Article

Under-constrained execution: making automatic code destruction easy and scalable

Authors:

Dawson Engler,

Daniel DunbarAuthors Info & Claims

ISSTA '07: Proceedings of the 2007 international symposium on Software testing and analysis

Pages 1 - 4

https://doi.org/10.1145/1273463.1273464

Published: 09 July 2007 Publication History

Get Access

References

[1]

T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, C. McGarvey, B. Ondrusek, S. K. Rajamani, and A. Ustuner. Thorough static analysis of device drivers. In EuroSys '06: Proceedings of the 2006 EuroSys conference, pages 73--85, New York, NY, USA, 2006. ACM Press.

Digital Library

Google Scholar

[2]

C. Boyapati, S. Khurshid, and D. Marinov. Korat: Automated testing based on Java predicates. In Proceedings of the International Symposium on Software Testing and Analysis (ISSTA), pages 123--133, July 2002.

Digital Library

Google Scholar

[3]

C. Cadar and D. Engler. Execution generated test cases: How to make systems code crash itself. In Proceedings of the 12th International SPIN Workshop on Model Checking of Software, August 2005.

Digital Library

Google Scholar

[4]

C. Cadar, V. Ganesh, P. Pawlowski, D. Dill, and D. Engler. EXE: Automatically generating inputs of death. In Proceedings of the 13th ACM Conference on Computer and Communications Security, October-November 2006.

Digital Library

Google Scholar

[5]

P. Godefroid. Compositional dynamic test generation. In Proceedings of the 34th Symposium on Principles of Programming Languages (POPL'07), Jan. 2007.

Digital Library

Google Scholar

[6]

P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In Proceedings of the Conference on Programming Language Design and Implementation (PLDI), Chicago, IL USA, June 2005. ACM Press.

Digital Library

Google Scholar

[7]

S. Khurshid, C. S. Pasareanu, and W. Visser. Generalized symbolic execution for model checking and testing. In Proceedings of the Ninth International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2003.

Digital Library

Google Scholar

[8]

K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. In In 5th joint meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE'05), Sept. 2005.

Digital Library

Google Scholar

[9]

M. M. Swift, M. Annamalai, B. N. Bershad, and H. M. Levy. Recovering device drivers. In OSDI, pages 1--16, Dec. 2004.

Digital Library

Google Scholar

Cited By

View all

Murali AMathews NAlfadel MNagappan MXu MRoychoudhury APaiva AAbreu RStorey M(2024)FuzzSlice: Pruning False Positives in Static Analysis Warnings through Function-Level FuzzingProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3623321(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3623321
Yang SXu ZXiao YLang ZTang WLiu YShi ZLi HSun L(2023)Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic AnalysisACM Transactions on Software Engineering and Methodology10.1145/360460832:6(1-29)Online publication date: 30-Sep-2023
https://dl.acm.org/doi/10.1145/3604608
He NZhao ZWang JHu YGuo SWang HLiang GLi DChen XGuo YJust RFraser G(2023)Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly BinariesProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598064(385-397)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598064
Show More Cited By

Index Terms

Under-constrained execution: making automatic code destruction easy and scalable

Recommendations

EXE: Automatically Generating Inputs of Death

This article presents EXE, an effective bug-finding tool that automatically generates inputs that crash real code. Instead of running code on manually or randomly constructed input, EXE runs it on symbolic input initially allowed to be anything. As ...
EXE: automatically generating inputs of death
CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

This paper presents EXE, an effective bug-finding tool that automatically generates inputs that crash real code. Instead of running code on manually or randomly constructed input, EXE runs it on symbolic input initially allowed to be "anything." As ...
Execution synthesis: a technique for automated software debugging
EuroSys '10: Proceedings of the 5th European conference on Computer systems

Debugging real systems is hard, requires deep knowledge of the code, and is time-consuming. Bug reports rarely provide sufficient information, thus forcing developers to turn into detectives searching for an explanation of how the program could have ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ISSTA '07: Proceedings of the 2007 international symposium on Software testing and analysis

July 2007

258 pages

ISBN:9781595937346

DOI:10.1145/1273463

General Chair:
David S. Rosenblum
University College London, United Kingdom
,
Program Chair:
Sebastian Elbaum
University of Nebraska-Lincoln, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 July 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

ISSTA07

Sponsor:

ISSTA07: International Symposium on Software Testing and Analysis

July 9 - 12, 2007

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Sponsor:
sigsoft

34th ACM SIGSOFT International Symposium on Software Testing and Analysis

June 25 - 28, 2025

Trondheim , Norway

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

52
Total Citations
View Citations
477
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)7

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Murali AMathews NAlfadel MNagappan MXu MRoychoudhury APaiva AAbreu RStorey M(2024)FuzzSlice: Pruning False Positives in Static Analysis Warnings through Function-Level FuzzingProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3623321(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3623321
Yang SXu ZXiao YLang ZTang WLiu YShi ZLi HSun L(2023)Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic AnalysisACM Transactions on Software Engineering and Methodology10.1145/360460832:6(1-29)Online publication date: 30-Sep-2023
https://dl.acm.org/doi/10.1145/3604608
He NZhao ZWang JHu YGuo SWang HLiang GLi DChen XGuo YJust RFraser G(2023)Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly BinariesProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598064(385-397)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598064
Salehi MDegani LRoveri MHughes DCrispo B(2023)Discovery and Identification of Memory Corruption Vulnerabilities on Bare-Metal Embedded DevicesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314937120:2(1124-1138)Online publication date: 1-Mar-2023
https://doi.org/10.1109/TDSC.2022.3149371
Wang XZhao L(2023)APICAD: Augmenting API Misuse Detection through Specifications from Code and Documents2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00032(245-256)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00032
Zeng JZhang CLiang ZYin HStavrou ACremers CShi E(2022)PalanTírProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560570(3135-3149)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560570
Rutledge ROrso A(2022)Automating Differential Testing with Overapproximate Symbolic Execution2022 IEEE Conference on Software Testing, Verification and Validation (ICST)10.1109/ICST53961.2022.00035(256-266)Online publication date: Apr-2022
https://doi.org/10.1109/ICST53961.2022.00035
Steinhöfel D(2022)Symbolic Execution: Foundations, Techniques, Applications, and Future PerspectivesThe Logic of Software. A Tasting Menu of Formal Methods10.1007/978-3-031-08166-8_22(446-480)Online publication date: 4-Jul-2022
https://doi.org/10.1007/978-3-031-08166-8_22
Fan MWang WYu AMeng D(2022)TDCT: Target-Driven Concolic Testing Using Extended Units by Calculating Function RelevanceAlgorithms and Architectures for Parallel Processing10.1007/978-3-030-95391-1_13(196-213)Online publication date: 23-Feb-2022
https://doi.org/10.1007/978-3-030-95391-1_13
Fowze FYavuz T(2021)Finding Memory Vulnerabilities in Protocol Stack Implementations using Hybrid Program AnalysisProceedings of the 8th International Conference on Networking, Systems and Security10.1145/3491371.3491372(29-39)Online publication date: 21-Dec-2021
https://dl.acm.org/doi/10.1145/3491371.3491372
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

EXE: Automatically Generating Inputs of Death

EXE: automatically generating inputs of death

Execution synthesis: a technique for automated software debugging