Abstract: The fuzzing test for Windows kernel and driver has the problem of invalid seed mutation and low efficiency. On the basis of the fuzzing test based on the system call interface, Intel processor trace was used to provide code coverage for driver vulnerability mining, and by maintaining the interface parameter data structure for targeted data mutation, kifuzzer, the driver fuzzing test framework was realized. Experiments show that kifuzzer is much more efficient than other driver mining methods for ioctl (input/output control).