The markdown parsing is broken/disabled for release notes. Sorry about that, I'm chasing the source of a crash that's been bringing this website down for the last couple of days.
Fuzzilli Version 0.9.3
1 year ago
Besides various bug fixes and stability/performance improvements, notable new features of this release include:
* The new [ProbingMutator](https://github.com/googleprojectzero/fuzzilli/blob/main/Sources/Fuzzilli/Mutators/ProbingMutator.swift)
* An improved [lifting algorithm](https://github.com/googleprojectzero/fuzzilli/commit/75630d47e5d6a9ec97f471d8f0a0e80a86959e1f) that can inline expression and results in more readable samples
* A new [static corpus mode](https://github.com/googleprojectzero/fuzzilli/commit/34d7bd47bd6ea0062f570dbdc2d5d77cbef45781) useful for example to search for variants of bugs or when attempting to reproduce flaky crashes
* Full support for [object literals](https://github.com/googleprojectzero/fuzzilli/commit/840c09e07f342c2210694ececd23ef8ac3d669d6) and [class definitions](https://github.com/googleprojectzero/fuzzilli/commit/afdfcf9b86e197642b226b417a7aff784f027324) in FuzzIL
* [Detailed statistics](https://github.com/googleprojectzero/fuzzilli/commit/0b8dd1462113d008cb4f454c6b51d5aa9017ecc9) about the performance of CodeGenerators and Mutators with --logLevel=verbose
* Misc. new code generators and language features for things like [web workers](https://github.com/googleprojectzero/fuzzilli/commit/79f7f740f65e804b81ad4d569f7f871aa9dc27f7), [forcing JIT compilation](https://github.com/googleprojectzero/fuzzilli/commit/aeba3975c711651f2f7fe28fbc678d2df31185b1), [global/hoisted variables](https://github.com/googleprojectzero/fuzzilli/commit/f7dfd455969c24a31af182fafde889c0ff68ebac), or for [creating simple arrays](https://github.com/googleprojectzero/fuzzilli/commit/b6788ba5f6e9ede976caa01a1e003069e16d2bda)
* A refactored [code building algorithm](https://github.com/googleprojectzero/fuzzilli/commit/57267bddf316b609564c05b73874343755858e50) and [JavaScript environment model](https://github.com/googleprojectzero/fuzzilli/commit/28daab02d6771c0e98614b65f3650413568c9be8)
Fuzzilli Version 0.9.2
1 year ago
Besides various bug fixes and stability/performance improvements, notable new features of this release include:
* The new [ExplorationMutator](https://github.com/googleprojectzero/fuzzilli/blob/main/Sources/Fuzzilli/Mutators/ExplorationMutator.swift)
* A [new and improved splicing algorithm](https://github.com/googleprojectzero/fuzzilli/commit/d6d10b03b385a47be681da8e47685959273bcb7d)
* The [swarm testing mode](https://github.com/googleprojectzero/fuzzilli/commit/9d6145cd4c34b316b6b87e1c5313e4f2c4a0be64) for distributed fuzzing
* A new [argument randomization mode](https://github.com/googleprojectzero/fuzzilli/pull/368) to run the targeted JavaScript engines with randomized arguments
* Various new JavaScript language features in FuzzIL such as support for [spreading](https://github.com/googleprojectzero/fuzzilli/pull/238) and [destructuring](https://github.com/googleprojectzero/fuzzilli/pull/300)
* Better documentation about [how Fuzzilli works](https://github.com/googleprojectzero/fuzzilli/blob/main/Docs/HowFuzzilliWorks.md)
* A new, simple GenerativeEngine used to [generate an initial corpus](https://github.com/googleprojectzero/fuzzilli/commit/5a55b177f336c79da3019b73f78f6c54e806e0e2) if starting without one
* A new [corpus synchronization mode](https://github.com/googleprojectzero/fuzzilli/commit/c67aba760c77c73c9ff4b7d0c7d80f5c43f69743) for distributed fuzzing
Fuzzilli Version 0.9.1
3 years ago
Besides various stability and performance improvements, notable new features of this release include:
* Support for distributed fuzzing with [Docker and on GCE](https://github.com/googleprojectzero/fuzzilli/tree/master/Cloud)
* Many new JavaScript language features in FuzzIL, such as [BigInts](https://github.com/googleprojectzero/fuzzilli/commit/f8f43cb7dbe180655d89b640681c22d8d3c77dd3) and [RegExes](https://github.com/googleprojectzero/fuzzilli/commit/baa425f10f0cdf7aeb6e7537c5c2d6ca9e71d26b), thanks to @carl-smith and @amarekano
* Support for the [Duktape](https://github.com/googleprojectzero/fuzzilli/tree/master/Targets/duktape) and [JerryScript](https://github.com/googleprojectzero/fuzzilli/tree/master/Targets/Jerryscript) JavaScript engines (as well as [numerous bugs fixed in them](https://github.com/googleprojectzero/fuzzilli#duktape)) thanks to @WilliamParks and @nszetei respectively
* A new minifying mode for the JavaScriptLifter to reduce the size of scripts during fuzzing thanks to @samo98: https://github.com/googleprojectzero/fuzzilli/commit/c90914d0b2b8345ff4354326b5c7bf945ac182c5
* The [ability to capture stdout and stderr during fuzzing](https://github.com/googleprojectzero/fuzzilli/commit/5ad8c2ba4761ebca2865fb034a909c652e1316fd), which is used to include the failure message of a crash (e.g. from a failed assertion or a sanitizer) as comment in the reproducer JS file: https://github.com/googleprojectzero/fuzzilli/commit/a24e2054c45bf5a455db4347ae65066f1a7879bc
* Support for fuzzing v8 without additional patches thanks to @peter-ralbovsky: https://github.com/v8/v8/commit/70eb08982c68485643f37090d1396a445fb5eed0
* Protobufs as serialization format for FuzzIL and as message format for network synchronization: https://github.com/googleprojectzero/fuzzilli/commit/8b119dbd90d5a62fd9ecef0f5ae40773122c4bbc
* A refactored code generation algorithm and CodeGenerator interface: https://github.com/googleprojectzero/fuzzilli/commit/43d4d9da9d12bb12be92cb4a16917e9552a315fc
Initial public release
5 years ago