Binary Coverage the Wrong Way
4 hours ago
- #Fuzzing
- #Virtualization
- #Code Coverage
- A third option of formally proving programs is dismissed as a lie.
- Fuzzers commonly use N-gram coverage to capture path-dependent information by combining the last N branches.
- Weird coverage metrics still essentially record which code was hit, making distinctions less significant.
- If branch history is recorded, N-gram coverage can likely be computed from it.
- Windows 11 runs the kernel as a virtualized guest, not on bare metal, which is an interesting fact.
- Mention of Varnish, an HTTP cache, as an example reference.