This paper discusses an interesting experiment (that involved a lot of work). An interesting blog post on the article ;-)
I was led to it from your other post, and I wanted to highlight that as a separate post :). I am interested in what the community might say about the utility of fuzzing in areas that may not directly involve security (such as compilers).
I think compilers are fundamental to security, and I wish that were a more common position.
They certainly are, in that one needs to trust the compiler. However, I wonder what the security impact of a bug in a compiler is that is never transmitted to the compiled artifact.
Perhaps nothing, in that case. I wouldn’t want to go on-record predicting it’ll never matter; novel security vulnerabilities are often related to things that everyone assumed shouldn’t have been security-relevant in the first place. That does seem like an unlikely type of bug to be an issue, though.
There is always the “whoopee do” post that helped germinate the original work :-)
I think the that grammar base fuzzing has practical, non-security uses, provided the rule probabilities are realistic.
And I keep meaning to write something about most existing mutation research being a complete waste of time (of course citing your PhD thesis to back up my claims). People need to research how to generate ‘bigger’ mutations, or move onto something else.