WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code

Julia Lawall; Julien Pierre Manuel Brunel; Nicolas Jean-Michel Palix; René Rydhof Hansen; Henrik Stuart; Gilles Muller

WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code

Julia Lawall, Julien Pierre Manuel Brunel, Nicolas Jean-Michel Palix, René Rydhof Hansen, Henrik Stuart, Gilles Muller

Department of Computer Science

35 Citations (Scopus)

Abstract

Eliminating OS bugs is essential to ensuring the reliability of
infrastructures ranging from embedded systems to servers. Several tools
based on static analysis have been proposed for finding bugs in OS code.
They have, however, emphasized scalability over usability, making it
difficult to focus the tools on specific kinds of bugs and to relate the
results to patterns in the source code.

We propose a declarative approach to bug finding in Linux OS
code using a control-flow based program search engine. Our approach is
WYSIWIB (What You See Is Where It Bugs), since the programmer expresses
specifications for bug finding using a syntax close to that of ordinary C
code. The key advantage of our approach is that search specifications can
be easily tailored, to eliminate false positives or catch more bugs. We
present three case studies that have allowed us to find hundreds of
potential bugs.

Original language	English
Title of host publication	Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks
Publisher	IEEE
Publication date	2009
Pages	43-52
ISBN (Print)	978-1-4244-4421-2
Publication status	Published - 2009
Event	2009 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN´09) - Estoril, Portugal Duration: 29 Jun 2009 → 2 Jul 2009 Conference number: 39

Conference

Conference	2009 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN´09)
Number	39
Country/Territory	Portugal
City	Estoril
Period	29/06/2009 → 02/07/2009

Access to Document

http://hal.archives-ouvertes.fr/hal-00294004/en/

Cite this

WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code. / Lawall, Julia; Brunel, Julien Pierre Manuel; Palix, Nicolas Jean-Michel et al.

Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE, 2009. p. 43-52.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Lawall, J, Brunel, JPM, Palix, NJ-M, Hansen, RR, Stuart, H & Muller, G 2009, WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code. in Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE, pp. 43-52, 2009 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN´09), Estoril, Portugal, 29/06/2009. <http://hal.archives-ouvertes.fr/hal-00294004/en/>

@inproceedings{8ab9ea00658111de8bc9000ea68e967b,

title = "WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code",

abstract = "Eliminating OS bugs is essential to ensuring the reliability ofinfrastructures ranging from embedded systems to servers. Several toolsbased on static analysis have been proposed for finding bugs in OS code.They have, however, emphasized scalability over usability, making itdifficult to focus the tools on specific kinds of bugs and to relate theresults to patterns in the source code.We propose a declarative approach to bug finding in Linux OScode using a control-flow based program search engine. Our approach isWYSIWIB (What You See Is Where It Bugs), since the programmer expressesspecifications for bug finding using a syntax close to that of ordinary Ccode. The key advantage of our approach is that search specifications canbe easily tailored, to eliminate false positives or catch more bugs. Wepresent three case studies that have allowed us to find hundreds ofpotential bugs.",

author = "Julia Lawall and Brunel, {Julien Pierre Manuel} and Palix, {Nicolas Jean-Michel} and Hansen, {Ren{\'e} Rydhof} and Henrik Stuart and Gilles Muller",

year = "2009",

language = "English",

isbn = "978-1-4244-4421-2",

pages = "43--52",

booktitle = "Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks",

publisher = "IEEE",

note = "2009 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN´09) ; Conference date: 29-06-2009 Through 02-07-2009",

}

TY - GEN

T1 - WYSIWIB: A Declarative Approach to Finding API Protocols and Bugs in Linux Code

AU - Lawall, Julia

AU - Brunel, Julien Pierre Manuel

AU - Palix, Nicolas Jean-Michel

AU - Hansen, René Rydhof

AU - Stuart, Henrik

AU - Muller, Gilles

N1 - Conference code: 39

PY - 2009

Y1 - 2009

N2 - Eliminating OS bugs is essential to ensuring the reliability ofinfrastructures ranging from embedded systems to servers. Several toolsbased on static analysis have been proposed for finding bugs in OS code.They have, however, emphasized scalability over usability, making itdifficult to focus the tools on specific kinds of bugs and to relate theresults to patterns in the source code.We propose a declarative approach to bug finding in Linux OScode using a control-flow based program search engine. Our approach isWYSIWIB (What You See Is Where It Bugs), since the programmer expressesspecifications for bug finding using a syntax close to that of ordinary Ccode. The key advantage of our approach is that search specifications canbe easily tailored, to eliminate false positives or catch more bugs. Wepresent three case studies that have allowed us to find hundreds ofpotential bugs.

AB - Eliminating OS bugs is essential to ensuring the reliability ofinfrastructures ranging from embedded systems to servers. Several toolsbased on static analysis have been proposed for finding bugs in OS code.They have, however, emphasized scalability over usability, making itdifficult to focus the tools on specific kinds of bugs and to relate theresults to patterns in the source code.We propose a declarative approach to bug finding in Linux OScode using a control-flow based program search engine. Our approach isWYSIWIB (What You See Is Where It Bugs), since the programmer expressesspecifications for bug finding using a syntax close to that of ordinary Ccode. The key advantage of our approach is that search specifications canbe easily tailored, to eliminate false positives or catch more bugs. Wepresent three case studies that have allowed us to find hundreds ofpotential bugs.

M3 - Article in proceedings

SN - 978-1-4244-4421-2

SP - 43

EP - 52

BT - Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks

PB - IEEE

T2 - 2009 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN´09)

Y2 - 29 June 2009 through 2 July 2009

ER -