Model-checking software library API usage rules

Modern software increasingly relies on using libraries which are accessed via Application Programming Interfaces (APIs). Libraries usually impose constraints on how API functions can be used (API usage rules) and programmers have to obey these API usage rules. However, API usage rules often are not well-documented or documented informally. In this work, we show how to use the SCTPL logic to precisely specify API usage rules in libraries, where SCTPL can be seen as an extension of the branching-time temporal logic CTL with variables, quantifiers, and predicates over the stack. This allows library providers to formally describe API usage rules without knowing how their libraries will be used by programmers. We also propose an approach to automatically check whether programs using libraries violate or not the corresponding API usage rules. Our approach consists in modeling programs as pushdown systems (PDSs), and checking API usage rules on programs using SCTPL model checking for PDSs. To make the model-checking procedure more efficient, we propose an abstraction that reduces drastically the size of the program model. Moreover, we characterize a sub-logic rSCTPL of SCTPL preserved by the abstraction. rSCTPL is sufficient to precisely specify all the API usage rules we met. We implemented our techniques in a tool and applied it to check several API usage rules. Our tool detected several previously unknown errors in well-known programs, such as Nssl, Verbs, Acacia+, Walksat and Getafix. Our experimental results are encouraging.

[1]  Leonardo Mariani,et al.  Automatic generation of software behavioral models , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[2]  Thomas A. Henzinger,et al.  The software model checker B last : Applications to software engineering , 2007 .

[3]  Eran Yahav,et al.  Static Specification Mining Using Automata-Based Abstractions , 2008, IEEE Trans. Software Eng..

[4]  Thomas A. Henzinger,et al.  The software model checker Blast , 2007, International Journal on Software Tools for Technology Transfer.

[5]  James R. Larus,et al.  Mining specifications , 2002, POPL '02.

[6]  Dawson R. Engler,et al.  From uncertainty to belief: inferring the specification within , 2006, OSDI '06.

[7]  Javier Esparza,et al.  Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.

[8]  Tao Xie,et al.  Mining API Error-Handling Specifications from Source Code , 2009, FASE.

[9]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[10]  Zhendong Su,et al.  Javert: fully automatic mining of general temporal properties from dynamic traces , 2008, SIGSOFT '08/FSE-16.

[11]  Daniel Le Métayer,et al.  Model Checking Security Properties of Control Flow Graphs , 2001, J. Comput. Secur..

[12]  David A. Wagner,et al.  MOPS: an infrastructure for examining security properties of software , 2002, CCS '02.

[13]  David A. Wagner,et al.  Model Checking One Million Lines of C Code , 2004, NDSS.

[14]  Thomas A. Henzinger,et al.  Permissive interfaces , 2005, ESEC/FSE-13.

[15]  Suresh Jagannathan,et al.  Static specification inference using predicate mining , 2007, PLDI '07.

[16]  Tayssir Touili,et al.  Efficient Malware Detection Using Model-Checking , 2012, FM.

[17]  Klaus Havelund,et al.  Model checking programs , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[18]  Zhendong Su,et al.  Symbolic mining of temporal specifications , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[19]  Chang Liu,et al.  Software Library Usage Pattern Extraction Using a Software Model Checker , 2006, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06).

[20]  Daniel Kroening,et al.  Model checking concurrent linux device drivers , 2007, ASE.

[21]  Manuel Fähndrich,et al.  Static Contract Checking with Abstract Interpretation , 2010, FoVeOOS.

[22]  Jian Pei,et al.  Mining API patterns as partial orders from source code: from usage scenarios to specifications , 2007, ESEC-FSE '07.

[23]  Willem Visser,et al.  Model Checking Programs with Java PathFinder , 2005, SPIN.

[24]  David Lo,et al.  Mining Quantified Temporal Rules: Formalism, Algorithms, and Evaluation , 2009, 2009 16th Working Conference on Reverse Engineering.

[25]  Andreas Zeller,et al.  Mining temporal specifications from object usage , 2011, Automated Software Engineering.

[26]  Grigore Rosu,et al.  Mining Parametric State-Based Specifications from Executions , 2008 .

[27]  Manuvir Das,et al.  Perracotta: mining temporal API rules from imperfect traces , 2006, ICSE.

[28]  Tayssir Touili,et al.  Efficient CTL model-checking for pushdown systems , 2011, Theor. Comput. Sci..

[29]  Andreas Zeller,et al.  Mining object behavior with ADABU , 2006, WODA '06.

[30]  Stefan Katzenbeisser,et al.  Detecting Malicious Code by Model Checking , 2005, DIMVA.

[31]  Andreas Zeller,et al.  Detecting object usage anomalies , 2007, ESEC-FSE '07.

[32]  Patrice Godefroid,et al.  Software Model Checking: The VeriSoft Approach , 2005, Formal Methods Syst. Des..

[33]  Siau-Cheng Khoo,et al.  SMArTIC: towards building an accurate, robust and scalable specification miner , 2006, SIGSOFT '06/FSE-14.

[34]  Tayssir Touili,et al.  Pushdown Model Checking for Malware Detection , 2012, TACAS.