Sound regular expression semantics for dynamic symbolic execution of JavaScript

Existing support for regular expressions in automated test generation or verification tools is lacking. Common aspects of regular expression engines found in mainstream programming languages, such as backreferences or greedy matching, are commonly ignored or imprecisely approximated, leading to poor test coverage or failed proofs. In this paper, we present the first complete strategy to faithfully reason about regular expressions in the context of symbolic execution, focusing on the operators found in JavaScript. We model regular expression operations using string constraints and classical regular expressions and use a refinement scheme to address the problem of matching precedence and greediness. Our survey of over 400,000 JavaScript packages from the NPM software repository shows that one fifth make use of complex regular expressions features. We implemented our model in a dynamic symbolic execution engine for JavaScript and evaluated it on over 1,000 Node.js packages containing regular expressions, demonstrating that the strategy is effective and can increase line coverage of programs by up to 30%Comment: This arXiv version (v4) contains fixes for some typographical errors of the PLDI'19 version (the numbering of indices in Section 4.1 and the example in Section 4.3

Pre- and post-fire pollutant loads in an urban fringe watershed in Southern California

Post-fire runoff has the potential to be a large source of contaminants to downstream areas. However, the magnitude of this effect in urban fringe watersheds adjacent to large sources of airborne contaminants is not well documented. The current study investigates the impacts of wildfire on stormwater contaminant loading from the upper Arroyo Seco watershed, burned in 2009. This watershed is adjacent to the Greater Los Angeles, CA, USA area and has not burned in over 60 years. Consequently, it acts as a sink for regional urban pollutants and presents an opportunity to study the impacts of wildfire. Pre- and post-fire storm samples were collected and analyzed for basic cations, trace metals, and total suspended solids. The loss of vegetation and changes in soil properties from the fire greatly increased the magnitude of storm runoff, resulting in sediment-laden floods carrying high concentrations of particulate-bound constituents. Post-fire concentrations and loads were up to three orders of magnitude greater than pre-fire values for many trace metals, including lead and cadmium. A shift was also observed in the timing of chemical delivery, where maximum suspended sediment, trace metal, and cation concentrations coincided with, rather than preceded, peak discharge in the post-fire runoff, amplifying the fire's impacts on mass loading. The results emphasize the importance of sediment delivery as a primary mechanism for post-fire contaminant transport and suggest that traditional management practices that focus on treating only the early portion of storm runoff may be less effective following wildfire. We also advocate that watersheds impacted by regional urban pollutants have the potential to pose significant risk for downstream communities and ecosystems after fire. © 2013 Springer Science+Business Media Dordrecht