Filters








1,771 Hits in 4.2 sec

State-taint analysis for detecting resource bugs

Zhiwu Xu, Cheng Wen, Shengchao Qin
2018 Science of Computer Programming  
Then we propose a taint-like analysis which takes resource protocols as a guide to detect resource bugs.  ...  But most of them are sophisticated to use for resource bugs detection in practice and do not concern about the issue that an opened resource should be used.  ...  STATE-TAINT ANALYSIS In this section, we present a static analysis called statetaint analysis to detect resource bugs.  ... 
doi:10.1016/j.scico.2017.06.010 fatcat:in4hxsngdngl5iywm3ecw2v35a

State-Taint Analysis for Detecting Resource Bugs

Zhiwu Xu, Dongxiao Fan, Shengchao Qin
2016 2016 10th International Symposium on Theoretical Aspects of Software Engineering (TASE)  
Then we propose a taint-like analysis which takes resource protocols as a guide to detect resource bugs.  ...  But most of them are sophisticated to use for resource bugs detection in practice and do not concern about the issue that an opened resource should be used.  ...  STATE-TAINT ANALYSIS In this section, we present a static analysis called statetaint analysis to detect resource bugs.  ... 
doi:10.1109/tase.2016.17 dblp:conf/tase/XuFQ16 fatcat:bi5z6enxtvgz3h7rblaoxaizmm

GreenDroid: Automated Diagnosis of Energy Inefficiency for Smartphone Applications

Yepang Liu, Chang Xu, S. C. Cheung, Jian Lu
2014 IEEE Transactions on Software Engineering  
GreenDroid completed energy efficiency diagnosis for these applications in a few minutes.  ...  It monitors sensor and wake lock operations to detect missing deactivation of sensors and wake locks.  ...  We greatly thank TSE editors and anonymous reviewers for their valuable comments for improving the conference version and this extended version.  ... 
doi:10.1109/tse.2014.2323982 fatcat:fcyym3twpbbqjjhf5jsackyux4

CloudER

Ping Chen, Dongyan Xu, Bing Mao
2012 Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security - ASIACCS '12  
CloudER leverages an existing taint-based system (Demand Emulation) for runtime anomaly detection, employs new algorithms for software vulnerability location and patch generation, and adapts a virtual  ...  In addition to elastic resource provisioning for the VMs, a desirable "value-added" service the cloud provider can provide is the emergency response to runtime incidences of software bugs and vulnerabilities  ...  ACKNOWLEDGMENTS We would like to thank the anonymous reviewers for their helpful comments.  ... 
doi:10.1145/2414456.2414485 dblp:conf/ccs/ChenXM12 fatcat:26gepyy5rrgydnftb3qlk2v2oy

Probabilistic bug-masking analysis for post-silicon tests in microprocessor verification

Doowon Leey, Tom Kolanz, Arkadiy Morgenshteinz, Vitali Sokhinz, Ronny Moradz, Avi Ziv, Valeria Bertaccoy
2016 Proceedings of the 53rd Annual Design Automation Conference on - DAC '16  
Post-silicon validation flows, however, are challenged by limited signal observability, which impacts their ability of diagnosing and detecting bugs.  ...  To this end, we propose an efficient, static bug-masking analysis solution, called BugMAPI.  ...  Moreover, in our case, all instruction resources are potential sources of bugs, while in taint analysis only data from untrusted devices is tracked.  ... 
doi:10.1145/2897937.2898072 dblp:conf/dac/LeeKMSMZB16 fatcat:3cmsnktl7faexjfffdxxndb5fu

IntFinder: Automatically Detecting Integer Bugs in x86 Binary Program [chapter]

Ping Chen, Hao Han, Yi Wang, Xiaobin Shen, Xinchun Yin, Bing Mao, Li Xie
2009 Lecture Notes in Computer Science  
Recently, Integer bugs have been increasing sharply and become the notorious source of bugs for various serious attacks.  ...  In this paper, we propose a tool, IntFinder, which can automatically detect Integer bugs in a x86 binary program. We implement IntFinder based on a combination of static and dynamic analysis.  ...  Taint Analysis We find that Integer bugs often exist in the applications which get input resources just like network package, configuration file, database file, user command and so on.  ... 
doi:10.1007/978-3-642-11145-7_26 fatcat:jr6tcjo3fbd7beqxmmnzqfgmm4

Optimization in Power Usage of Smartphones

Balaji A.Naik, R.K. Chavan
2015 International Journal of Computer Applications  
The demand for smartphones and mobile based applications is growing very fast since past few years. Thousands of applications on Google Play store received millions of downloads.  ...  Many such application contains various kinds of power bugs which leads to unnecessary processes running in the system. There is large scope to optimize power utilization in smartphones.  ...  Different tools have been developed for detecting resource leaks [41] . For example, QVM [41] is a specialized runtime environment for detecting problems in Java programs.  ... 
doi:10.5120/21165-4224 fatcat:5ylsbwdgezahviqzayzkjeji3q

Automating presentation changes in dynamic web applications via collaborative hybrid analysis

Xiaoyin Wang, Lu Zhang, Tao Xie, Yingfei Xiong, Hong Mei
2012 Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering - FSE '12  
We implemented our approach for the PHP language and carried out an empirical study on 39 presentation-change tasks identified from 600 bug reports of three real-world dynamic web applications (in total  ...  As manually performing presentation changes in dynamic web applications is tedious and error-prone, we propose a novel approach based on collaborative hybrid analysis that combines static analysis and  ...  RELATED WORK For convenience, we classify related research into seven categories: string-taint analysis, dynamic taint analysis, impact analysis, hybrid analysis, automated support for presentation changes  ... 
doi:10.1145/2393596.2393614 dblp:conf/sigsoft/WangZXXM12 fatcat:ruzqa4lsdjd4recfxm2q7jpsia

TFix+: Self-configuring Hybrid Timeout Bug Fixing for Cloud Systems [article]

Jingzhu He, Ting Dai, Xiaohui Gu
2021 arXiv   pre-print
Previous work proposed solutions for fixing specific type of timeout-related performance bugs.  ...  TFix+ provides two new hybrid schemes for fixing misused and missing timeout bugs, respectively.  ...  For example, Figure 4 shows how TFix + uses the static taint analysis to identify the misused timeout variable for the HDFS-4301 bug.  ... 
arXiv:2110.04101v1 fatcat:bgnjrhmgzndvfc5bf3h77cghve

Tolerating hardware device failures in software

Asim Kadav, Matthew J. Renzelmann, Michael M. Swift
2009 Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles - SOSP '09  
With the aid of shadow drivers for recovery, Carburizer can automatically repair 840 of these bugs with no programmer involvement.  ...  Finally, the Carburizer runtime can detect and tolerate interrupt-related bugs, such as stuck or missing interrupts.  ...  We would also like to thank Ben Liblit for helpful discussions during the initial stages of the project and our shepherd Miguel Castro for his useful advice.  ... 
doi:10.1145/1629575.1629582 dblp:conf/sosp/KadavRS09 fatcat:vspbtt3razg55fqzb7gi5mjgcu

Improving security using extensible lightweight static analysis

D. Evans, D. Larochelle
2002 IEEE Software  
This paper describes an extensible tool that uses lightweight static analysis to detect common security vulnerabilities (including buffer overflows and format string vulnerabilities) and can be readily  ...  extended to detect new vulnerabilities.  ...  All other transfers (for example, untainted as tainted) are implicitly permitted and leave the transferred object in its original state.  ... 
doi:10.1109/52.976940 fatcat:b6uozxksebgnnf5y3vqisr63hi

Exception analysis in the Java Native Interface

Siliang Li, Gang Tan
2014 Science of Computer Programming  
This paper introduces a static-analysis framework, TurboJet, which finds exception-related bugs in JNI applications.  ...  It finds bugs of inconsistent exception declarations and bugs of mishandling JNI exceptions. TurboJet is carefully engineered to achieve both high efficiency and accuracy.  ...  Acknowledgment We would like to thank Martin Hirzel and Kathryn McKinley for their helpful comments. We also want to thank the anonymous reviewers for their constructive comments.  ... 
doi:10.1016/j.scico.2014.01.018 fatcat:3plwnryatzawrjvupdpoofbr34

Hardware Supported Flexible Monitoring: Early Results [chapter]

Atonia Zhai, Guojin He, Mats P. E. Heimdahl
2009 Lecture Notes in Computer Science  
We use separate cores for the execution of the application to be monitored and the monitors.  ...  We augment each core with identical programmable extraction logic that can observe an application executing on the core as its program state changes.  ...  information and competition for shared resources.  ... 
doi:10.1007/978-3-642-04694-0_12 fatcat:tmt4xzudwfez7fkxjnf3ymjtwi

Asynchronous programming, analysis and testing with state machines

Pantazis Deligiannis, Alastair F. Donaldson, Jeroen Ketema, Akash Lal, Paul Thomson
2015 Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI 2015  
We present P#, a language for high-reliability asynchronous programming co-designed with a static data race analysis and systematic concurrency testing infrastructure.  ...  Previous work has only addressed these challenges in isolation, by either designing a new declarative language, a new data race detection tool or a new testing technique.  ...  Finally, we would like to thank the anonymous reviewers and artifact evaluation committee for their comments.  ... 
doi:10.1145/2737924.2737996 dblp:conf/pldi/DeligiannisDKLT15 fatcat:flis2xrpgra45d336ynhbr3gea

Asynchronous programming, analysis and testing with state machines

Pantazis Deligiannis, Alastair F. Donaldson, Jeroen Ketema, Akash Lal, Paul Thomson
2015 SIGPLAN notices  
We present P#, a language for high-reliability asynchronous programming co-designed with a static data race analysis and systematic concurrency testing infrastructure.  ...  Previous work has only addressed these challenges in isolation, by either designing a new declarative language, a new data race detection tool or a new testing technique.  ...  Finally, we would like to thank the anonymous reviewers and artifact evaluation committee for their comments.  ... 
doi:10.1145/2813885.2737996 fatcat:llnqkex4qfd2biiij5vtflyhhi
« Previous Showing results 1 — 15 out of 1,771 results