perf_fuzzer perf_event syscall fuzzer
The perf_fuzzer tool automatically tests the
perf_event_open() system call and attempts to find mostly-valid
inputs that potentially crash (or worse) the Linux kernel.
The code has already found numerous denial of service bugs and at
least one local root exploit.
A Tech Report describing the design of the fuzzer can be found here:
2015_perf_fuzzer_tr.pdf (12 May 2015).
The perf_fuzzer is available as part of the
perf_event_test test suite.
Currently development is done via git at
; you can check out a version
of the development tree via:
git clone git://github.com/deater/perf_event_tests
Read the README
See here for a list of bugs found.
Back to unofficial perf_events page