mirror of https://github.com/reactos/syzkaller.git synced 2024-11-23 19:39:40 +00:00

syzkaller is an unsupervised coverage-guided kernel fuzzer

Go to file

Dmitry Vyukov a2af37f08c prog: increase encodingexec buffer size Some of the programs involving netfilter syscalls produce errors about insufficient buffer size. Bump it more.		2020-01-18 21:02:24 +01:00
dashboard	dashboard/config: update USB config	2020-01-10 15:46:17 +01:00
docs	Update external_fuzzing_usb.md	2020-01-07 15:33:47 +01:00
executor	prog: don't add fallback coverage after prctl	2020-01-15 17:35:31 +01:00
Godeps	vendor/github.com/google/go-cmp: update to HEAD	2019-03-17 18:06:44 +01:00
pkg	pkg/vcs: disable CONFIG_DEBUG_KOBJECT during bisection	2020-01-16 11:31:02 +01:00
prog	prog: increase encodingexec buffer size	2020-01-18 21:02:24 +01:00
sys	prog: don't add fallback coverage after prctl	2020-01-15 17:35:31 +01:00
syz-ci	syz-ci: always rebuild fuchsia on startup	2019-12-09 15:13:49 -08:00
syz-fuzzer	syz-manager: show list of all enabled syscalls	2020-01-05 11:46:33 +01:00
syz-hub	syz-hub: cap total number of programs sent to a manager	2019-11-29 10:46:26 +01:00
syz-manager	syz-manager: don't accept excessive amounts of inputs for a single call	2020-01-15 18:04:24 +01:00
tools	sys/linux: fix 2 netlink data layout bugs	2020-01-07 10:02:10 +01:00
vendor	vendor/github.com/google/go-cmp: update to HEAD	2019-03-17 18:06:44 +01:00
vm	vm/isolated: update isolated vm	2020-01-08 09:28:19 +01:00
.clang-format	buildbot: add .travis.yml	2017-07-28 13:25:48 +02:00
.gitattributes	.gitattributes: hide generated files	2019-11-29 11:27:09 +01:00
.gitignore	fuzzit.sh: migrate syzkaller to new org and introduce regression	2019-08-09 11:56:42 +02:00
.golangci.yml	tools/syz-trace2syz: disable golangci-lint	2019-10-08 12:31:54 +02:00
.travis.yml	.travis.yml: set go_import_path	2019-12-30 16:37:38 +01:00
AUTHORS	tools/create-image.sh: add a new option seek	2019-10-15 12:40:28 +02:00
CODE_OF_CONDUCT.md	Create CODE_OF_CONDUCT.md	2019-02-04 12:05:04 +01:00
CONTRIBUTORS	pkg/report: generalize general protection fault pattern	2019-11-19 08:07:30 +01:00
fuzzbuzz.yaml	fuzz.yaml: rename to fuzzbuzz.yaml	2019-07-19 10:45:19 +02:00
fuzzit.sh	fix fuzzit script to work with latest CLI syntax	2019-09-13 15:37:40 +01:00
LICENSE	initial commit	2015-10-12 10:16:57 +02:00
Makefile	tools/syz-check: inject description compilation warnings	2019-12-20 16:45:34 +01:00
README.md	fuzzit.sh: migrate syzkaller to new org and introduce regression	2019-08-09 11:56:42 +02:00

README.md

syzkaller - kernel fuzzer

syzkaller is an unsupervised coverage-guided kernel fuzzer.
Supported OSes: Akaros, FreeBSD, Fuchsia, gVisor, Linux, NetBSD, OpenBSD, Windows.

Mailing list: syzkaller@googlegroups.com (join on web or by email).

Found bugs: Akaros, Darwin/XNU, FreeBSD, Linux, NetBSD, OpenBSD, Windows.

Documentation

Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it's being extended to support other OS kernels as well. Most of the documentation at this moment is related to the Linux kernel. For other OS kernels check: Akaros, Darwin/XNU, FreeBSD, Fuchsia, NetBSD, OpenBSD, Windows, gVisor.

External Articles

Research work based on syzkaller
From HardenedLinux project:
- Kernel QA with syzkaller and qemu (tutorial on how to setup syzkaller with qemu)
- Syzkaller crash DEMO (tutorial on how to extend syzkaller with new syscalls)
- Kernel debug tool with syzkaller (debugging qemu VM created by syz-manager with gdb)
- Explanation of some syzkaller internals
- A example of fuzzing the ceph filesystem
Coverage-guided kernel fuzzing with syzkaller (by David Drysdale)
ubsan, kasan, syzkaller und co (video) (by Florian Westphal)
Debugging a kernel crash found by syzkaller (by Quentin Casasnovas)
Linux Plumbers 2016 talk slides
syzkaller: the next gen kernel fuzzer (basics of operations, tutorial on how to run syzkaller and how to extend it to fuzz new drivers)
syzbot and the tale of thousand kernel bugs [video]

Disclaimer

This is not an official Google product.