Finding kernel race bugs through fuzzing

$ source scripts/

scripts/ sets up necessary environment variables. One should select the kernel version during environment setup, for example, v4.17.

Initialize kernels_repo submodule

Kernel source codes used in this project are in the other reprository which is included as a submodule. To initialize the submodule one should execute git submodule update command as a follow.

$ git submodule update --init --depth=1 kernels_repo


$ sudo apt install zlib libglib-dev python-setuptools quilt libssl-dev dwarfdump

Install toolchains / tools

$ scripts/

scripts/ then installs all the rest necessary toolchains and tools.

The Razzer’s static analysis is based on the LLVM toolchain and the SVF static analysis tool. See documents in docs/

Razzer’s two-phases fuzzing is based on Syzkaller. The deterministic scheduler is implemented using QEMU/KVM. See documents in docs/

Razzer: Finding Kernel Race Bugs through Fuzzing (IEEE S&P 2019)

  • Dae R. Jeong ([email protected])
  • Kyungtae Kim ([email protected])
  • Basavesh Ammanaghatta Shivakumar ([email protected])
  • Byoungyoung Lee ()
  • Insik Shin ([email protected])


GitHub – compsec-snu/razzer: A Kernel fuzzer focusing on race bugs

A Kernel fuzzer focusing on race bugs. Contribute to compsec-snu/razzer development by creating an account on GitHub.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GIPHY App Key not set. Please check settings

US Justice Dept Launches Civil Cyber-Fraud Initiative to Combat Online Crime

Colorffy 2.0 — Find or create harmonious color combinations