Skip to content
forked from compsec-snu/razzer

A Kernel fuzzer focusing on race bugs

Notifications You must be signed in to change notification settings

jbachell/razzer

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Razzer: Finding kernel race bugs through fuzzing

Environment setup

$ source scripts/envsetup.sh

scripts/envsetup.sh sets up necessary environment variables. One should select the kernel version during environment setup, for example, v4.17.

Install

Initialize kernels_repo submodule

Kernel source codes used in this project are in the other reprository which is included as a submodule. To initialize the submodule one should execute git submodule update command as a follow.

$ git submodule update --init --depth=1 kernels_repo

Dependencies

$ sudo apt install zlib libglib-dev python-setuptools quilt libssl-dev dwarfdump

Install toolchains / tools

$ scripts/install.sh

scripts/install.sh then installs all the rest necessary toolchains and tools.

Static analysis

The Razzer's static analysis is based on the LLVM toolchain and the SVF static analysis tool. See documents in docs/static-analysis.md.

Fuzzing

Razzer's two-phases fuzzing is based on Syzkaller. The deterministic scheduler is implemented using QEMU/KVM. See documents in docs/fuzzing.md.

Paper

Razzer: Finding Kernel Race Bugs through Fuzzing (IEEE S&P 2019)

Trophies

Contributors

About

A Kernel fuzzer focusing on race bugs

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 72.6%
  • Go 17.1%
  • C++ 4.1%
  • Assembly 1.6%
  • Objective-C 1.2%
  • Python 0.8%
  • Other 2.6%