| commit | e8a2116a2739c1d3dfb4e2ad570d123b3a4a1adc | [log] [tgz] |
|---|---|---|
| author | Alexander Potapenko <glider@google.com> | Tue Nov 28 11:33:46 2023 +0100 |
| committer | Alexander Potapenko <glider@google.com> | Wed Dec 13 14:45:21 2023 +0100 |
| tree | 8d0b5ff4f35f36a1002b34a77eb58a5b036d4a93 | |
| parent | ebcad15ccd9a570d2e16081b7b07b288462b7b91 [diff] |
tools/syz-execprog: use more precise addresses when collecting coverage Make two improvements to addresses obtained from kcov: - call backend.PreviousInstructionPC() so that they point to the __sanitizer_cov_trace_pc calls; - read the top 32 bits of the kernel addresses from /proc/kallsyms instead of using the hardcoded 0xffffffff value
syzkaller ([siːzˈkɔːlə]) is an unsupervised coverage-guided kernel fuzzer.
Supported OSes: Akaros, FreeBSD, Fuchsia, gVisor, Linux, NetBSD, OpenBSD, Windows.
Mailing list: syzkaller@googlegroups.com (join on web or by email).
Found bugs: Akaros, Darwin/XNU, FreeBSD, Linux, NetBSD, OpenBSD, Windows.
Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it's being extended to support other OS kernels as well. Most of the documentation at this moment is related to the Linux kernel. For other OS kernels check: Akaros, Darwin/XNU, FreeBSD, Fuchsia, NetBSD, OpenBSD, Starnix, Windows, gVisor.
This is not an official Google product.