Boffins from ETH Zurich have devised a novel fuzzer for finding bugs in RISC-V chips and have used it to find more than three dozen.
Fuzzing is a technique that involves feeding random input to software or hardware to see how it responds. It’s commonly used for identifying code errors or architectural flaws, and is widely used in the security community.
But current CPU fuzzers have limitations that make them less effective. For example, they may not cover the entire instruction set architecture (ISA) or they may not manage control flow well, which means that bugs get missed. So a new approach is being put to the test.
