Get the latest tech news

Fuzzer Blind Spots: Meet Jepsen


Insights, updates, and technical deep dives on building a high-performance financial transactions database.

Fuzz testing searches for bugs by probabilistically exploring the state space of a program, which would be too massive to check exhaustively. In our case, the VOPR’s seemingly sophisticated approach to query generation created a blind spot that hid a real bug. When a fuzzer stops finding bugs, that doesn’t mean its job is done—it may simply mean it has exhausted the particular slice of state space it can reach.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Fuzzer Blind Spots

Fuzzer Blind Spots

Photo of Meet Jepsen

Meet Jepsen