diff --git a/autotest.sh b/autotest.sh
index d92d06c43..0de6d9811 100755
--- a/autotest.sh
+++ b/autotest.sh
@@ -346,7 +346,11 @@ if [ $SPDK_RUN_FUNCTIONAL_TEST -eq 1 ]; then
 	if [[ $SPDK_TEST_FUZZER -eq 1 ]]; then
 		# TODO: Consider re-using test/fuzz directory for all fuzzing tests with proper
 		# structure, e.g.: test/fuzz/nvmf/*, test/fuzz/vfio/*, etc.
-		run_test "nvmf_llvm_fuzz" test/nvmf/target/llvm_nvme_fuzz.sh
+		if [[ $SPDK_TEST_VFIOUSER -eq 1 ]]; then
+			run_test "nvmf_vfio_llvm_fuzz" test/nvmf/target/llvm_vfio_fuzz.sh
+		else
+			run_test "nvmf_llvm_fuzz" test/nvmf/target/llvm_nvme_fuzz.sh
+		fi
 	fi
 fi
 
diff --git a/test/nvmf/target/fuzz_vfio_json.conf b/test/nvmf/target/fuzz_vfio_json.conf
new file mode 100644
index 000000000..36123a3b5
--- /dev/null
+++ b/test/nvmf/target/fuzz_vfio_json.conf
@@ -0,0 +1,89 @@
+{
+  "subsystems": [
+    {
+      "subsystem": "bdev",
+      "config": [
+        {
+          "method": "bdev_malloc_create",
+          "params": {
+            "name": "Malloc0",
+            "num_blocks": 131072,
+            "block_size": 512,
+            "uuid": "6d6a0bf0-b712-40a7-8730-8f45797cc355"
+          }
+        },
+        {
+          "method": "bdev_wait_for_examine"
+        }
+      ]
+    },
+    {
+      "subsystem": "nvmf",
+      "config": [
+        {
+          "method": "nvmf_set_config",
+          "params": {
+            "poll_groups_mask": "0x1",
+            "admin_cmd_passthru": {
+              "identify_ctrlr": false
+            }
+          }
+        },
+        {
+          "method": "nvmf_create_transport",
+          "params": {
+            "trtype": "VFIOUSER",
+            "max_queue_depth": 128,
+            "max_io_qpairs_per_ctrlr": 127,
+            "in_capsule_data_size": 4096,
+            "max_io_size": 131072,
+            "io_unit_size": 8192,
+            "max_aq_depth": 128,
+            "num_shared_buffers": 511,
+            "buf_cache_size": 32,
+            "dif_insert_or_strip": false,
+            "c2h_success": false,
+            "sock_priority": 0,
+            "abort_timeout_sec": 1
+          }
+        },
+        {
+          "method": "nvmf_create_subsystem",
+          "params": {
+            "nqn": "nqn.2016-06.io.spdk:cnode1",
+            "allow_any_host": true,
+            "serial_number": "SPDK00000000000001",
+            "model_number": "SPDK bdev Controller",
+            "max_namespaces": 32,
+            "min_cntlid": 1,
+            "max_cntlid": 65519,
+            "ana_reporting": false
+          }
+        },
+        {
+          "method": "nvmf_subsystem_add_ns",
+          "params": {
+            "nqn": "nqn.2016-06.io.spdk:cnode1",
+            "namespace": {
+              "nsid": 1,
+              "bdev_name": "Malloc0",
+              "nguid": "6D6A0BF0B71240A787308F45797CC355",
+              "uuid": "6d6a0bf0-b712-40a7-8730-8f45797cc355"
+            }
+          }
+        },
+        {
+          "method": "nvmf_subsystem_add_listener",
+          "params": {
+            "nqn": "nqn.2016-06.io.spdk:cnode1",
+            "listen_address": {
+              "trtype": "VFIOUSER",
+              "traddr": "/tmp/vfio-user/domain/1",
+              "trsvcid": "0"
+            }
+          }
+        }
+      ]
+    }
+  ]
+}
diff --git a/test/nvmf/target/llvm_vfio_fuzz.sh b/test/nvmf/target/llvm_vfio_fuzz.sh
new file mode 100755
index 000000000..e23fee5d7
--- /dev/null
+++ b/test/nvmf/target/llvm_vfio_fuzz.sh
@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+if [[ $SPDK_TEST_FUZZER_SHORT -eq 0 ]]; then
+	TIME=60000
+else
+	TIME=1
+fi
+
+for i in "$@"; do
+	case "$i" in
+		--time=*)
+			TIME="${i#*=}"
+			;;
+	esac
+done
+
+VFIOUSER_DIR=/tmp/vfio-user/domain/1
+mkdir -p $VFIOUSER_DIR
+
+function start_llvm_fuzz() {
+	local fuzzer_type=$1
+	local corpus_dir
+	corpus_dir=/tmp/llvm_fuzz$fuzzer_type
+	mkdir -p $corpus_dir
+	$rootdir/test/app/fuzz/llvm_vfio_fuzz/llvm_vfio_fuzz -m 0x1 -i 0 -F $VFIOUSER_DIR -c $testdir/fuzz_vfio_json.conf -t $TIME -D $corpus_dir -Z $fuzzer_type
+}
+
+function run_fuzz() {
+	local startday
+	local today
+	local interval=0
+	local weekloop
+	# Get the date number, format is like '22078'
+	# The purpose is when Jenkins schedule one fuzz in Saturday
+	# We can decide which one fuzz will be run , there are lots of fuzz, but only run one of them in Saturday each time
+	# and make sure all fuzz will be tested, so use this function. Such run fuzz 0 in 03/26, and run fuzz 1 in 04/02, run fuzz 2 in 04/09 ....
+	startday=$(date -d '2022-03-19' '+%y%j')
+	today=$(date '+%y%j')
+	interval=$(((today - startday) / 7))
+	weekloop=$((interval / fuzz_num))
+	if [[ $weekloop -lt 1 ]]; then # The first loop of fuzz
+		fuzzer_type=$interval
+	else
+		fuzzer_type=$((interval % fuzz_num))
+	fi
+	start_llvm_fuzz $fuzzer_type
+}
+
+testdir=$(readlink -f $(dirname $0))
+rootdir=$(readlink -f $testdir/../../..)
+source $rootdir/test/common/autotest_common.sh
+
+fuzzfile=$rootdir/test/app/fuzz/llvm_vfio_fuzz/llvm_vfio_fuzz.c
+fuzz_num=$(($(grep -c "fn =" $fuzzfile) - 1))
+[[ $fuzz_num -ne 0 ]]
+
+trap 'process_shm --id 0; rm -rf /tmp/llvm_fuzz* $VFIOUSER_DIR; exit 1' SIGINT SIGTERM EXIT
+
+if [[ $SPDK_TEST_FUZZER_SHORT -eq 1 ]]; then
+	for ((i = 0; i < fuzz_num; i++)); do
+		start_llvm_fuzz $i
+	done
+elif [[ $SPDK_TEST_FUZZER -eq 1 ]]; then
+	run_fuzz
+else
+	start_llvm_fuzz $1
+fi
+
+rm -rf /tmp/llvm_fuzz* $VFIOUSER_DIR
+trap - SIGINT SIGTERM EXIT