Effective Bug Finding in C Programs with Shape and Effect Abstractions

Publikation: Konference artikel i Proceeding eller bog/rapport kapitelKonferencebidrag i proceedingsForskningpeer review

Abstract

Software projects tend to suffer from conceptually simple resource manipulation bugs, such as accessing a de-allocated memory region, or acquiring a non-reentrant lock twice. Static code scanners are used extensively to remove these bugs from projects like the Linux kernel. Yet, when the manipulation of the resource spans multiple functions, efficiently finding these bugs is a challenge. We present a shape-and-effect inference system for C, that enables efficient and scalable inter-procedural reasoning about resource manipulation. The inference system is used to build a program abstraction: a control-flow graph decorated with alias relationships and observable effects. Bugs are found by model checking this control-flow graph, matching undesirable sequences of operations. We evaluate a prototype implementation of our approach (EBA) and run it on a collection of historical double-lock bugs from the Linux kernel. Our results show that our tool is more effective at finding bugs than similar code-scanning tools. EBA analyzes the drivers/ directory of Linux (nine thousand files) in less than thirty minutes, and uncovers a handful previously unknown double-lock bugs in various drivers.

OriginalsprogEngelsk
TitelVerification, Model Checking, and Abstract Interpretation : 18th International Conference, VMCAI 2017, Paris, France, January 15–17, 2017, Proceedings
ForlagSpringer
Publikationsdato2017
Sider34-54
ISBN (Trykt)978-3-319-52233-3
ISBN (Elektronisk)978-3-319-52234-0
DOI
StatusUdgivet - 2017
Begivenhed18th International Conference on Verification, Model Checking, and Abstract Interpretation - The Jussieu campus of Université Pierre et Marie Curie, Paris, Frankrig
Varighed: 15 jan. 201717 jan. 2017
Konferencens nummer: 18
http://conf.researchr.org/home/VMCAI-2017

Konference

Konference18th International Conference on Verification, Model Checking, and Abstract Interpretation
Nummer18
LokationThe Jussieu campus of Université Pierre et Marie Curie
Land/OmrådeFrankrig
ByParis
Periode15/01/201717/01/2017
Internetadresse
NavnLecture Notes in Computer Science
Vol/bind10145
ISSN0302-9743

Emneord

  • Type and effects
  • Bug finding
  • C
  • Type inference
  • Model checking
  • Linux
  • Double lock

Fingeraftryk

Dyk ned i forskningsemnerne om 'Effective Bug Finding in C Programs with Shape and Effect Abstractions'. Sammen danner de et unikt fingeraftryk.

Citationsformater