Dave's Data

xkcd 1137 Over the past year, I've spent some time working on improving the robustness of TensorFlow.  As I mentioned earlier, one of my goals for my time at Google was to dive into industry best-practices for writing good code .  At Google, writing good code starts with careful programmers, requires good tests that get run on a fantastic internal testing infrastructure , is improved through code review , and makes use of several code quality tools and linters. One part of that testing that's been gaining more visibility recently is fuzzing - throwing random inputs at programs or libraries to try to cause them to crash.   John Regehr has been fuzzing compilers for a while now - very effectively.  (That link has a nice taxonomy of the types of fuzzers.)  Google's Project Zero has been fuzzing the FreeType library for the last 4 years , and has found a tremendous number of security vulnerabilities  in all sorts of programs.   (This isn't to suggest fuzzing is new -