Filters








218 Hits in 5.2 sec

Beyond Bug-Finding: Sound Program Analysis for Linux

Zachary R. Anderson, Eric A. Brewer, Jeremy Condit, Robert Ennals, David Gay, Matthew Harren, George C. Necula, Feng Zhou
2007 USENIX Workshop on Hot Topics in Operating Systems  
It is time for us to focus on sound analyses for our critical systems software-that is, we must focus on analyses that ensure the absence of defects of particular known types, rather than best-effort bug-finding  ...  Sound analyses of this sort can check a wide variety of properties and will ultimately yield more reliable code than bug-finding alone.  ...  The major contribution of this paper is the idea that sound static analysis is a feasible and desirable alternative to bug-finding.  ... 
dblp:conf/hotos/AndersonBCEGHNZ07 fatcat:l6afjicsnrgdjcnzsotsfncwny

Thirty Years Is Long Enough: Getting Beyond C

Eric A. Brewer, Jeremy Condit, Bill McCloskey, Feng Zhou
2005 USENIX Workshop on Hot Topics in Operating Systems  
Thirty years after its creation, C remains one of the most widely used systems programming languages.  ...  Unfortunately, the power of C has become a liability for large systems projects, which are now focusing on security and reliability.  ...  Acknowledgements: Thanks to George Necula, Rob von Behren and David Gay (of Intel) for their help on this project.  ... 
dblp:conf/hotos/BrewerCMZ05 fatcat:dpf6h7r7hvg6vetvrrpjvlr56m

Summary-Based Pointer Analysis Framework for Modular Bug Finding

Marcio Buss, Columbia University. Computer Science
2017
This dissertation proposes a methodology for pointer analysis that is specially tailored for "modular bug finding."  ...  The solution is to provide some form of pointer analysis, which derives useful information about pointer variables in the program.  ...  Modular bug-finding and the Evidence-Based approach This section defines and motivates the need for modular bug finding, and discusses its requirements on pointer and related analysis.  ... 
doi:10.7916/d8wq0bn0 fatcat:tamsek4fojdwvbpgubvpupyrri

Verification of device drivers and intelligent controllers

David Monniaux
2007 Proceedings of the 7th ACM & IEEE international conference on Embedded software - EMSOFT '07  
This paper studies this case, as well as introduces a model and analysis techniques for this asynchronous composition.  ...  The soundness of device drivers generally cannot be verified in isolation, but has to take into account the reactions of the hardware devices.  ...  Bug-finding tools should thus concentrate on the "low-hanging fruit" first.  ... 
doi:10.1145/1289927.1289937 dblp:conf/emsoft/Monniaux07 fatcat:3emhpn74lralzit4hzuzj5rlwe

Clustering static analysis defect reports to reduce maintenance costs

Zachary P. Fry, Westley
2013 2013 20th Working Conference on Reverse Engineering (WCRE)  
We evaluate our technique using 8,948 defect reports produced by the Coverity Static Analysis and FindBugs tools in both C and Java programs totaling over 14 million lines of code.  ...  Static analysis tools facilitate software maintenance by automatically identifying bugs in source code. However, for large systems, these tools often produce an overwhelming number of defect reports.  ...  We are also grateful to Claire Le Goues for insightful discussions on an earlier draft of this work.  ... 
doi:10.1109/wcre.2013.6671303 dblp:conf/wcre/FryW13 fatcat:rzccesx5kbcexmrk7eiqsnyiyy

Scalable error detection using boolean satisfiability

Yichen Xie, Alex Aiken
2005 Proceedings of the 32nd ACM SIGPLAN-SIGACT sysposium on Principles of programming languages - POPL '05  
First, for each program function, several optimizations compress the size of the boolean formulas that model the control-and data-flow and the heap locations accessed by a function.  ...  In an interprocedural analysis of more than 23,000 lock related functions in the latest Linux kernel, the checker generated 300 warnings, of which 179 were unique locking errors, a false positive rate  ...  Acknowledgments We thank Andy Chou for thoughtful discussions and significant contributions to an earlier SAT-based analysis effort.  ... 
doi:10.1145/1040305.1040334 dblp:conf/popl/XieA05 fatcat:6o6dta32fbd3nm6ebpp3kqx5pe

Scalable error detection using boolean satisfiability

Yichen Xie, Alex Aiken
2005 SIGPLAN notices  
First, for each program function, several optimizations compress the size of the boolean formulas that model the control-and data-flow and the heap locations accessed by a function.  ...  In an interprocedural analysis of more than 23,000 lock related functions in the latest Linux kernel, the checker generated 300 warnings, of which 179 were unique locking errors, a false positive rate  ...  Acknowledgments We thank Andy Chou for thoughtful discussions and significant contributions to an earlier SAT-based analysis effort.  ... 
doi:10.1145/1047659.1040334 fatcat:ukre2vakyrh6njlrhuemmxiiye

The case for analysis preserving language transformation

Xiaolan Zhang, Larry Koved, Marco Pistoia, Sam Weber, Trent Jaeger, Guillaume Marceau, Liangzhao Zeng
2006 Proceedings of the 2006 international symposium on Software testing and analysis - ISSTA'06  
Static analysis has gained much attention over the past few years in applications such as bug finding and program verification.  ...  for checking high-level program properties.  ...  analysis for the results to be sound.  ... 
doi:10.1145/1146238.1146260 dblp:conf/issta/ZhangKPWJMZ06 fatcat:hp6vkmfqovfyfjcjlhkbsa2dei

Linux kernel vulnerabilities

Haogang Chen, Yandong Mao, Xi Wang, Dong Zhou, Nickolai Zeldovich, M. Frans Kaashoek
2011 Proceedings of the Second Asia-Pacific Workshop on Systems - APSys '11  
This paper evaluates the current state-of-the-art with respect to kernel protection techniques, by presenting two case studies of Linux kernel vulnerabilities.  ...  First, this paper presents data on 141 Linux kernel vulnerabilities discovered from January 2010 to March 2011, and second, this paper examines how well state-of-the-art techniques address these vulnerabilities  ...  Acknowledgments We thank the anonymous reviewers for their feedback.  ... 
doi:10.1145/2103799.2103805 dblp:conf/apsys/ChenMWZZK11 fatcat:3mwqsdizsrfdxayhpj5mhahavq

How to Build Static Checking Systems Using Orders of Magnitude Less Code

Fraser Brown, Andres Nötzli, Dawson Engler
2016 Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems - ASPLOS '16  
Modern static bug finding tools are complex. They typically consist of hundreds of thousands of lines of code, and most of them are wedded to one language (or even one compiler).  ...  We implement our approach in µchex, a language-agnostic framework for writing static bug checkers.  ...  Swenson for her endless assistance.  ... 
doi:10.1145/2872362.2872364 dblp:conf/asplos/BrownNE16 fatcat:ha2pk6l5djhjfmajc3sap2zojm

How to Build Static Checking Systems Using Orders of Magnitude Less Code

Fraser Brown, Andres Nötzli, Dawson Engler
2016 ACM SIGOPS Operating Systems Review  
Modern static bug finding tools are complex. They typically consist of hundreds of thousands of lines of code, and most of them are wedded to one language (or even one compiler).  ...  We implement our approach in µchex, a language-agnostic framework for writing static bug checkers.  ...  Swenson for her endless assistance.  ... 
doi:10.1145/2954680.2872364 fatcat:tblhs7ofabapjiizt3gbb6t3y4

How to Build Static Checking Systems Using Orders of Magnitude Less Code

Fraser Brown, Andres Nötzli, Dawson Engler
2016 SIGARCH Computer Architecture News  
Modern static bug finding tools are complex. They typically consist of hundreds of thousands of lines of code, and most of them are wedded to one language (or even one compiler).  ...  We implement our approach in µchex, a language-agnostic framework for writing static bug checkers.  ...  Swenson for her endless assistance.  ... 
doi:10.1145/2980024.2872364 fatcat:xswaceb5jbduljje2f47onaqh4

How to Build Static Checking Systems Using Orders of Magnitude Less Code

Fraser Brown, Andres Nötzli, Dawson Engler
2016 SIGPLAN notices  
Modern static bug finding tools are complex. They typically consist of hundreds of thousands of lines of code, and most of them are wedded to one language (or even one compiler).  ...  We implement our approach in µchex, a language-agnostic framework for writing static bug checkers.  ...  Swenson for her endless assistance.  ... 
doi:10.1145/2954679.2872364 fatcat:tvlafoor4nbpxajyk6tmvpd4gi

Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing

Stefan Nagy, Anh Nguyen-Tuong, Jason D. Hiser, Jack W. Davidson, Matthew Hicks
2021 USENIX Security Symposium  
Based on our findings, we design ZAFL: a platform for applying fuzzing-enhancing program transformations to binary-only targets-maintaining compiler-level performance.  ...  We also show that ZAFL supports realworld open-and closed-source software of varying size (10K-100MB), complexity (100-1M basic blocks), platform (Linux and Windows), and format (e.g., stripped and PIC  ...  Acknowledgment We would like to thank our reviewers for helping us improve the paper. This material is based upon work supported by the Defense Advanced Research Projects Agency under Contract No.  ... 
dblp:conf/uss/NagyNHDH21 fatcat:ey3q4amsgfezhh4qcyq3u5dwji

Privately Finding Specifications

W. Weimer, N. Mishra
2008 IEEE Transactions on Software Engineering  
Buggy software is a reality and automated techniques for discovering bugs are highly desirable. A specification describes the correct behavior of a program.  ...  For example, a file must eventually be closed once it has been opened. Specifications are learned by finding patterns in normal program execution traces versus erroneous ones.  ...  Beyond an immediate use in bug finding, specifications can also be used to guide development and aid in program understanding.  ... 
doi:10.1109/tse.2007.70744 fatcat:zujupxms2jfiborbdytaldxaee
« Previous Showing results 1 — 15 out of 218 results