题目：Error Detection and Debugging by Binary Program Analysis
报告人：梁振凯 新加坡国立大学
地点：东五楼二楼210学术报告厅
时间：6月28日下午3:00

报告摘要：
　　The first part of this talk introduces an automated approach to detect software errors. We observe that software errors usually cause two implementations of a specification to contain deviations, i.e., differences in the way they process their inputs. Based on this observation, our approach finds deviations to detect software errors related to input processing. Given two binaries implementing the same specification and an input, our approach builds a symbolic formula for each binary to characterize how it interprets the input. From the formulas, our approach generates new inputs that can demonstrate deviations/errors in the two binaries. By directly working on a binary program, our approach is precisely faithful to the binary and is not limited by the availability of source code; by generating inputs from symbolic formulas characterizing program execution, our approach significantly reduces the number of inputs needed to find deviations and software errors.
　　The second part of this talk give a solution to debug software errors in evolving programs or programs from the same specification. Given two programs (a reference, stable program and a new, modified program) and an input that fails on the modified program, our approach uses concrete as well as symbolic execution to synthesize new inputs that differ marginally from the failing input in their control flow behavior. A comparison of the execution traces of the failing input and the new inputs provides critical clues to the root-cause of the failure. A notable feature of our approach is that it handles hard-to-explain bugs like code missing errors by pointing to the relevant code in the reference program. We have implemented our approach in a tool called DARWIN. We have conducted experiments with several real-life case studies, including real-world web servers and the libPNG library for manipulating PNG images. Our experience from these experiments points to the efficacy of DARWIN in pinpointing bugs. Moreover, while localizing a given observable error, the new inputs synthesized by DARWIN can reveal other undiscovered errors.

梁振凯博士简介：
　　Dr. LIANG Zhenkai is an assistant professor of the School of Computing, National University of Singapore. His main research interest is in system security, software security, and software debugging. His research has been focusing on signature generation for remote attacks, malicious program analysis and confinement, web security, and debugging techniques. As a co-author, he received the ACM SIGSOFT Distinguished Paper Award at ESEC/FSE in 2009, the Best Paper Award at USENIX Security Symposium in 2007, and the Outstanding Paper Award at the Annual Computer Security Applications Conference (ACSAC) in 2003. He also received the Young Investigator Award of National University of Singapore in 2008. He got his Ph.D. degree from Stony Brook University in 2006, and B.S. from Peking University in 1999.