A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf
.
Filters
Detecting Kernel Refcount Bugs with Two-Dimensional Consistency Checking
2021
USENIX Security Symposium
In the Linux kernel, reference counting (refcount) has become a default mechanism that manages resource objects. ...
By checking if callers consistently use a refcount function, CID detects deviating cases as potential bugs, and by checking how a caller uses a refcount function, CID infers the condition-aware rules for ...
RID [29] proposes inconsistent path pair (abbreviated as IPP) checking to detect refcount bugs. ...
dblp:conf/uss/Tan0YL021
fatcat:xwrjvxktvjgalkom2zphbaoqzy
Understanding and Detecting Disordered Error Handling with Precise Function Pairing
2021
USENIX Security Symposium
Critical bugs occur when these operations are performed (1) in an incorrect order, (2) redundantly, or (3) inadequately. We refer to such bugs as Disordered Error Handling (DiEH). ...
With HERO, we found 239 DiEH bugs in the Linux kernel, the FreeBSD kernel, and OpenSSL, which can cause security and reliability issues. ...
The authors also thank Peng Le for helping implement function pairing. This research was supported in part by the NSF awards CNS-1815621 and CNS-1931208. ...
dblp:conf/uss/WuPEML21
fatcat:hdph5rpjjrdwhn3o5o3tufvwca
History-Driven Test Program Synthesis for JVM Testing
2022
International Conference on Software Engineering
test programs into seed programs for covering more JVM behaviors/paths. ...
To date, various techniques have been proposed to expose JVM bugs via generating potential bug-revealing test programs. ...
We also thank all the JVM developers for analyzing and replying to the bugs we reported. ...
doi:10.1145/3510003.3510059
dblp:conf/icse/ZhaoWCLWZZ22
fatcat:k7s3wo7yjbednptxlemp7wepuy
Debugging Unsatisfiable Classes in OWL Ontologies
2005
Social Science Research Network
However, the diagnosis and resolution of the bug is not supported at all. ...
Existing ontology development environments provide some limited support, in conjunction with a reasoner, for reporting errors in OWL ontologies. ...
This work was completed with funding from Fujitsu Laboratories of America -College Park, Lockheed Martin Advanced Technology Laboratory, NTT Corp., Kevric Corp., SAIC, National Science Foundation, National ...
doi:10.2139/ssrn.3199261
fatcat:knaskwk26vfibdbotg74fprc54
Debugging unsatisfiable classes in OWL ontologies
2005
Journal of Web Semantics
However, the diagnosis and resolution of the bug is not supported at all. ...
Existing ontology development environments provide some limited support, in conjunction with a reasoner, for reporting errors in OWL ontologies. ...
This work was completed with funding from Fujitsu Laboratories of America -College Park, Lockheed Martin Advanced Technology Laboratory, NTT Corp., Kevric Corp., SAIC, National Science Foundation, National ...
doi:10.1016/j.websem.2005.09.005
fatcat:oijp32bix5eclbcfd2ajhkzjmi
Testing the Compiler for a New-Born Programming Language: An Industrial Case Study (Experience Paper)
2023
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis
By comparing with the testing practice adopted by the testing team and the general fuzzer (AFL), SynFuzz can detect more bugs during the same testing time, and both SynFuzz and ...
In this work, we conduct the first exploration (i.e., an industrial case study) to investigate the performance of the existing techniques in this new scenario with substantial adaptations. ...
Then, we manually check the remaining inconsistencies and report the potential bugs to developers. ...
doi:10.1145/3597926.3598077
fatcat:inmn7y46s5bavlbcrhh247zx2m
Java Memory Model-Aware Model Checking
[chapter]
2012
Lecture Notes in Computer Science
Legal executions of programs with data races may be sequentially inconsistent but are subject to constraints that ensure weak safety properties. ...
Because most model checking tools, including Java Pathfinder, only generate sequentially consistent executions, they are not sound for programs with data races. ...
W (rid ) and the value it returns, W (V (rid )) for action id rid . The boolean value indicates whether the W (rid ) occured in the future on the current path. ...
doi:10.1007/978-3-642-28756-5_16
fatcat:qnnvovheurek3busbof6tph3tq
Selected dynamic issues in software model checking
2012
International Journal on Software Tools for Technology Transfer (STTT)
Software model checking has come of age. After one and a half decade, several successful model checking tools have emerged. ...
Fortunately, with respect to the implementation of virtual based model checkers, there is still ample room for innovation and optimizations. ...
For example, a fundamental different approach is to combine reference counting with a form of incremental cycle detection. ...
doi:10.1007/s10009-012-0261-y
fatcat:wi7uoinvwrfydexhf7mftfp6oi
Caradoc: A Pragmatic Approach to PDF Parsing and Validation
2016
2016 IEEE Security and Privacy Workshops (SPW)
methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies ...
However, as with the cross-reference example, PDF readers rarely enforce the expected properties with all necessary checks. ...
Our contributions in this paper are threefold: • uncovering bugs and inconsistencies in common PDF readers (bugs were reported and are currently under review by software editors [6] , [7] ); • proposing ...
doi:10.1109/spw.2016.39
dblp:conf/sp/EndignouxLM16
fatcat:crrdpdfb4bdptpbwtohax4fq5i
The Design and Algorithms of a Verification Condition Generator
[article]
2012
arXiv
pre-print
Chalin [45] explains why it is desirable to have automatic sanity checks for specifications and designs an automated analysis that finds bugs in JML annotations, other than plain logic inconsistencies ...
Inconsistent Specifications Lines 4 and 5 illustrate another type of bug caused by inconsistent specifications. ...
Inconsistent Specifications 5 Inconsistencies in the JDK specifications that ship with ESC/Java. They were filed as ESC/Java bugs #595, #550, #568, #549, and #545. ...
arXiv:1204.6719v1
fatcat:zfnb5e4ysrc4xngkels75amtpe
Synthesis of synchronization using uninterpreted functions
2014
2014 Formal Methods in Computer-Aided Design (FMCAD)
Correctness of a program with respect to concurrency is often hard to achieve, but easy to specify: the concurrent program should produce the same results as a sequential reference version. ...
Using techniques from bounded software model checking, we transform the program into an SMT formula that becomes unsatisfiable when we add correct atomic sections. ...
To model such context switches, we split statements with more than one reference to a global variable. ...
doi:10.1109/fmcad.2014.6987593
dblp:conf/fmcad/BloemHKKAS14
fatcat:gj43a4izxjbv3fwvjrmslge3ja
Co-evolution of Infrastructure and Source Code - An Empirical Study
2015
2015 IEEE/ACM 12th Working Conference on Mining Software Repositories
Through an empirical study of the version control system of 265 OpenStack projects, we find that infrastructure files are large and churn frequently, which could indicate a potential of introducing bugs ...
The amount of work involved with such maintenance, as well as the size and complexity of infrastructure specification files, have not yet been studied empirically. ...
Motivation: Based on the preliminary questions, we find that infrastructure files are large and see a lot of churn, which means that they might be bug prone. ...
doi:10.1109/msr.2015.12
dblp:conf/msr/JiangA15
fatcat:k4yg25m5abftlao6s7pt4jiqkm
Can We Efficiently Check Concurrent Programs Under Relaxed Memory Models in Maude?
[chapter]
2014
Lecture Notes in Computer Science
Fig. 7 . 7 Reduction with POR
Fig. 8 . 8 Bug-finding with heuristics
Table 1 . 1 Rules of the operational semantics of Pimp ...
with the idea that program configurations with higher values are more likely to lead to a bug. ...
doi:10.1007/978-3-319-12904-4_2
fatcat:lfec4mjkyvgsnlkz7lyqasrf7e
Feral Concurrency Control
2015
Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data - SIGMOD '15
We quantitatively analyze the use of these mechanisms in a range of open source applications written using the Ruby on Rails ORM and find that feral invariants are the most popular means of ensuring integrity ...
In light of these findings, we present recommendations for database system designers for better supporting these modern ORM programming patterns, thus eliminating their adverse effects on application integrity ...
we can iterate through all operations and declared invariants and check whether or not they appear in the set of I-confluent pairs. ...
doi:10.1145/2723372.2737784
dblp:conf/sigmod/BailisFFGHS15
fatcat:ivgtcqcqpjgn5mak3cf44fm254
A Survey of Learning-based Automated Program Repair
[article]
2023
arXiv
pre-print
With the recent advances in deep learning (DL), an increasing number of APR techniques have been proposed to leverage neural networks to learn bug-fixing patterns from massive open-source code repositories ...
Automated program repair (APR) aims to fix software bugs automatically and plays a crucial role in software development and maintenance. ...
For example, CoCoNut [115] manually checks the bug-fixing pairs in Defects4J benchmark and extracts the changed statements as inputs to the repair model. ...
arXiv:2301.03270v3
fatcat:dm3hgnvj2bhe5nmlxfxt3epjdm
« Previous
Showing results 1 — 15 out of 914 results