StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing presented at USENIX Security 2022

by Bodong Zhao, Zheming Li, Shisong Qin, Zheyu Yuan,

Tags: Fuzzing III


Summary : Coverage-guided fuzzing has achieved great success in finding software vulnerabilities. Existing coverage-guided fuzzers generally favor test cases that hit new code, and discard ones that exercise the same code. However, such a strategy is not optimum. A new test case exercising the same code could be better than a previous test case, as it may trigger new program states useful for code exploration and bug discovery.