BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Memento EPFL//
BEGIN:VEVENT
SUMMARY:Semantic Scripting Language Fuzzing
DTSTART:20230616T130000
DTEND:20230616T150000
DTSTAMP:20260408T202712Z
UID:a3570cc91b763e7568d7059b91a37a8bf769fb20c64c632660eca5f1
CATEGORIES:Conferences - Seminars
DESCRIPTION:Chibin Zhang\nEDIC candidacy exam\nExam president: Prof. Edoua
 rd Bugnion\nThesis advisor: Prof. Mathias Payer\nCo-examiner: Prof. Martin
  Odersky\n\nAbstract\nScripting languages are ubiquitous due to their conv
 enient API and broad functionality. The scripting runtime environment guar
 antees memory safety\, type safety\, and sandboxing. Unfortunately\, bugs 
 may violate these guarantees. Fuzzing is the prime technique to discover b
 ugs. Language environments are challenging targets because (i) inputs must
  pass the parser stage to trigger interesting functionality\, (ii) the inp
 ut must trigger rich semantics\, and (iii) runtime libraries are complex.\
 n\nIn this work\, we discuss three papers: CSmith\, Polyglot\, and Fuzzill
 i. CSmith is a seminal work in compiler testing and popularized the many t
 echniques used in this field. Polyglot is the first fuzzer to tackle fuzzi
 ng multiple languages at once\, proposing semantic validation and constrai
 ned mutation. And Fuzzilli highlights unique challenges for fuzzing JIT co
 mpilers. We note the limitations of existing papers\, for example\, specia
 lization towards a single language\, the need for massive manual effort\, 
 and propose solutions to overcome these shortcomings.\n\nBackground papers
 \n1. Finding and Understanding Bugs in C Compilers\, Xuejun Yang\, Yang 
 Chen\, Eric Eide\, John Regehr https://users.cs.utah.edu/~regehr/papers/
 pldi11-preprint.pdf\n2. NAUTILUS: Fishing for Deep Bugs with Grammars  by
  Cornelius Aschermann\, Tommaso Frassetto\, Thorsten Holz\, Patrick Jauern
 ig\, Ahmad-Reza Sadeghi\, Daniel Teuchert https://www.ndss-symposium.org/w
 p-content/uploads/2019/02/ndss2019_04A-3_Aschermann_paper.pdf\n3. FUZZILL
 I: Fuzzing for JavaScript JIT Compiler Vulnerabilities by Samuel Groß\, 
 Simon Koch\, Lukas Bernhard\, Thorsten Holz\, Martin Johns https://www.
 ndss-symposium.org/wp-content/uploads/2023/02/ndss2023_f290_paper.pdf\n 
LOCATION:BC 129 https://plan.epfl.ch/?room==BC%20129
STATUS:CONFIRMED
END:VEVENT
END:VCALENDAR