New publication: Predicting Null-Pointer Dereferences in Concurrent Programs,
by Azadeh Farzan, P. Madhusudan, Niloofar Razavi, Francesco Sorrentino
20th ACM SIGSOFT Int'l Symp on Foundations of Software Engineering (FSE), 2012.
Abstract: We propose null-pointer dereferences as a target for finding bugs in concurrent programs using testing. A null-pointer dereference prediction engine observes an execution of a concurrent program under test and predicts alternate interleavings that are likely to cause null-pointer dereferences. Though accurate scalable prediction is intractable, we provide a carefully chosen novel set of techniques to achieve reasonably accurate and scalable prediction. We use an abstraction to the shared-communication level, take advantage of a static lock-set based pruning, and finally, employ precise and relaxed constraint solving techniques that use an SMT solver to predict schedules.We realize our techniques in a tool, ExceptioNULL, and evaluate it over 13 benchmark programs and find scores of nullpointer dereferences by using only a single test run as the prediction seed for each benchmark.
Click here to access paper: http://www.cs.uiuc.edu/~madhu/fse12.pdf
Publication: Security Analysis of Role-based Access Control through Program Verification at CSF 2012Submitted by admin on Sat, 04/14/2012 - 02:03
New publication: Security Analysis of Role-based Access Control through Program Verification
Authors: Anna Lisa Ferrara, P. Madhusudan, and Gennaro Parlato
To appear in Proc. of 25th IEEE Computer Security Foundations Symposium (CSF), Harvard University, Cambridge MA, USA, 2012.
News about PL/FM/SE research at University of Illinois at Urbana-Champaign will be posted here.