Prerequisites:
go1.8+ toolchain (can be downloaded from here)
Android Serial Cable or Suzy-Q device to capture console output is preferable but optional. syzkaller can work with normal USB cable as well, but that can be somewhat unreliable and turn lots of crashes into “lost connection to test machine” crashes with no additional info.
Build syzkaller
In case you have old Android /dev/ion driver:
cp sys/android/* sys/linux make generate
Then:
make TARGETOS=linux TARGETARCH=arm64
"type": "adb" and specify adb devices to use. For example:{
"target": "linux/arm64",
"http": "localhost:50000",
"workdir": "/gopath/src/github.com/google/syzkaller/workdir",
"syzkaller": "/gopath/src/github.com/google/syzkaller",
"sandbox": "none",
"procs": 8,
"type": "adb",
"vm": {
"devices": ["ABCD000010"]
}
}
syz-manager -config adb.cfg as usual.If you get issues after syz-manager starts, consider running it with the -debug flag. Also see this page for troubleshooting tips and Building a Pixel kernel with KASAN+KCOV or Building a PH-1 kernel with KASAN+KCOV for kernel build/boot instructions.