Abstract
Traditional compilers ignore processor specifications, thousands of pages of which are available for modern processors. To bridge this gap, em-SPADE analyzes processor specifications and creates processor-specific rules to reduce low-level programming errors. This work shows the potential of automatically analyzing processor- and other hardware specifications to detect low-level programming errors at compile time.
em-SPADE is a compiler extension to automatically detect software bugs in low-level programs. From processor specifications, a preprocessor extracts target-specific rules such as register use and read-only or reserved registers. A special LLVM pass then uses these rules to detect incorrect register assignments. Our experiments with em-SPADE have correctly extracted 652 rules from 15 specifications and consequently found 20 bugs in ten software projects. The work is generalizable to other types of specifications and shows the clear prospects of using hardware specifications to enhance compilers.
- P. Anderson. Detecting bugs in safety-critical code. In Dr. Dobb's Journal, 2008.Google Scholar
- Arduino. http://www.arduino.cc/.Google Scholar
- Avr-gcc. http://gcc.gnu.org/wiki/avr-gcc.Google Scholar
- Christoph Csallner and Tao Xie. DSD-Crasher: A hybrid analysis tool for bug finding. In ISSTA, pages 245--254. ACM, 2006. Google Scholar
Digital Library
- Nikhil Dinesh, Aravind Joshi, Insup Lee, and BonnieWebber. Extracting Formal Specifications from Natural Language Regulatory Documents. In Proceedings of the Fifth International Workshop on Inference in Computational Semantics, 2006.Google Scholar
- Dawson Engler, David Yu Chen, Seth Hallem, Andy Chou, and Benjamin Chelf. Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code. In Proceedings of the Eighteenth ACM Symposium on Operating Systems Principles, SOSP '01, pages 57--72, New York, NY, USA, 2001. ACM. Google Scholar
Digital Library
- Ansgar Fehnker, Ralf Huuck, Bastian Schlich, and Michael Tapp. Automatic Bug Detection in Microcontroller Software by Static Program Analysis. In Proceedings of the 35th Conference on Current Trends in Theory and Practice of Computer Science, SOFSEM '09, pages 267--278, Berlin, Heidelberg, 2009. Springer-Verlag. Google Scholar
Digital Library
- Seth Hallem, Benjamin Chelf, Yichen Xie, and Dawson Engler. A system and language for building system-specific, static analyses. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, PLDI '02, pages 69--82, New York, NY, USA, 2002. ACM. Google Scholar
Digital Library
- The LLVM Compiler Infrastructure. http://llvm.org/.Google Scholar
- Holger M. Kienle, Johan Kraft, and Thomas Nolte. System-Specific Static Code Analyses: A Case Study in the Complex Embedded Systems Domain. Software Quality Control, 20(2):337--367, June 2012. Google Scholar
Digital Library
- Zhenmin Li and Yuanyuan Zhou. PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code. In Proceedings of the 10th European Software Engineering Conference held jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering, ESEC/FSE-13, pages 306--315, New York, NY, USA, 2005. ACM. Google Scholar
Digital Library
- Pololu AVR Library. http://www.pololu.com/docs/0J20.Google Scholar
- Shan Lu, Soyeon Park, Chongfeng Hu, Xiao Ma, Weihang Jiang, Zhenmin Li, Raluca A. Popa, and Yuanyuan Zhou. MUVI: Automatically Inferring Multi-variable Access Correlations and Detecting Related Semantic and Concurrency Bugs. In Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles, SOSP '07, pages 103--116, New York, NY, USA, 2007. ACM. Google Scholar
Digital Library
- Atmel AVR Microcontrollers. http://www.atmel.com/ products/microcontrollers/avr/default.aspx.Google Scholar
- Optiboot. https://code.google.com/p/optiboot/.Google Scholar
- Yoann Padioleau, Lin Tan, and Yuanyuan Zhou. Listening to Programmers--Taxonomies and Characteristics of Comments in Operating System Code. In Proceedings of the 31st International Conference on Software Engineering, ICSE '09, pages 331--341,Washington, DC, USA, 2009. IEEE Computer Society. Google Scholar
Digital Library
- Rahul Pandita, Xusheng Xiao, Hao Zhong, Tao Xie, Stephen Oney, and Amit Paradkar. Inferring Method Specifications from Natural Language API Descriptions. In Proceedings of the 2012 International Conference on Software Engineering, ICSE 2012, pages 815--825, Piscataway, NJ, USA, 2012. IEEE Press. Google Scholar
Digital Library
- Pdftk. http://www.pdflabs.com/tools/pdftk-the-pdf-toolkit/.Google Scholar
- Pdftotext. http://linux.die.net/man/1/pdftotext.Google Scholar
- Boost Regex. http://www.boost.org/doc/libs/1_53_0/libs/regex/doc/html/index.html.Google Scholar
- Yannis Smaragdakis and Christoph Csallner. Combining static and dynamic reasoning for bug detection. In Proc. 1st International Conference on Tests And Proofs (TAP), pages 1--16. Springer, 2007. Google Scholar
Digital Library
- ATMEL ATmega48PA/ATmea88PA/ATmega168PA/ATmega328P specification document.Google Scholar
- ATMEL ATmega48V/ATmea88V/ATmega168V specification document.Google Scholar
- ATMEL ATmega640/V specification document.Google Scholar
- ATMEL ATtiny4 specification document.Google Scholar
- ATMEL ATtiny84 specification document.Google Scholar
- ATMEL ATUC256L3U/ATUC128L3U specification document.Google Scholar
- NXP UM10360 specification document.Google Scholar
- Lin Tan, Ding Yuan, Gopal Krishna, and Yuanyuan Zhou./*iComment: Bugs or Bad Comments?*/. SIGOPS Oper. Syst. Rev., 41(6):145--158, October 2007. Google Scholar
Digital Library
- Suresh Thummalapenta and Tao Xie. Alattin: Mining alternative patterns for detecting neglected conditions. In Proceedings of the 2009 IEEE/ACM International Conference on Automated Software Engineering, pages 283--294. IEEE Computer Society, 2009. Google Scholar
Digital Library
- Ferdian Thung, Lucia, David Lo, Lingxiao Jiang, Foyzur Rahman, and Premkumar T. Devanbu. To What Extent Could We Detect Field Defects? An Empirical Study of False Negatives in Static Bug Finding Tools. In Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012, pages 50--59, New York, NY, USA, 2012. ACM. Google Scholar
Digital Library
- Qian Wu, Guangtai Liang, Qianxiang Wang, Tao Xie, and Hong Mei. Iterative mining of resource-releasing specifications. In Automated Software Engineering (ASE), 2011 26th IEEE/ACM International Conference on, pages 233--242. IEEE, 2011. Google Scholar
Digital Library
- Tao Xie, M. Acharya, S. Thummalapenta, and K. Taneja. Improving software reliability and productivity via mining program source code. In Parallel and Distributed Processing, 2008. IPDPS 2008. IEEE International Symposium on, pages 1--5, April 2008.Google Scholar
Cross Ref
- Tao Xie, Jian Pei, and A.E. Hassan. Mining software engineering data. In Software Engineering - Companion, 2007. ICSE 2007 Companion. 29th International Conference on, pages 172--173, May 2007. Google Scholar
Digital Library
- Wei Zhang, Junghee Lim, Ramya Olichandran, Joel Scherpelz, Guoliang Jin, Shan Lu, and Thomas Reps. ConSeq: Detecting Concurrency Bugs Through Sequential Errors. In Proceedings of the Sixteenth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS XVI, pages 251--264,New York, NY, USA, 2011. ACM. Google Scholar
Digital Library
- Pin Zhou, Wei Liu, Long Fei, Shan Lu, Feng Qin, Yuanyuan Zhou, Samuel Midkiff, and Josep Torrellas. AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based Invariants. In Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, MICRO 37, pages 269--280, Washington, DC, USA, 2004. IEEE Computer Society. Google Scholar
Digital Library
Index Terms
em-SPADE: a compiler extension for checking rules extracted from processor specifications
Recommendations
em-SPADE: a compiler extension for checking rules extracted from processor specifications
LCTES '14: Proceedings of the 2014 SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systemsTraditional compilers ignore processor specifications, thousands of pages of which are available for modern processors. To bridge this gap, em-SPADE analyzes processor specifications and creates processor-specific rules to reduce low-level programming ...
Efficient embedded code generation with multiple load-store instructions
In a recent study, we discovered that many single load-store operations in embedded applications can be parallelized and thus encoded simultaneously in a single-instruction multiple-data instruction, called the multiple load-store (MLS) instruction. In ...
Evaluation of scheduling techniques on a SPARC-based VLIW testbed
MICRO 30: Proceedings of the 30th annual ACM/IEEE international symposium on MicroarchitectureThe performance of Very Long Instruction Word (VLIW) microprocessors depends on the close cooperation between the compiler and the architecture. This paper evaluates a set of important compilation techniques and related architectural features for VLIW ...







Comments