syzkaller is an unsupervised coverage-guided kernel fuzzer. Linux kernel fuzzing has the most support, akaros, freebsd, fuchsia, netbsd and windows are supported to varying degrees.

The project mailing list is [email protected]. You can subscribe to it with a google account or by sending an email to [email protected].

List of found bugs.

Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it's being extended to support other OS kernels as well. Most of the documentation at this moment is related to the Linux kernel. For other OS kernels check: Akaros, FreeBSD, Fuchsia, NetBSD, Windows.

• How to install syzkaller 重点3
• How to use syzkaller 重点2
• How syzkaller works 重点1
• How to contribute to syzkaller重点4
• How to report Linux kernel bugs重点5

• Kernel QA with syzkaller and qemu (tutorial on how to setup syzkaller with qemu)
• Syzkaller crash DEMO (tutorial on how to extend syzkaller with new syscalls) 重点
• Kernel debug tool with syzkaller (debugging qemu VM created by syz-manager with gdb)重点
• Coverage-guided kernel fuzzing with syzkaller (by David Drysdale)重点
• ubsan, kasan, syzkaller und co (video) (by Florian Westphal)重点
• Debugging a kernel crash found by syzkaller (by Quentin Casasnovas)重点
• Linux Plumbers 2016 talk slides重点
• syzkaller: the next gen kernel fuzzer (basics of operations, tutorial on how to run syzkaller and how to extend it to fuzz new drivers)

This is not an official Google product.