perf_fuzzer perf_event syscall fuzzer

The perf_fuzzer tool automatically tests the perf_event_open() system call and attempts to find mostly-valid inputs that potentially crash (or worse) the Linux kernel.

The code has already found numerous denial of service bugs and at least one local root exploit.

An article on the perf_fuzzer appeared on LWN.net: Fuzzing perf_events (5 August 2015)

A Tech Report describing the design of the fuzzer can be found here: 2015_perf_fuzzer_tr.pdf (12 May 2015).

The perf_fuzzer is available as part of the perf_event_test test suite.

Currently development is done via git at https://github.com/deater/perf_event_tests ; you can check out a version of the development tree via:
git clone git://github.com/deater/perf_event_tests

Read the README
See here for a list of bugs found.
Back to unofficial perf_events page