TY - GEN
T1 - Detecting latent cross-platform API violations
AU - Rasley, Jeff
AU - Gessiou, Eleni
AU - Ohmann, Tony
AU - Brun, Yuriy
AU - Krishnamurthi, Shriram
AU - Cappos, Justin
N1 - Funding Information:
Yanyan Zhuang, Savvas Savvides, Yang Li, Jonathan Jacky, Phyllis Frankl, and Ivan Beschastnikh provided useful feedback and implementation help. This work is supported by the National Science Foundation under grants CNS-1205415, CNS-1405904, CCF-1453508, CNS-1513055, CNS-1513457, and DGE-1058262.
PY - 2016/1/13
Y1 - 2016/1/13
N2 - Many APIs enable cross-platform system development by abstracting over the details of a platform, allowing application developers to write one implementation that will run on a wide variety of platforms. Unfortunately, subtle differences in the behavior of the underlying platforms make cross-platform behavior difficult to achieve. As a result, applications using these APIs can be plagued by bugs difficult to observe before deployment. These portability bugs can be particularly difficult to diagnose and fix because they arise from the API implementation, the operating system, or hardware, rather than application code. This paper describes CheckAPI, a technique for detecting violations of cross-platform portability. CheckAPI compares an application's interactions with the API implementation to its interactions with a partial specification-based API implementation, and does so efficiently enough to be used in real production systems and at runtime. CheckAPI finds latent errors that escape pre-release testing. This paper discusses the subtleties of different kinds of API calls and strategies for effectively producing the partial implementations. Validating CheckAPI on JavaScript, the Seattle project's Repy VM, and POSIX detects dozens of violations that are confirmed bugs in widely-used software.
AB - Many APIs enable cross-platform system development by abstracting over the details of a platform, allowing application developers to write one implementation that will run on a wide variety of platforms. Unfortunately, subtle differences in the behavior of the underlying platforms make cross-platform behavior difficult to achieve. As a result, applications using these APIs can be plagued by bugs difficult to observe before deployment. These portability bugs can be particularly difficult to diagnose and fix because they arise from the API implementation, the operating system, or hardware, rather than application code. This paper describes CheckAPI, a technique for detecting violations of cross-platform portability. CheckAPI compares an application's interactions with the API implementation to its interactions with a partial specification-based API implementation, and does so efficiently enough to be used in real production systems and at runtime. CheckAPI finds latent errors that escape pre-release testing. This paper discusses the subtleties of different kinds of API calls and strategies for effectively producing the partial implementations. Validating CheckAPI on JavaScript, the Seattle project's Repy VM, and POSIX detects dozens of violations that are confirmed bugs in widely-used software.
UR - http://www.scopus.com/inward/record.url?scp=84964817633&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84964817633&partnerID=8YFLogxK
U2 - 10.1109/ISSRE.2015.7381841
DO - 10.1109/ISSRE.2015.7381841
M3 - Conference contribution
AN - SCOPUS:84964817633
T3 - 2015 IEEE 26th International Symposium on Software Reliability Engineering, ISSRE 2015
SP - 484
EP - 495
BT - 2015 IEEE 26th International Symposium on Software Reliability Engineering, ISSRE 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 26th IEEE International Symposium on Software Reliability Engineering, ISSRE 2015
Y2 - 2 November 2015 through 5 November 2015
ER -