gvisor/images/syzkaller/README.md

syzkaller is an unsupervised coverage-guided kernel fuzzer.

*   [Github](https://github.com/google/syzkaller)
*   [gVisor dashboard](https://syzkaller.appspot.com/gvisor)

# How to run syzkaller.

First, we need to load a syzkaller docker image:

```bash
make load-syzkaller
```

or we can rebuild it to use an up-to-date version of the master branch:

```bash
make rebuild-syzkaller
```

Then we need to create a directory with all artifacts that we will need to run a
syzkaller. Then we will bind-mount this directory to a docker container.

We need to build runsc and place it on the artifact directory:

```bash
make RUNTIME_DIR=/tmp/syzkaller refresh
```

The next step is to create a syzkaller config. We can copy the default one and
customize it:

```bash
cp images/syzkaller/default-gvisor-config.cfg /tmp/syzkaller/syzkaller.cfg
```

Now we can start syzkaller in a docker container:

```bash
docker run --privileged -it --rm \
    -v /tmp/syzkaller:/tmp/syzkaller \
    gvisor.dev/images/syzkaller:latest
```

All logs will be in /tmp/syzkaller/workdir.

# How to run a syz repro.

We need to repeat all preparation steps from the previous section and save a
syzkaller repro in /tmp/syzkaller/repro.

Now we can run syz-repro to reproduce a crash:

```bash
docker run --privileged -it --rm -v \
    /tmp/syzkaller:/tmp/syzkaller --entrypoint="" \
    gvisor.dev/images/syzkaller:latest ./bin/syz-repro -config \
    /tmp/syzkaller/syzkaller.cfg /tmp/syzkaller/repro
```
Add syzkaller docker image 2020-12-10 05:45:56 +00:00			`syzkaller is an unsupervised coverage-guided kernel fuzzer.`

Merge pull request #5403 from avagin:syzkaller3 PiperOrigin-RevId: 355047815 2021-02-02 00:08:49 +00:00			`* [Github](https://github.com/google/syzkaller)`
			`* [gVisor dashboard](https://syzkaller.appspot.com/gvisor)`
Add syzkaller docker image 2020-12-10 05:45:56 +00:00
			`# How to run syzkaller.`

images: Rework syzkaller documentation. PiperOrigin-RevId: 355660221 2021-02-04 18:39:04 +00:00			`First, we need to load a syzkaller docker image:`

			```bash
			`make load-syzkaller`
			```

			`or we can rebuild it to use an up-to-date version of the master branch:`

			```bash
			`make rebuild-syzkaller`
			```

			`Then we need to create a directory with all artifacts that we will need to run a`
			`syzkaller. Then we will bind-mount this directory to a docker container.`

			`We need to build runsc and place it on the artifact directory:`

			```bash
			`make RUNTIME_DIR=/tmp/syzkaller refresh`
			```

			`The next step is to create a syzkaller config. We can copy the default one and`
			`customize it:`

			```bash
			`cp images/syzkaller/default-gvisor-config.cfg /tmp/syzkaller/syzkaller.cfg`
			```

			`Now we can start syzkaller in a docker container:`

			```bash
			`docker run --privileged -it --rm \`
			`-v /tmp/syzkaller:/tmp/syzkaller \`
			`gvisor.dev/images/syzkaller:latest`
			```

			`All logs will be in /tmp/syzkaller/workdir.`
Add syzkaller docker image 2020-12-10 05:45:56 +00:00
			`# How to run a syz repro.`

images: Rework syzkaller documentation. PiperOrigin-RevId: 355660221 2021-02-04 18:39:04 +00:00			`We need to repeat all preparation steps from the previous section and save a`
			`syzkaller repro in /tmp/syzkaller/repro.`
Add syzkaller docker image 2020-12-10 05:45:56 +00:00
images: Rework syzkaller documentation. PiperOrigin-RevId: 355660221 2021-02-04 18:39:04 +00:00			`Now we can run syz-repro to reproduce a crash:`
Add syzkaller docker image 2020-12-10 05:45:56 +00:00
images: Rework syzkaller documentation. PiperOrigin-RevId: 355660221 2021-02-04 18:39:04 +00:00			```bash
Add escapes to newlines in syzkaller instructions. So they can be copy-pasted. PiperOrigin-RevId: 362605833 2021-03-12 22:51:03 +00:00			`docker run --privileged -it --rm -v \`
			`/tmp/syzkaller:/tmp/syzkaller --entrypoint="" \`
			`gvisor.dev/images/syzkaller:latest ./bin/syz-repro -config \`
images: Rework syzkaller documentation. PiperOrigin-RevId: 355660221 2021-02-04 18:39:04 +00:00			`/tmp/syzkaller/syzkaller.cfg /tmp/syzkaller/repro`
			```