Dmitry Vyukov
Dmitry Vyukov
Could go-fuzz detect logical memory leaks (DoS)? Libfuzzer uses LeakSanitizer but it has an interesting heuristic, it will do a LeakSanitizer check (very expensive) iff the test case has unbalanced...
Currently go-fuzz mutates and supplies to a test a byte slice, however there are cases when a test needs more complex, structured input. For example, a regexp test could accept...
There is a proposal for making fuzzing a first class citizen in Go: https://github.com/golang/go/issues/19109 First they are trying to understand if there's interest. I would appreciate if you drop a...
Topics that need to be covered: - how to write good Fuzz functions (checking for logical bugs, cross checking different implementations, examining as much code as possible, testing functions that...
Currently go-fuzz has 3 minimization strategies: - strip input suffix (O(N)) - strip all possible subranges (O(N^2)) - replace all individual bytes with '0' (O(N)) Here was suggested another strategy:...
Currently versifer (automatic protocol reverse engineering) does only very basic analysis of text protocols. There are plenty of things that can be improved: - Rewrite analysis (currently is it more...
Currently valid inputs (with result=1) receive 2x priority boost. This is good. However, if we have 2 valid inputs and 200 invalid ones (that examine various error paths), we actually...
On commit 94fd376914eea7ba30ceab9d6034f75bdf46e87f kernel reliably crashes with: ``` / $ HW TRAP frame at 0xfffffff000061b90 on core 0 rax 0xffff8000044a0660 rbx 0x000000000000000b rcx 0x0000000000000000 rdx 0x000000000000000b rbp 0xfffffff000061c58 rsi 0x0000000000483e33...
Got this while running syzkaller on 2b284c49cea87c10f281ed331a939e6698eb43e6: ``` bash-4.3$ kernel panic at kern/src/vfs.c:1359, from core 1: assertion failed: buf == buf_end Entering Nanwan's Dungeon on Core 1 (Ints on): Type...
While experimenting with akaros I've tried to run a Go program compiled to linux and it caused kernel panic. I understand that that's not the way I build programs for...