Xi Wang, Massachusetts Institute of TechnologyWednesday, February 26, 4:30pm
Computer Science 105
Software bugs introduce security vulnerabilities into our
computer systems. To understand and mitigate an increasing number of
bugs, practitioners categorize them into classes, such as buffer
overflow or SQL injection, and handle each class separately.
This talk introduces a new class of bugs called unstable code:
code that is unexpectedly discarded by compiler optimizations due
to undefined behavior in the program. I will discuss its prevalence and
security impact in systems, and present a systematic approach for
reasoning about unstable code, as well as a static checker called Stack
that implements this approach to precisely identify unstable code in
real systems. Applying Stack to widely used software has uncovered 160
new bugs that have been confirmed and fixed by developers. It has also
been adopted by several companies to scan their codebases.
Xi Wang is a PhD candidate in Computer Science at MIT, advised by M.
Frans Kaashoek and Nickolai Zeldovich. His research interests are in
building secure and reliable systems. He was awarded a Best Paper Award
at SOSP 2013, a Best Student Paper Award at EuroSys 2008, and an MIT
Jacobs Presidential Fellowship in 2008.