A4 Refereed article in a conference publication
Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development
Authors: Jukka Ruohonen, Kalle Rindell
Editors: Katinka Wolter, Ina Schieferdecker, Barbara Gallina, Michel Cukier, Roberto Natella, Naghmeh Ivaki, Nuno Laranjeiro
Conference name: International Symposium on Software Reliability Engineering Workshops
Publication year: 2020
Book title : 2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)
First page : 276
Last page: 281
ISBN: 978-1-7281-5139-7
eISBN: 978-1-7281-5138-0
DOI: https://doi.org/10.1109/ISSREW.2019.00084
Fuzzing has been studied and applied ever since the 1990s. Automated and continuous fuzzing has recently been applied also to open source software projects, including the Linux and BSD kernels. This paper concentrates on the practical aspects of continuous kernel fuzzing in four open source kernels. According to the results, there are over 800 unresolved crashes reported for the four kernels by the syzkaller/syzbot framework. Many of these have been reported relatively long ago. Interestingly, fuzzing-induced bugs have been resolved in the BSD kernels more rapidly. Furthermore, assertions and debug checks, use-after-frees, and general protection faults account for the majority of bug types in the Linux kernel. About 23% of the fixed bugs in the Linux kernel have either went through code review or additional testing. Finally, only code churn provides a weak statistical signal for explaining the associated bug fixing times in the Linux kernel.
