System Software and Software Security
Most real-world software systems are multilingual, that is, they consist of components developed in different programming languages, enabling to reuse existing code modules, and to mix and match the strengths of different languages. Recently, many representative multilingual software systems spring up in fields like artificial intelligence, quantum information, scientific computing, etc. Some representative architectures, like Python frontend with C/C++ native implementation, are adopted by more and more applications. However, it’s difficult to write safe and reliable multilingual software, programmers need carefully take into account the discrepancies between languages on issues such as language features, data layout, memory management, safety/security assumptions, and many others. At the same time, for lack of empirical analysis, program analysis infrastructures and frameworks, existing software analysis techniques cannot support multilingual software effectively and efficiently. Based on these research questions, this team will study the multilingual program analysis/verification, develop novel methods and tools for complex program comprehension and bug finding/fixing.
The Python/C API: Evolution, Usage Statistics, and Bug Patterns,Mingzhe Hu, Yu Zhang, SANER 2020
This paper builds a toolchain PyCEAC (GitHub) utilizing frontend compiling technology. We extract the Python/C API corpus of all big release versions from CPython 2.7.0 to 3.7.0, and apply an evolution analysis. By extracting Python/C API subset used in mainstream applications with different domains and different code sizes, we also analyze the usage statistics of the Python/C API. Based on these, and language features discrepancies, issues lists, related work, and reference manual as well, we further summarize 10 classes of representative bug patterns concerning the Python/C API, with bug instances from Pillow, a Python image processing library.
地址:West Campas, USTC, Hefei, Anhui 电话:0551-63603804 Email:yuzhang@ustc.edu.cn
USTC NetService制作维护