1# How to use syzkaller 2 3## Running 4 5Start the `syz-manager` process as: 6``` 7./bin/syz-manager -config my.cfg 8``` 9 10The `syz-manager` process will wind up VMs and start fuzzing in them. 11The `-config` command line option gives the location of the configuration file, which is [described here](configuration.md). 12Found crashes, statistics and other information is exposed on the HTTP address specified in the manager config. 13 14## Crashes 15 16Once syzkaller detected a kernel crash in one of the VMs, it will automatically start the process of reproducing this crash (unless you specified `"reproduce": false` in the config). 17By default it will use 4 VMs to reproduce the crash and then minimize the program that caused it. 18This may stop the fuzzing, since all of the VMs might be busy reproducing detected crashes. 19 20The process of reproducing one crash may take from a few minutes up to an hour depending on whether the crash is easily reproducible or reproducible at all. 21Since this process is not perfect, there's a way to try to manually reproduce the crash, as described [here](reproducing_crashes.md). 22 23If a reproducer is successfully found, it can be generated in one of the two forms: syzkaller program or C program. 24Syzkaller always tries to generate a more user-friendly C reproducer, but sometimes fails for various reasons (for example slightly different timings). 25In case syzkaller only generated a syzkaller program, there's [a way to execute them](reproducing_crashes.md) to reproduce and debug the crash manually. 26 27## Reporting bugs 28 29Check [here](linux/reporting_kernel_bugs.md) for the instructions on how to report Linux kernel bugs. 30 31## Other 32 33[How to connect several managers via Hub](hub.md) 34