This example shows a trivial fuzzer for Zircon system calls.
Configure your build to use Kernel Address Sanitizer:
fx set core.qemu-x64 --with //examples/fuzzers/zx --variant=kasan fx build
You'll want to open 4 terminals to run this program. In terminal 1, start the emulator:
fx qemu -kN
In terminal 2, serve package updates:
fx serve-updates
In terminal 3, read the logs:
fx log
In terminal 4, start the component:
ffx component run fuchsia-pkg://fuchsia.com/example-fuzzers#meta/hello-fuzzy-world.cm --recreate
The log should show the component issuing many pointless system calls. The kernel should safely reject all these calls. If it does not, please file a bug!