Differential Performance Fuzzing of Configuration Options
Highly-configurable software often includes performance-sensitive configuration options. There are performance expectations across different configurations, but these expectations may not hold, due to inaccurate mental models, corner cases, or unanticipated interactions with other options. We propose differential performance fuzzing of configuration options, a fuzzing technique that uses differential performance feedback to automatically identify inputs that violate these expectations for specific configuration changes. By guiding fuzzing toward scenarios where a supposedly faster configuration performs worse, differential performance fuzzing reveals unexpected performance behavior effectively. In our preliminary evaluation, our method identified unexpected performance gains in configurations presumed slower for 4 configuration options in Closure, demonstrating the potential for detecting performance issues in real-world applications.
Mon 28 AprDisplayed time zone: Eastern Time (US & Canada) change
14:00 - 15:30 | Paper Presentations 2 and Tutorial 1SBFT at 104 Chair(s): Alessio Gambi Austrian Institute of Technology (AIT) | ||
14:00 15mResearch paper | Differential Performance Fuzzing of Configuration Options SBFT Haesue Baik University of Michigan, Chenyang Yang , Vasudev Vikram Carnegie Mellon University, Pooyan Jamshidi University of South Carolina, Rohan Padhye Carnegie Mellon University, Christian Kästner Carnegie Mellon University | ||
14:15 15mResearch paper | Multi-Phase Taint Analysis for JSON Inference in Search-Based Fuzzing SBFT Susruthan Seran , Onur Duman Kristiania University College, Andrea Arcuri Kristiania University College and Oslo Metropolitan University | ||
14:30 60mTutorial | Tutorial by Seongmin Lee SBFT Seongmin Lee Max Planck Institute for Security and Privacy (MPI-SP) |