Fuzz testing is a random testing technique that is effective at finding bugs in large software programs and protocols. We investigate if the technology can be used to find bugs in multi-threaded applications by fuzzing a real-time embedded avionics platform together with a tool specialized at finding data races between multiple threads. We choose to fuzz an API (available to applications executing on top) of the platform. This thesis evaluates aspects of integrating a fuzzing program, AFL and a sanitizer, ThreadSanitizer with an embedded system. We investigate the modifications needed to create a correct run-time environment for the system, including supplying test data in a safe manner and we discuss hardware dependencies. We present a setup where we show that the tools can be used to find planted data races, however slowdown introduced by the tools is significant and the fuzzer only managed to find very simple planted data races during the test runs. Our findings also indicate what appear to be conflicts in instrumentation between the fuzzer and the sanitizer.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-153310 |
| Date | January 2018 |
| Creators | Johansson, Viktor, Vallén, Alexander |
| Publisher | Linköpings universitet, Programvara och system, Linköpings universitet, Programvara och system |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0018 seconds