Abstract: The past few years a number of research groups built tools where they combined fuzzing and symbolic execution, and in this talk we will discuss yet another case. The combination of these two technologies for bug finding is a no-brainer: fuzzing covers lots of cases with very little effort, but can get stuck generating inputs to highly constrained behaviours, for which symbolic execution is good. What makes our approach (COASTAL) somewhat unique is that it uses concolic execution rather than classic symbolic execution and that the fuzzer and the concolic execution were built into the same framework, from scratch (in other words it is not two existing tools that are being combined). In this talk we will discuss the design decisions, the integrated architecture and show some examples.
Presenter bio: Willem Visser is a professor in Computer Science at Stellenbosch University, South Africa. Before joining Stellenbosch in 2009, he spent 8 years at NASA Ames Research Center, where he was one of the research leads for the Java PathFinder project. His research interests include model checking, testing, symbolic execution and model counting. He has been co-chair of ASE in 2008 and ICSE in 2016. He is also currently on the steering committee for ICSE and SPIN, on the editorial board for TSE, and is a past member of the executive committee of ACM SIGSOFT and the editorial board of TOSEM. He has an A rating from the South African National Research Foundation (one of only 2 in the country) and is an ACM Distinguished Scientist. More information can be found on his webpage at:http://www.cs.sun.ac.za/~wvisser/.
Host: Marcel Böhme
Tea, coffee, and snacks will be available at the primary venue for the audience after the talk.