syzkaller@googlegroups.com

M Qamar

unread,

Jan 9, 2026, 2:25:12 AM (3 days ago) Jan 9

to syzkaller

Hi,

Can syzkaller be fed an arbitrary syscall sequence to fuzz in c language? Or it supports syzlang descriptions only?

Regards,

Murtaza

Aleksandr Nogikh

unread,

Jan 9, 2026, 2:25:58 AM (3 days ago) Jan 9

to M Qamar, syzkaller

Hi Murtaza,

On Fri, Jan 9, 2026 at 8:25 AM M Qamar <mqama...@gmail.com> wrote:
>
> Hi,
>
> Can syzkaller be fed an arbitrary syscall sequence to fuzz in c language? Or it supports syzlang descriptions only?

Only what's defined via syzlang.

--
Aleksandr

>
> Regards,
> Murtaza
>

M Qamar

unread,

Jan 9, 2026, 2:47:50 AM (3 days ago) Jan 9

to Aleksandr Nogikh, syzkaller

A little context. I wish to fuzz my network driver's TX path using a similar syscall sequence to that of a socket program. So adding translated syzlang descriptions is my only option? Or can I try adding them via pseudo-syscalls as well?

Aleksandr Nogikh

unread,

Jan 9, 2026, 7:30:00 AM (3 days ago) Jan 9

to M Qamar, syzkaller

On Fri, Jan 9, 2026 at 8:47 AM M Qamar <mqama...@gmail.com> wrote:
>
> A little context. I wish to fuzz my network driver's TX path using a similar syscall sequence to that of a socket program. So adding translated syzlang descriptions is my only option? Or can I try adding them via pseudo-syscalls as well?

I'd say that depends on the amount/complexity of the required setup.
If it's simple, translating it to syzlang might be better so that
syzkaller can fuzz and mutate it. If it's tricky, pseudo syscalls or
adding more initialization code[1] may be the only realistic option.

[1] E.g. https://github.com/google/syzkaller/blob/master/executor/common_linux.h#L1490
or in similar places.

M Qamar

unread,

12:24 AM (6 hours ago) 12:24 AM

to syzkaller

Understood. Thanks!

Reply all

Reply to author

Forward