52,565 research outputs found
Fast and Precise Symbolic Analysis of Concurrency Bugs in Device Drivers
© 2015 IEEE.Concurrency errors, such as data races, make device drivers notoriously hard to develop and debug without automated tool support. We present Whoop, a new automated approach that statically analyzes drivers for data races. Whoop is empowered by symbolic pairwise lockset analysis, a novel analysis that can soundly detect all potential races in a driver. Our analysis avoids reasoning about thread interleavings and thus scales well. Exploiting the race-freedom guarantees provided by Whoop, we achieve a sound partial-order reduction that significantly accelerates Corral, an industrial-strength bug-finder for concurrent programs. Using the combination of Whoop and Corral, we analyzed 16 drivers from the Linux 4.0 kernel, achieving 1.5 - 20× speedups over standalone Corral
ChimpCheck: Property-Based Randomized Test Generation for Interactive Apps
We consider the problem of generating relevant execution traces to test rich
interactive applications. Rich interactive applications, such as apps on mobile
platforms, are complex stateful and often distributed systems where
sufficiently exercising the app with user-interaction (UI) event sequences to
expose defects is both hard and time-consuming. In particular, there is a
fundamental tension between brute-force random UI exercising tools, which are
fully-automated but offer low relevance, and UI test scripts, which are manual
but offer high relevance. In this paper, we consider a middle way---enabling a
seamless fusion of scripted and randomized UI testing. This fusion is
prototyped in a testing tool called ChimpCheck for programming, generating, and
executing property-based randomized test cases for Android apps. Our approach
realizes this fusion by offering a high-level, embedded domain-specific
language for defining custom generators of simulated user-interaction event
sequences. What follows is a combinator library built on industrial strength
frameworks for property-based testing (ScalaCheck) and Android testing (Android
JUnit and Espresso) to implement property-based randomized testing for Android
development. Driven by real, reported issues in open source Android apps, we
show, through case studies, how ChimpCheck enables expressing effective testing
patterns in a compact manner.Comment: 20 pages, 21 figures, Symposium on New ideas, New Paradigms, and
Reflections on Programming and Software (Onward!2017
Automatic Verification of Message-Based Device Drivers
We develop a practical solution to the problem of automatic verification of
the interface between device drivers and the OS. Our solution relies on a
combination of improved driver architecture and verification tools. It supports
drivers written in C and can be implemented in any existing OS, which sets it
apart from previous proposals for verification-friendly drivers. Our
Linux-based evaluation shows that this methodology amplifies the power of
existing verification tools in detecting driver bugs, making it possible to
verify properties beyond the reach of traditional techniques.Comment: In Proceedings SSV 2012, arXiv:1211.587
50 years of isolation
The traditional means for isolating applications from each other is via the use of operating system provided “process” abstraction facilities. However, as applications now consist of multiple fine-grained components, the traditional process abstraction model is proving to be insufficient in ensuring this isolation. Statistics indicate that a high percentage of software failure occurs due to propagation of component failures. These observations are further bolstered by the attempts by modern Internet browser application developers, for example, to adopt multi-process architectures in order to increase robustness. Therefore, a fresh look at the available options for isolating program components is necessary and this paper provides an overview of previous and current research on the area
Revisiting Underapproximate Reachability for Multipushdown Systems
Boolean programs with multiple recursive threads can be captured as pushdown
automata with multiple stacks. This model is Turing complete, and hence, one is
often interested in analyzing a restricted class that still captures useful
behaviors. In this paper, we propose a new class of bounded under
approximations for multi-pushdown systems, which subsumes most existing
classes. We develop an efficient algorithm for solving the under-approximate
reachability problem, which is based on efficient fix-point computations. We
implement it in our tool BHIM and illustrate its applicability by generating a
set of relevant benchmarks and examining its performance. As an additional
takeaway, BHIM solves the binary reachability problem in pushdown automata. To
show the versatility of our approach, we then extend our algorithm to the timed
setting and provide the first implementation that can handle timed
multi-pushdown automata with closed guards.Comment: 52 pages, Conference TACAS 202
- …