Differential Performance Fuzzing of Configuration Options (SBFT 2025)

Who

Haesue Baik, Chenyang Yang, Vasudev Vikram, Pooyan Jamshidi, Rohan Padhye, Christian Kästner

Track

SBFT 2025 Search-Based and Fuzz testing

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 28 Apr 2025 14:00 - 14:15 at 104 - Paper Presentations 2 and Tutorial 1 Chair(s): Alessio Gambi

Abstract

Highly-configurable software often includes performance-sensitive configuration options. There are performance expectations across different configurations, but these expectations may not hold, due to inaccurate mental models, corner cases, or unanticipated interactions with other options. We propose differential performance fuzzing of configuration options, a fuzzing technique that uses differential performance feedback to automatically identify inputs that violate these expectations for specific configuration changes. By guiding fuzzing toward scenarios where a supposedly faster configuration performs worse, differential performance fuzzing reveals unexpected performance behavior effectively. In our preliminary evaluation, our method identified unexpected performance gains in configurations presumed slower for 4 configuration options in Closure, demonstrating the potential for detecting performance issues in real-world applications.

Haesue Baik

University of Michigan

Chenyang Yang

Vasudev Vikram

Carnegie Mellon University

United States

Pooyan Jamshidi

University of South Carolina

United States

Rohan Padhye

Carnegie Mellon University

United States

Christian Kästner

Carnegie Mellon University

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 28 Apr
Displayed time zone: Eastern Time (US & Canada) change

14:00 - 15:30	Paper Presentations 2 and Tutorial 1SBFT at 104 Chair(s): Alessio Gambi Austrian Institute of Technology (AIT)

14:00 15m Research paper		Differential Performance Fuzzing of Configuration Options SBFT Haesue Baik University of Michigan, Chenyang Yang , Vasudev Vikram Carnegie Mellon University, Pooyan Jamshidi University of South Carolina, Rohan Padhye Carnegie Mellon University, Christian Kästner Carnegie Mellon University
14:15 15m Research paper		Multi-Phase Taint Analysis for JSON Inference in Search-Based Fuzzing SBFT Susruthan Seran , Onur Duman Kristiania University College, Andrea Arcuri Kristiania University College and Oslo Metropolitan University
14:30 60m Tutorial		Tutorial by Seongmin Lee SBFT Seongmin Lee Max Planck Institute for Security and Privacy (MPI-SP)