Tim Newsham

qemu.py sends an extra 'R' message during initial handshake and soft reload. This releases the virtual machine that is waiting on hypercall_next_payload before qemu.py writes to the payload buffer. As...

I installed on ubuntu 16.04.3 server and followed the startup instructions in the readme to load the vulnerable test driver in the guest and start fuzzing it. After about three...

I noticed crashes using "%d" formatting, ie this seg faults with qemu-riscv64: ``` #include int main(int argc, char **argv) { printf("%d\n", 1); return 0; } ``` In gdb I see...

`nextpid` is a signed integer, and `allocpid()` will return negative values after `2^31` calls. It will return -1 after `2^32` calls. These pids are returned by `fork()`, where the distinguished...

Not working as expected?

1

The example from the README.md does not seem to be doing what I expect: ``` $ grep string README.md an input string and produces an output string. The following commands...