{"id":184387,"date":"2004-09-10T00:00:00","date_gmt":"2009-10-31T13:41:58","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/msr-research-item\/specification-based-annotation-inference\/"},"modified":"2016-09-09T09:43:16","modified_gmt":"2016-09-09T16:43:16","slug":"specification-based-annotation-inference","status":"publish","type":"msr-video","link":"https:\/\/www.microsoft.com\/en-us\/research\/video\/specification-based-annotation-inference\/","title":{"rendered":"Specification-Based Annotation Inference"},"content":{"rendered":"<div class=\"asset-content\">\n<p>A great wealth of information about a program may be implicit in the source code itself; for example, in C and C++ this includes parameter usage and NULL-ness, buffer extents, potential taint, and resource management obligations.  When this information is added to existing programs in the form of annotations, aspects of the program&#8217;s correctness can be verified by checking the source code on a function-by-function basis.  However, it is time-consuming to manually annotate millions of lines of legacy code.<\/p>\n<p>In this talk we present a specification language and engine to be used for automatically inferring annotations in very large programs.  A specification consists of a collection of rules for deriving possible program states and annotations in a flow-sensitive manner, and the engine performs a graph search to exhaustively apply those rules.  Specifications are independent from the actual program semantics, so the engine may both miss annotations and infer spurious ones; we discuss the usage of soundness (accuracy) and completeness (coverage) as metrics to evaluate specifications.<\/p>\n<p>We present the results of inferring annotations about parameter usage, NULL-ness, and buffer sizes in the complete Windows code base.  As part of the Windows SAL effort, these annotations are currently being reviewed and checked in by developers.<\/p>\n<\/div>\n<p><!-- .asset-content --><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A great wealth of information about a program may be implicit in the source code itself; for example, in C and C++ this includes parameter usage and NULL-ness, buffer extents, potential taint, and resource management obligations. When this information is added to existing programs in the form of annotations, aspects of the program&#8217;s correctness can [&hellip;]<\/p>\n","protected":false},"featured_media":289067,"template":"","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"_classifai_error":"","msr_hide_image_in_river":0,"footnotes":""},"research-area":[],"msr-video-type":[],"msr-locale":[268875],"msr-post-option":[],"msr-session-type":[],"msr-impact-theme":[],"msr-pillar":[],"msr-episode":[],"msr-research-theme":[],"class_list":["post-184387","msr-video","type-msr-video","status-publish","has-post-thumbnail","hentry","msr-locale-en_us"],"msr_download_urls":"","msr_external_url":"https:\/\/youtu.be\/2Md5cwK59EI","msr_secondary_video_url":"","msr_video_file":"","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video\/184387","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/msr-video"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video\/184387\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media\/289067"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=184387"}],"wp:term":[{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=184387"},{"taxonomy":"msr-video-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-video-type?post=184387"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=184387"},{"taxonomy":"msr-post-option","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-post-option?post=184387"},{"taxonomy":"msr-session-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-session-type?post=184387"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=184387"},{"taxonomy":"msr-pillar","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-pillar?post=184387"},{"taxonomy":"msr-episode","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-episode?post=184387"},{"taxonomy":"msr-research-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-research-theme?post=184387"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}