All About the perf_fuzzer

Session information has not yet been published for this event.


One Line Summary

Experiences gained while fuzzing the complex perf_event_open() system call.


The perf_fuzzer tool does targeted fuzzing of the complex perf_event_open() system call. Extensive knowledge of the perf_event interface is used to ensure generation of mostly-correct inputs. This includes taking into account interactions with various other kernel interfaces and system calls that are not easily determined via pure random guessing.

Scores of bugs have been found and fixed in the Linux kernel, many with security implications. It is still possible to crash the Linux kernel using the perf_fuzzer, but the crashes triggered are increasingly hard to debug and isolate.


perf, fuzzing, perf_event_open, perf_fuzzer


  • Vincent Weaver

    University of Maine


    An Assistant Professor at the University of Maine, Vince Weaver has been using Linux since 1995. He is the author of various open source programs, including perf_fuzzer and linux_logo.