Ph.D. Preliminary Oral Exam: Ashwin Kallingal Joshy

Ashwin Kallingal Joshy
Wednesday, June 8, 2022 - 10:00am
Event Type: 

Fault Analysis using Code Fragments

It appears to be a fact of life that no matter how much effort is spent on testing a program, software defects are introduced and removed continually during the development process. Numerous static and dynamic code analysis based techniques exist to help the developers quickly locate and fix these faults. However, in spite of existence of advanced techniques like path-sensitive static analysis tools, fuzzers, automated fault localization, and program repairs, a significant amount of developer's time is still spent in locating, understanding and fixing faults. In this thesis we propose using executable code fragments to help improve the effectiveness of the existing methodologies. The code fragments consists of noncontinuous statements extracted from the original programs, with respect to some desired property, and then made executable to help gain further insight on the property. First, we identified a set of challenges for extracting and building such statements and their solutions. We then used our finding to automatically validate path-sensitive static analysis warnings by converting the paths reported by the tools into code fragments and then dynamically executing them to check for the existence of the warnings. We find that code fragments are able to validate static warnings by exposing their dynamic symptoms. To this end, we proposed creating as-small-as-possible executable code fragments that can reproduce the faults called fault signatures. We found that the smaller size and complexity of the fault signatures helped fuzzers to generate crashing inputs for faults that are harder to reproduce using the original programs. Next, we used fault signatures to identify "unique" faults and deduplicate the crashing inputs reported by the fuzzers. We found that using fault signatures correctly grouped the crashing inputs for unique faults and outperformed the state-of-the-art fuzzers by 2--75 times. Finally, we propose using fault signatures to improve effectiveness of spectrum-based and mutation-based fault localization techniques and to automatically minimize human-written patches for faults using a machine-learning-based approach.

Committee: Wei Le (major professor), Samik Basu, Hridesh Rajan, Gianfranco Ciardo, and Myra Cohen

Join on WebEx: Conference Link : Meeting password: mmBK6ESNA79Join by meeting number. Meeting number (access code): 2621 875 3659