Chimney Canyon

The San Rafael Swell is a large uplifted area in southeast Utah that has eroded into numerous badlands and canyon systems. The Swell is not particularly well-known outside of Utah because it contains no visitor centers, motels, restaurants, or any other services — it’s the kind of place you enter with maps, plenty of water, and a full tank of gas. The network of bladed roads put in during the brief uranium boom in the 1950s is pervasive enough to make backpacking an unattractive prospect in much of the Swell. Chimney Canyon is an exception.

[nggallery id=48]

Draft Paper about Better Fuzzing

The other day I posted about a simple, low-effort way to improve the bug-finding performance of a random tester. We now have a draft paper about this topic, it’s joint work between my group at Utah and Alex Groce’s group at Oregon State. The key claim is:

… for realistic systems, randomly excluding some features from some tests can improve coverage and fault detection, compared to a test suite that potentially uses every feature in every test. The benefit of using of a single inclusive default configuration— that every test can potentially expose any fault and cover any behavior, heretofore usually taken for granted in random testing—does not, in practice, make up for the fact that some features can, statistically, suppress behaviors.

We’d be interested in feedback.

Draft Paper about Integer Overflow

Result of the infamous Pac-Man integer overflow

Last Spring I had a lucky conversation. I was chatting with Vikram Adve, while visiting the University of Illinois, and we realized that we working on very similar projects — figuring out what to do about integer overflow bugs in C and C++ programs. Additionally, Vikram’s student Will and my student Peng had independently created very similar LLVM-based dynamic checking tools for finding these bugs. As a researcher I find duplicated effort to be bad at several levels. First, it’s a waste of time and grant money. Second, as soon as one of the competing groups wins the race to publish their results, the other group is left with a lot of unpublishable work. However, after talking things through, we agreed to collaborate instead of compete. This was definitely a good outcome since the resulting paper — submitted last week — is almost certainly better than what either of the groups would have produced on its own. The point is to take a closer look at integer overflow than had been taken in previous work. This required looking for integer overflows in a lot of real applications and then studying these overflows. It turns out they come in many varieties, and the distinctions between them are very subtle. The paper contains all the gory details. The IOC (integer overflow checker) tool is here. We hope to convince the LLVM developers that IOC should be part of the default LLVM build.

We would be happy to receive feedback about the draft.


As people probably noticed, lately someone hacked my WordPress installation and turned this blog into a pharmaceutical link farm. I asked Dreamhost for help and they sent me sort of a friendly “have fun fixing that!” message, but they did run an automated scan indicating that something was wrong with my wp-config.php file. Sure enough, it contained a big chunk of PHP nastiness. Is it enough to just delete that and upgrade to the latest WordPress? Hopefully so. The posts and comments seem uncontaminated, at least at first glance. If things aren’t really fixed or go wrong again I’ll have to nuke the whole blog and restore from saved files — no fun.

Looking back, it’s not clear why Dreamhost’s “one click” WordPress install came with a plugin that disables WP updates. Also not clear why I failed to notice this.

I took a quick look at incoming search traffic and people actually do search for this stuff. Just today I got:

  • where ca i buy valium [sic]
  • xanax for sale no prescription
  • activists on xanax
  • phentermine 37.5 without prescription
  • canada phentermine
  • where to buy drugs in toronto

I like “activists on xanax,” it sounds like a band.