• Publications
  • Influence
An empirical study of operating systems errors
We present a study of operating system errors found by automatic, static, compiler analysis applied to the Linux and OpenBSD kernels. Our approach differs from previous studies that consider errorsExpand
  • 752
  • 41
  • Open Access
Bugs as deviant behavior: a general approach to inferring errors in systems code
A major obstacle to finding program errors in a real system is knowing what correctness rules the system must obey. These rules are often undocumented or specified in an ad hoc manner. This paperExpand
  • 717
  • 40
  • Open Access
A few billion lines of code later
How Coverity built a bug-finding tool, and a business, around the unlimited supply of bugs in software systems.
  • 516
  • 35
  • Open Access
CMC: a pragmatic approach to model checking real code
Many system errors do not emerge unless some intricate sequence of events occurs. In practice, this means that most systems have errors that only trigger after days or weeks of execution. ModelExpand
  • 414
  • 34
  • Open Access
Checking system rules using system-specific, programmer-written compiler extensions
Systems software such as OS kernels, embedded systems, and libraries must obey many rules for both correctness and performance. Common examples include "accesses to variable A must be guarded by lockExpand
  • 562
  • 21
  • Open Access
ARCHER: using symbolic, path-sensitive analysis to detect memory access errors
Memory corruption errors lead to non-deterministic, elusive crashes. This paper describes ARCHER (ARray CHeckER) a static, effective memory access checker. ARCHER uses path-sensitive, interproceduralExpand
  • 211
  • 19
  • Open Access
Checking systemrules using system-specific
  • 66
  • 6
Interactive data Analysis: The Control Project
Data analysis is fundamentally an iterative process in which you issue a query, receive a response, formulate the next query based on the response, and repeat. You usually don't issue a single,Expand
  • 208
  • 5
In-teractive data analysis with CONTROL
  • 26
  • 3