, tries to run the unit tests.

If the tests now fail or run forever, everything is fine and the tests detected the change. However, if the tests run successfully, it means that a changed source code line did not trigger a test failure — hinting at some missing test cases!

A lot more details and examples can be found in the readme of the project on GitHub, so check it out, and I’d love to get feedback using Twitter or the comments here!