DUMPLING: Fine-grained Differential JavaScript Engine Fuzzing
Summary
DUMPLING introduces a fine-grained differential fuzzing approach for JS engines by instrumenting the engine itself to capture high-frequency frame dumps. It demonstrated finding eight new bugs in V8 and earned a Google VRP reward, highlighting advances in JS engine security testing.