|
|
Log in / Subscribe / Register

Coverage-guided kernel fuzzing with syzkaller

Coverage-guided kernel fuzzing with syzkaller

Posted Mar 2, 2016 7:57 UTC (Wed) by SimonKagstrom (guest, #49801)
Parent article: Coverage-guided kernel fuzzing with syzkaller

Impressive work, and thanks for the well-written article!

Somewhat related, I've also written a code coverage tool called kcov:

https://github.com/SimonKagstrom/kcov

which as of now collects code coverage for userspace programs using breakpoints. However, the 'k' in the name was meant to be 'kernel', and the idea was to use kprobes and debugfs to setup and report breakpoints in the kernel. I never got that working reliably though, so the kernel part has never really been activated. I suppose I should write a backend for CONFIG_KCOV now though :-)

to post comments

Coverage-guided kernel fuzzing with syzkaller

Posted Mar 3, 2016 14:19 UTC (Thu) by gerdesj (subscriber, #5446) [Link]

"Impressive work, and thanks for the well-written article!"

Seconded and given that the author makes a statement like this: "Unfortunately, not all problems are as straightforward to reproduce and isolate as this one. " he clearly knows how to communicate effectively to those with a rather lesser knowledge of these things.

Great stuff.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds