perf_fuzzer perf_event syscall fuzzer

The perf_fuzzer tool automatically tests the perf_event_open() system call and attempts to find mostly-valid inputs that potentially crash (or worse) the Linux kernel.

The code has already found numerous denial of service bugs and at least one local root exploit.

A Tech Report describing the design of the fuzzer can be found here: 2015_perf_fuzzer_tr.pdf (12 May 2015).

The perf_fuzzer is available as part of the perf_event_test test suite.

Currently development is done via git at ; you can check out a version of the development tree via:
git clone git://

Read the README
See here for a list of bugs found.
Back to unofficial perf_events page