Detecting Deadlock, Double-Free and Other Abuses in a Million Lines of Linux Kernel Source

Author

Breuer, Peter T. ; Pickin, Simon ; Petrie, Maria Larrondo

Author_Institution

Departmento de Ingeneria Telematica, Univ. Carlos III de Madrid

fYear

2006

fDate

38808

Firstpage

223

Lastpage

233

Abstract

The formal analysis described here detects two so far undetected real deadlock situations per thousand C source files or million lines of code in the open source Linux operating system kernel, and three undetected accesses to freed memory, at a few seconds per file. That is notable because the code has been continuously under scrutiny from thousands of developers\´ pairs of eyes. In distinction to mo del-checking techniques, which also use symbolic logic, the analysis uses a "3-phase" compositional Hoare-style programming logic combined with abstract interpretation. The result is a customisable post-hoc semantic analysis of C code that is capable of several different analyses at once

Keywords

C language; Linux; formal specification; logic programming; program diagnostics; system recovery; 3-phase compositional Hoare-style programming logic; C source files; abstract interpretation; customisable post-hoc semantic analysis; deadlock detection; formal analysis; freed memory; million code lines; model-checking techniques; open source Linux operating system kernel; symbolic logic; undetected accesses; Arithmetic; Assembly; Computer crime; Computer science; Eyes; Kernel; Linux; Logic programming; Operating systems; System recovery;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering Workshop, 2006. SEW '06. 30th Annual IEEE/NASA

Conference_Location

Columbia, MD

ISSN

1550-6215

Print_ISBN

0-7695-2624-1

Type

conf

DOI

10.1109/SEW.2006.15

Filename

4090265