4,064 research outputs found
A Study of Concurrency Bugs and Advanced Development Support for Actor-based Programs
The actor model is an attractive foundation for developing concurrent
applications because actors are isolated concurrent entities that communicate
through asynchronous messages and do not share state. Thereby, they avoid
concurrency bugs such as data races, but are not immune to concurrency bugs in
general. This study taxonomizes concurrency bugs in actor-based programs
reported in literature. Furthermore, it analyzes the bugs to identify the
patterns causing them as well as their observable behavior. Based on this
taxonomy, we further analyze the literature and find that current approaches to
static analysis and testing focus on communication deadlocks and message
protocol violations. However, they do not provide solutions to identify
livelocks and behavioral deadlocks. The insights obtained in this study can be
used to improve debugging support for actor-based programs with new debugging
techniques to identify the root cause of complex concurrency bugs.Comment: - Submitted for review - Removed section 6 "Research Roadmap for
Debuggers", its content was summarized in the Future Work section - Added
references for section 1, section 3, section 4.3 and section 5.1 - Updated
citation
Testing of Concurrent Programs
Testing concurrent systems requires exploring all possible non-deterministic interleavings that the concurrent execution may have, as any of the interleavings may reveal erroneous behaviour. This introduces a new problem: the well-known state space problem, which is often computationally intractable. In the present thesis, this issue will be addressed through: (1) the development of new Partial-Order Reduction Techniques and (2) the combination of static analysis and testing (property-based testing) in order to reduce the combinatorial explosion. As a preliminary result, we have performed an experimental evaluation on the SYCO tool, a CLP-based testing framework for actor-based concurrency, where these techniques have been implemented. Finally, our experiments prove the effectiveness and applicability of the proposed techniques
Systematic Testing for Detecting Concurrency Errors in Erlang Programs
We present the techniques used in Concuerror, a systematic testing tool able to find and reproduce a wide class of concurrency errors in Erlang programs. We describe how we take advantage of the characteristics of Erlang's actor model of concurrency to selectively instrument the program under test and how we subsequently employ a stateless search strategy to systematically explore the state space of process interleaving sequences triggered by unit tests. To ameliorate the problem of combinatorial explosion, we propose a novel technique for avoiding process blocks and describe how we can effectively combine it with preemption bounding, a heuristic algorithm for reducing the number of explored interleaving sequences. We also briefly discuss issues related to soundness, completeness and effectiveness of techniques used by Concuerror
Towards Automated Test Sequence Generation
The article presents a novel control-flow based test sequence generation technique using UML 2.0 activity diagram, which is a behavioral type of UML diagram. Like other model-based techniques, this technique can be used in the earlier phases of the development process owing to the availability of the design models of the system. The activity diagram model is seamlessly converted into a colored Petri net. We proposed a technique that enables the automatic generation of test sequences according to a given coverage criteria from the execution of the colored Petri nets model. Two types of structural coverage criteria for AD based models, namely sequential and concurrent coverage are described. The proposed technique was applied to an example to demonstrate its feasibility and the generated test sequences were evaluated against selected coverage criteria. This technique can potentially be adapted to service oriented applications, workflows, and concurrent applications
๊ฒฐ์ ๋ก ์ ์ค์ผ์ฅด๋ง์ ์ด์ฉํ์ฌ ๋์์ฑ ๋ฒ๊ทธ๋ฅผ ์ฌํํ๋ ์ปค๋ ํผ์ ธ ์ ์
ํ์๋
ผ๋ฌธ(์์ฌ) -- ์์ธ๋ํ๊ต๋ํ์ : ๊ณต๊ณผ๋ํ ์ ๊ธฐยท์ ๋ณด๊ณตํ๋ถ, 2022. 8. ์ด๋ณ์.์ปค๋ ํผ์ ธ๋ค์ด ์ต๊ทผ ๋ช ๋
๊ฐ ๋ฐ์ ํด์ค๋ฉด์ ํผ์ ธ์ ์ํด ๋ณด๊ณ ๋๋ ๋ฒ๊ทธ๋ค์ ์๊ฐ
๋์ด๋ฌ๋ค. ์ปค๋ ๊ฐ๋ฐ์๋ค์ด ์ด๋ฐ ๋ฒ๊ทธ๋ค์ ๋ชจ๋ ๋ถ์ํ ์ ์๊ธฐ ๋๋ฌธ์ ์ด๋ฐ ์ํฉ์
๋๋ฒ๊น
์ ๋ณด๋ฅผ ์ ๊ณตํด์ค ์ ์๋ ๋ฒ๊ทธ ์ฌํ์ ์ค์์ฑ์ ๋์ฑ ์ค์ํ๊ฒ ๋ง๋ ๋ค. ๋ถํ
ํ๋, ํผ์ ธ๋ ์ข
์ข
๋ฒ๊ทธ ์ฌํ์ ์คํจํ๋๋ฐ ์ฌํ์ด ํ๋ ๋ฒ๊ทธ ์ค ํ๋๊ฐ ๋ฐ๋ก ๋์์ฑ
๋ฒ๊ทธ๋ค. ๋์์ฑ ๋ฒ๊ทธ๋ ์ฌ๋ฌ ์ค๋ ๋ ์ฌ์ด์ ํน์ ํ ์กฐ๊ฑด์ ๋ง์กฑํ ๋ ๋ฐ์ํ๋๋ฐ ์ปค
๋ ์ค์ผ์ฅด๋ง์ ๋น๊ฒฐ์ ์ ์ธ ์ค๋ ๋ ๊ฐ์ญ์ ๋์์ฑ ๋ฒ๊ทธ์ ์ฌํ์ ๋ง๋๋ค. ๊ทธ ๊ฒฐ๊ณผ,
์ผ๋ถ ๋์์ฑ ๋ฒ๊ทธ๋ค์ ๋ฒ๊ทธ์ ์ฌํ์ ์คํจํ ๋ค ๊ณ ์ณ์ง์ง ์์์ฑ ๋ฒ๋ ค์ง๋ค.
์ด ๋
ผ๋ฌธ์์๋, ํผ์ ธ์ ์ํด ๋ฐ๊ฒฌ๋ ๋ฒ๊ทธ๋ฅผ ๊ฒฐ์ ์ ์ผ๋ก ์ฌํํ ์ ์๋๋ก ๋์์ฃผ
๋ REPFUZZER ๋ฅผ ์๊ฐํ๋ค. ์ด๋ ์ ํ์ ์ค๋ ๋ ์ถ์ ๊ณผ ๊ฒฐ์ ์ ์ค์ผ์ฅด๋ฌ๋ฅผ ํตํด ๋ฌธ
์ ๋ฅผ ํด๊ฒฐํ๋ค. ์ ํ์ ์ค๋ ๋ ์ถ์ ์ ํตํด REPFUZZER ๋ ํผ์ ธ์ ์์ด์ ํฅ๋ฏธ๋ก์ด
์ค๋ ๋์๋ง ์ง์คํ ์ ์๋๋ก ํ๋ค. ๊ทธ๋ฆฌ๊ณ REPFUZZER ๋ ๊ฒฐ์ ์ ์ค์ผ์ฅด๋ฌ๋ฅผ ํตํด
์ ํ๋ ์ค๋ ๋๋ฅผ ์ค์ผ์ฅด ํด์ฃผ๋ฉฐ ๊ฒฐ์ ์ ์ธ ์ค๋ ๋ ๊ฐ์ญ์ ๋ง๋ค์ด ๋ธ๋ค. ํผ์ง ๋จ๊ณ์
์ฌํ ๋จ๊ณ ๋ชจ๋์์ REPFUZZER ๋ฅผ ์ฌ์ฉํจ์ผ๋ก์จ ํผ์ ธ๋ ์ฐพ์๋ธ ๋ฒ๊ทธ๋ฅผ ์ฌํํด๋ผ
์ ์๊ฒ ๋๋ค. ๊ฒฐ๊ณผ์ ์ผ๋ก REPFUZZER ๋ 15๊ฐ์ ์ค์ ๋์์ฑ ๋ฒ๊ทธ๋ฅผ ์ฌํํ๋ฉด์
ํจ์จ์ฑ์ ๋ณด์ฌ์คฌ์ผ๋ฉฐ, ๋ฒ๊ทธ ์ค ์ผ๋ถ๋ ๋น๊ฒฐ์ ์ ์ธ ์ปค๋ ์ค์ผ์ฅด๋ง์ผ๋ก ์ฌํํด๋ด๊ธฐ
์ํด ์์ฒญ๋ ์๊ฐ์ ํ์๋ก ํ๋ค.As kernel fuzzer has been studied and becomes better for years, the number of
reported bugs from the fuzzer increased. Since kernel developers could not analyze
all of the bugs, the situation emphasizes the importance of bug reproduce which can
provide debug information. Unfortunately, the fuzzer often fails to reproduce bug, and
one of the most difficult bug type is concurrency bug. The concurrency bug requires
certain conditions between several threads, and non-deterministic thread interleavings
from kernel scheduling prevent reproducing. As a result, some concurrency bugs are
left unpatched after failures of reproduce.
In this thesis, we presents REPFUZZER which enables deterministic reproduce for
bugs found by fuzzer. It solves the problem with selective thread tracing and deterministic scheduler. With selective thread tracing, REPFUZZER can focus on only interesting thread in fuzzing context. Then REPFUZZER schedules the selected threads
with deterministic scheduler and produces deterministic thread interleavings. Using
REPFUZZERโs scheduling at both fuzzing and reproduce phase, the fuzzer can reproduce bugs found at fuzzing phase. As a result, REPFUZZER shows its effectiveness for
reproducing concurrency bugs with 15 real-world bugs, and some of the bugs require
enormous times to be reproduced with non-deterministic kernel scheduling.Abstract i
Contents ii
List of Tables iv
List of Figures v
1 INTRODUCTION 1
2 BACKGROUND 5
2.1 Fuzzing 5
2.2 Concurrency Bug 6
3 DESIGN 7
3.1 Design 7
3.1.1 Selective Thread Tracing 9
3.1.2 Deterministic Scheduler 12
3.2 Implementation 18
4 EVALUATION 20
4.1 Effectiveness of Deterministic Scheduler 20
4.2 Statistics of Deterministic Scheduler 23
4.3 Overhead of Deterministic Scheduler 25
5 DISCUSSION 27
6 RELATED WORKS 29
6.1 Kernel Concurrency Bugs 29
6.2 Reproducing Bugs 30
7 CONCLUSION 32
Abstract (In Korean) 37์
Software testing or the bugsโ nightmare
Software development is not error-free. For decades, bugs โincluding physical onesโ have become a significant development problem requiring major maintenance efforts. Even in some cases, solving bugs led to increment them. One of the main reasons for bugโs prominence is their ability to hide. Finding them is difficult and costly in terms of time and resources. However, software testing made significant progress identifying them by using different strategies that combine knowledge from every single part of the program. This paper humbly reviews some different approaches from software testing that discover bugs automatically and presents some different state-of-the-art methods and tools currently used in this area. It covers three testing strategies: search-based methods, symbolic execution, and fuzzers. It also provides some income about the application of diversity in these areas, and common and future challenges on automatic test generation that still need to be addressed
- โฆ