We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Coccinelle: Finding bugs in open source systems code

18
 Cite
 Share
 Related Material
 Download
 Purchase
Logo of FOSDEM VZWFOSDEM VZW
 Lawall, Julia

Formal Metadata

Title
Coccinelle: Finding bugs in open source systems code
Title of Series
Number of Parts
97
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Bugs are pervasive in code. And when one finds one bug there are often others of the same type lurking in other parts of the code base. The difficulty then is how to find them efficiently within thousands or millions of lines of code. At the University of Copenhagen, in collaboration with researchers in Paris and Aalborg, we have been developing the Coccinelle program matching and transformation engine. Coccinelle provides a language, SmPL (semantic patch language), for writing complex code patterns that may perform simple searching or that can be annotated with transformation information. A novelty of Coccinelle is that these patterns look very similar to ordinary source code. Nevertheless, SmPL patterns can be made generic using pattern variables, and are matched according to the semantics of the source code rather than the line-by-line syntax, and hence we have given them the name semantic patches. In this talk, we will introduce Coccinelle and the SmPL language, and then illustrate its use with examples based on bugs that we have found and fixed in Linux kernel code. In particular, we will focus on how the source-code like language makes it easy to customize the bug finding process to very specific problems and to fine-tune semantic patches to reduce the number of false positives, which plague automated bug finding tools. To date, over 400 patches derived from the use of Coccinelle have been accepted into the Linux kernel source tree. Coccinelle is a program matching and transformation system targeting C code. Coccinelle provides a language, SmPL (semantic patch language), for writing complex code patterns that may perform simple searching or that can be annotated with transformation information. A novelty of Coccinelle is that these patterns look very similar to ordinary source code. Nevertheless, SmPL patterns can be made generic using pattern variables, and are matched according to the semantics of the source code rather than the line-by-line syntax. In developing Coccinelle, we have particularly targeted Linux kernel code. Nevertheless, Coccinelle has been applied in the context of other open source software projects, such as OpenSSL and Wine. To date, over 400 patches derived from the use of Coccinelle have been accepted into the Linux kernel source tree.