Bachelor's Thesis

Fuzz Testing of Program Performance

Final Thesis 1.5 MB

Author of thesis: Ing. Matúš Liščinský

Acad. year: 2018/2019

Supervisor: doc. Mgr. Adam Rogalewicz, Ph.D.

Reviewer: Ing. Aleš Smrčka, Ph.D.

Abstract:

Fixing one issue sometimes brings another ten to the program. To detect these issues, especially performance issues, we often have to supply the program with input, that forces its worst-case behaviour. 
A popular solution to automatic inputs generation is so called fuzzing, however, its intention is to find functional bugs. In this work, we aim to construct an automatic generator of inputs whose task will be to trigger performance fluctuations. So we propose to tune fuzzing mutation rules and ways of processing the information about program run, to particularly trigger the performance bugs. We integrate our solution into a performance profile manager Perun, which stores information about every run as a profile and is able to compare these profiles to check for performance change. Therefore we can prove that executing with certain input takes more time or memory. We tested our fuzzer on several artificial projects, which shows its potential with generated inputs that prolong the runtime of the program. Such a solution would allow developers to regularly test every version of a project for performance bugs and avoid them completely by automatically finding new exhausting inputs before release.

Keywords:

performance bugs, fuzz testing, workload mutation, worst-case, algorithmic vulnerability, denial of service

Date of defence

10.06.2019

Result of the defence

Defended (thesis was successfully defended)

znamkaAznamka

Grading

A

Process of defence

Student nejprve prezentoval výsledky, kterých dosáhl v rámci své práce. Komise se poté seznámila s hodnocením vedoucího a posudkem oponenta práce. Student následně odpověděl na otázku oponenta a na další otázky přítomných. Komise se na základě posudku oponenta, hodnocení vedoucího, přednesené prezentace a odpovědí studenta na položené otázky rozhodla práci hodnotit stupněm "A".

Otázky u obhajoby:

  • Zdůrazněte výhody vlastního fuzz testeru oproti afl nebo PerfFuzz.

Language of thesis

Czech

Faculty

Fakulta informačních technologií

Department

Department of Intelligent Systems

Study programme

Information Technology (IT-BC-3)

Field of study

Information Technology (BIT)

Composition of Committee

prof. Ing. Tomáš Vojnar, Ph.D. (předseda)
prof. Ing. Jan M. Honzík, CSc. (místopředseda)
Ing. František Grézl, Ph.D. (člen)
doc. Ing. Jan Kořenek, Ph.D. (člen)
Ing. Aleš Smrčka, Ph.D. (člen)

Supervisor’s report
doc. Mgr. Adam Rogalewicz, Ph.D.

Grade proposed by supervisor: A

File inserted by supervisor Size
Hodnocení vedoucího [.pdf] 86,08 kB

Reviewer’s report
Ing. Aleš Smrčka, Ph.D.

Grade proposed by reviewer: A

File inserted by the reviewer Size
Posudek oponenta [.pdf] 87,32 kB

Responsibility: Mgr. et Mgr. Hana Odstrčilová