A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Filters
Symbolic Liveness Analysis of Real-World Software
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
Liveness violation bugs are notoriously hard to detect, especially due to the difficulty inherent in applying formal methods to realworld programs. We present a generic and practically useful liveness property which defines a program as being live as long as it will eventually either consume more input or terminate. We show that this property naturally maps to many different kinds of real-world programs. To demonstrate the usefulness of our liveness property, we also present an algorithm that
doi:10.1007/978-3-319-96142-2_27
fatcat:p4w26obtxnafne6jjl6kev7w2u
more »
... n be efficiently implemented to dynamically find lassos in the target program's state space during Symbolic Execution. This extends Symbolic Execution, a well known dynamic testing technique, to find a new class of program defects, namely liveness violations, while only incurring a small runtime and memory overhead, as evidenced by our evaluation. The implementation of our method found a total of five previously undiscovered software defects in BusyBox and the GNU Coreutils. All five defects have been confirmed and fixed by the respective maintainers after shipping for years, most of them well over a decade.
Artifact for the CAV 2018 Paper: Symbolic Liveness Analysis of Real-World Software
[article]
2018
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Liveness violation bugs are notoriously hard to detect, especially due to the difficulty inherent in applying formal methods to real-world programs. We present a generic and practically useful liveness property which defines a program as being live as long as it will eventually either consume more input or terminate. We show that this property naturally maps to many different kinds of real-world programs. To demonstrate the usefulness of our liveness property, we also present an algorithm that
doi:10.5281/zenodo.5771192
fatcat:swjizh2hkveenfqyr75yibsksq
more »
... an be efficiently implemented to dynamically find lassos in the target program's state space during Symbolic Execution. This extends Symbolic Execution, a well known dynamic testing technique, to find a new class of program defects, namely liveness violations, while only incurring a small runtime and memory overhead, as evidenced by our evaluation. The implementation of our method found a total of five previously undiscovered software defects in BusyBox and the GNU Coreutils. All five defects have been confirmed and fixed by the respective maintainers after shipping for years, most of them well over a decade. Artifact To get started, import the VM and increase its memory allowance as high as reasonable on your system before booting the VM. You can find all our artifact files in /home/cav/Desktop/Evaluation/ (a directory placed on the desktop), including our documentation, which is named README.pdf (alternatively available as README.md markdown document). The documentation is also linked from the desktop. Additional information about the VM image is available in the accompanying text document (cav18-SymbolicLivenessAnalysis.txt). Project Repository https://github.com/COMSYS/SymbolicLivenessAnalysis
Scalable Symbolic Execution of Distributed Systems
2011
2011 31st International Conference on Distributed Computing Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
Recent advances in symbolic execution have proposed a number of promising solutions to automatically achieve high-coverage and explore non-determinism during testing. This attractive testing technique of unmodified software assists developers with concrete inputs and deterministic schedules to analyze erroneous program paths. Being able to handle complex systems' software, these tools only consider single software instances and not their distributed execution which forms the core of distributed
doi:10.1109/icdcs.2011.28
dblp:conf/icdcs/SasnauskasDKWWK11
fatcat:dqjzcaisfbb4pctph5wvvx5sti
more »
... systems. The step to symbolic distributed execution is however steep, posing two core challenges: (1) additional state growth and (2) the state intra-dependencies resulting from communication. In this paper, we present SDE-a novel approach enabling scalable symbolic execution of distributed systems. The key contribution of our work is two-fold. First, we generalize the problem space of SDE and develop an algorithm significantly eliminating redundant states during testing. The key idea is to benefit from the nodes' local communication minimizing the number of states representing the distributed execution. Second, we demonstrate the practical applicability of SDE in testing with three sensornet scenarios running Contiki OS.
Symbolic System Time in Distributed Systems Testing
2012
2012 IEEE Fifth International Conference on Software Testing, Verification and Validation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We propose an extension of symbolic execution of distributed systems to test software parts related to timing. Currently, the execution model is limited to symbolic input for individual nodes, not capturing the important class of timing errors resulting from varying network conditions. In this paper, we introduce symbolic system time in order to systematically find timing-related bugs in distributed systems. Instead of executing time events at a concrete time, we execute them at a set of times
doi:10.1109/icst.2012.193
dblp:conf/icst/DustmannSW12
fatcat:4t2qax2blrhjpbuqicbcodrvvy
more »
... nd analyse possible event interleavings on demand. We detail on the resulting problem space, discuss possible algorithmic optimisations, and highlight our future research directions.
PARTI: a multi-interval theory solver for symbolic execution
2018
Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering - ASE 2018
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Symbolic execution is an effective program analysis technique whose scalability largely depends on the ability to quickly solve large numbers of first-order logic queries. We propose an effective general technique for speeding up the solving of queries in the theory of arrays and bit-vectors with a specific structure, while otherwise falling back to a complete solver. The technique has two stages: a learning stage that determines the solution sets of each symbolic variable, and a decision stage
doi:10.1145/3238147.3238179
dblp:conf/kbse/DustmannWC18
fatcat:csy3jclrubb7to5xy6givk7eom
more »
... that uses this information to quickly determine the satisfiability of certain types of queries. The main challenges involve deciding which operators to support and precisely dealing with integer type casts and arithmetic underflow and overflow. We implemented this technique in an incomplete solver called PARTI ("PARtial Theory solver for Intervals"), directly integrating it into the popular KLEE symbolic execution engine. We applied KLEE with PARTI and a state-of-the-art SMT solver to synthetic and real-world benchmarks. We found that PARTI practically does not hurt performance while many times achieving order-of-magnitude speedups. CCS CONCEPTS • Theory of computation → Constraint and logic programming; • Software and its engineering → Software testing and debugging;
Integrating symbolic execution with sensornet simulation for efficient bug finding
2010
Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems - SenSys '10
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
High-coverage testing of sensornet applications is vital for pre-deployment bug cleansing, but has previously been difficult due to the limited set of available tools. We integrate the KleeNet symbolic execution engine with the COOJA network simulator to allow for straight-forward and intuitive high-coverage testing initiated from a simulation environment. A tight coupling of simulation and testing helps detect, narrow down, and fix complex interaction bugs in an early development phase. We
doi:10.1145/1869983.1870034
dblp:conf/sensys/OsterlindDSDW10
fatcat:72azuy7invgf3p7hxvz6cehmzm
more »
... nstrate the seamless transition between COOJA simulation and KleeNet symbolic execution. Our framework enables future research in how highcoverage testing tools could be used in cooperation with simulation tools.
Masthead
2012
PIK - Praxis der Informationsverarbeitung und Kommunikation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Soria Dustmann
Effizientes Auffinden von Fehlern in Verteilten
Systemen mit Symbolischer Ausführung
289
Alois Potton
Das Review
309 ...
von Suchodoletz
A Practical Approach to System Preservation
Workflows
269
Beiträge von KuVS Preisträgern
Ralph Lange
Scalable Management of Trajectories and
Context Model Descriptions
281
Oscar ...
doi:10.1515/pik-2012-masthead4
fatcat:jfftzrgtszajvn3ckvif54ljmi
Estimating the number of remaining links in traceability recovery
2016
Empirical Software Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Soria Dustmann, Klaus Wehrle, and Cristian Cadar -RWTH Aachen University, Germany; Imperial College London, UK . . ...
Presenters: Benoit Baudry, Vincent Massol, and Oscar Luis Vera Pérez. • Re-Engineering Software Variability into Software Product Lines. ...
doi:10.1007/s10664-016-9460-6
fatcat:zwg7g4zphrb5tfro767hu2oc5m
Report from Dagstuhl Seminar 14442 Symbolic Execution and Constraint Solving
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
(RWTH Aachen University, DE)Creative Commons BY 3.0 Unported license © Oscar Soria Dustmann License
Willem Visser (Stellenbosch University -Matieland, ZA) Creative Commons BY 3.0 Unported license ...
Joint work of Hillery, Ben; Mercer, Eric; Rungta, Neha; Person, Suzette Neha Rungta (NASA -Moffett Field, US)
License
Creative Commons BY 3.0 Unported license
© Neha Rungta
Oscar Soria Dustmann ...
fatcat:gcfdyfgmf5hrremjjwd2buskvy
Integration testing of protocol implementations using symbolic distributed execution
2012
2012 20th IEEE International Conference on Network Protocols (ICNP)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We also thank Vitaly Chipounov and Oscar Soria Dustmann for helping us to improve the quality of the paper. This work is partly supported by DFG UMIC research cluster of RWTH Aachen University. ...
doi:10.1109/icnp.2012.6459940
dblp:conf/icnp/SasnauskasKJW12
fatcat:amcerirhqfcjnhgp3ocx4rehym
Covrig: a framework for the analysis of code, test, and coverage evolution in real software
2014
Proceedings of the 2014 International Symposium on Software Testing and Analysis - ISSTA 2014
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
ACKNOWLEDGEMENTS We thank our anonymous reviewers for their constructive comments, and Oscar Soria Dustmann and Hristina Palikareva for their careful proofreading of the text. ...
doi:10.1145/2610384.2610419
dblp:conf/issta/MarinescuHC14
fatcat:pabsfaoydbg4jbrt6as7msiwf4
Globalizing Domain-Specific Languages (Dagstuhl Seminar 14412) Optimal Algorithms and Proofs (Dagstuhl Seminar 14421) Modeling, Verification, and Control of Complex Systems for Energy Networks (Dagstuhl Seminar 14441) Symbolic Execution and Constraint Solving (Dagstuhl Seminar 14442)
2014
Constraints
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Soria Dustmann (RWTH Aachen University, DE)Creative Commons BY 3.0 Unported license © Oscar Soria Dustmann License
4 4 1 1
4 4 1 1
4 4 1 1
4 4 1 1
-Constraints, Optimization ...
Soria Dustmann . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Symbolic Execution and Model Counting Willem Visser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
fatcat:zxrfsk6qcjharpg4vb5hosp4bu