Mateusz,
Now that NetBSD has dtrace (FBT) for the kernel, have you thought
about how you might use write mode in dtrace to simulate failure?
Is there value in introducing specific dtrace probes (once we have
SDT probes) to support fuzzing?
Are further changes required, such as allowing longer
Hello,
On Sat, Mar 20, 2010 at 05:32:28PM +0200, Mateusz Kocielski wrote:
(Eg.
int foo() { char d[10]; int i; i = 5; return d[i] }
will be translate into:
int foo() { char d[10]; int i; int _x; i = 5; _x = i; if ( _x 0 ||
_x 9 ) ERROR();
return d[_x]; }
)
I've seen some
On Sat, Mar 20, 2010 at 08:53:12PM +0200, Mateusz Kocielski wrote:
2010/3/20 Thor Lancelot Simon t...@panix.com:
What is the benefit of this when compared to existing static-analysis
tools such as Coverity Scan, splint, or the Clang static analyzer? Will
this cover any cases they don't?
On Sat, Mar 20, 2010 at 3:32 PM, Mateusz Kocielski
m.kociel...@gmail.com wrote:
Hi,
My proposal is to write syscall/libc fuzzer, i've written down my thoughts,
please let me know what you think about it. I would appreciate your feedback.
I'm open for any ideas or comments.
1. What is
On Sat, 20 Mar 2010, Mateusz Kocielski wrote:
...your ideas?
Reminds me of 1991's crashme: http://crashme.codeplex.com/
The idea sounds more like a research project to me...
- Hubert
2010/3/20 Thor Lancelot Simon t...@panix.com:
What is the benefit of this when compared to existing static-analysis
tools such as Coverity Scan, splint, or the Clang static analyzer? Will
this cover any cases they don't? If so, which ones?
Undecidability is the limit for static-analysis.
On Sat, Mar 20, 2010 at 01:54:49PM -0400, Elad Efrat wrote:
Thor Lancelot Simon wrote:
If not, I don't think this adds any benefit to your proposal and is likely
to simply be a distraction; I'd urge you in that case to drop it.
Strongly seconded. There are so many great ways to improve NetBSD
On Sat, Mar 20, 2010 at 12:40:12PM -0400, Thor Lancelot Simon wrote:
As a part of my work I would like to write a translator for C
language and a small library. Their goal would be to detect
integer overflows, stack overflows, problems with static array
indexing, etc (when such occur
On Sat, Mar 20, 2010 at 3:24 PM, David Holland dholland-t...@netbsd.org wrote:
On Sat, Mar 20, 2010 at 01:54:49PM -0400, Elad Efrat wrote:
Thor Lancelot Simon wrote:
If not, I don't think this adds any benefit to your proposal and is likely
to simply be a distraction; I'd urge you in that case
On Sat, Mar 20, 2010 at 03:40:33PM -0400, Elad Efrat wrote:
If not, I don't think this adds any benefit to your proposal and
is likely to simply be a distraction; I'd urge you in that case
to drop it.
Strongly seconded. There are so many great ways to improve NetBSD and
wasting time
On Mar 20, 2010, at 3:35 PM, David Holland wrote:
On Sat, Mar 20, 2010 at 12:40:12PM -0400, Thor Lancelot Simon wrote:
As a part of my work I would like to write a translator for C
language and a small library. Their goal would be to detect
integer overflows, stack overflows, problems with
On Sat, Mar 20, 2010 at 05:32:28PM +0200, Mateusz Kocielski wrote:
4. What are my main goals?
* write syscall/libc fuzzer
* develop additional tools to fuzzer environment
* cover as much project code as possible during testing
Mateusz,
I'm going to seize on one of your goals, sorry. :-)
On Sat, Mar 20, 2010 at 08:53:12PM +0200, Mateusz Kocielski wrote:
2010/3/20 Thor Lancelot Simon t...@panix.com:
What is the benefit of this when compared to existing static-analysis
tools such as Coverity Scan, splint, or the Clang static analyzer? ?Will
this cover any cases they don't?
On Sat, Mar 20, 2010 at 05:32:28PM +0200, Mateusz Kocielski wrote:
As a part of my work I would like to write a translator for C language and a
small library. Their goal would be to detect integer overflows, stack
overflows,
problems with static array indexing, etc (when such occur during the
On Sat, Mar 20, 2010 at 06:38:57PM -0500, David Young wrote:
On Sat, Mar 20, 2010 at 05:32:28PM +0200, Mateusz Kocielski wrote:
4. What are my main goals?
* write syscall/libc fuzzer
* develop additional tools to fuzzer environment
* cover as much project code as possible during
15 matches
Mail list logo