ISSTA/ECOOP 2024
Mon 16 - Fri 20 September 2024 Vienna, Austria
Mon 16 Sep 2024 16:00 - 16:15 at EI 9 Hlawka - Bach Session

Parametric generators are a simple way to combine coverage-guided and generator-based fuzzing. Parametric generators can be thought of as decoders of an arbitrary byte sequence into a structured input. This allows mutations on the byte sequence to map to mutations on the structured input, without requiring the writing of specialized mutators. However, this technique is prone to the \emph{havoc effect}, where small mutations on the byte sequence cause large, destructive mutations to the structured input. This registered report first provides a preliminary investigation of the paradoxical nature of the havoc effect for generator-based fuzzing in Java. In particular, we measure mutation characteristics and confirm the existence of the havoc effect, as well as scenarios where it may be more detrimental. The proposed evaluation extends this investigation over more benchmarks, with the tools Zest, JQF’s EI, BeDivFuzz, and Zeugma.

Mon 16 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:30 - 17:00
Bach SessionFUZZING at EI 9 Hlawka
15:30
15m
Talk
Sparse Symbolic Loop Execution
FUZZING
Frank Busse Imperial College London, Martin Nowack Imperial College London, Cristian Cadar Imperial College London
15:45
15m
Talk
LOOL: Low-Overhead, Optimization-Log-Guided Compiler Fuzzing
FUZZING
Florian Schwarcz Johannes Kepler University Linz, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Gergö Barany Oracle Labs, Hanspeter Mössenböck JKU Linz
16:00
15m
Talk
The Havoc Paradox in Generator-Based Fuzzing
FUZZING
Ao Li Carnegie Mellon University, Madonna Huang University of British Columbia, Caroline Lemieux University of British Columbia, Rohan Padhye Carnegie Mellon University
16:15
15m
Talk
Understanding and Improving Coverage Tracking with AFL++
FUZZING
Vasil Sarafov μCSRL, CODE Research Institute, University of the Bundeswehr Munich, David Markvica μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Matthias Bernad μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Stefan Brunthaler μCSRL, CODE Research Institute, University of the Bundeswehr Munich
16:30
30m
Day closing
Concluding Remarks
FUZZING


Information for Participants
Mon 16 Sep 2024 15:30 - 17:00 at EI 9 Hlawka - Bach Session
Info for room EI 9 Hlawka:

Map: https://tuw-maps.tuwien.ac.at/?q=CAEG17

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/13939