{"id":"https://openalex.org/W3109904794","doi":"https://doi.org/10.1145/3368089.3409686","title":"UBITect: a precise and scalable method to detect use-before-initialization bugs in Linux kernel","display_name":"UBITect: a precise and scalable method to detect use-before-initialization bugs in Linux kernel","publication_year":2020,"publication_date":"2020-11-07","ids":{"openalex":"https://openalex.org/W3109904794","doi":"https://doi.org/10.1145/3368089.3409686","mag":"3109904794"},"language":"en","primary_location":{"id":"doi:10.1145/3368089.3409686","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409686","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409686","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409686","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019222426","display_name":"Yizhuo Zhai","orcid":"https://orcid.org/0009-0005-8243-3495"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yizhuo Zhai","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100337968","display_name":"Hao Yu","orcid":"https://orcid.org/0000-0002-3944-3162"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yu Hao","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100438424","display_name":"Hang Zhang","orcid":"https://orcid.org/0000-0001-5113-6125"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hang Zhang","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004206266","display_name":"Daimeng Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daimeng Wang","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005972298","display_name":"Chengyu Song","orcid":"https://orcid.org/0000-0001-6617-3068"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chengyu Song","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022038961","display_name":"Zhiyun Qian","orcid":"https://orcid.org/0000-0003-1506-2522"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiyun Qian","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088825348","display_name":"Mohsen Lesani","orcid":"https://orcid.org/0000-0002-3165-2322"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mohsen Lesani","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086268637","display_name":"Srikanth V. Krishnamurthy","orcid":"https://orcid.org/0000-0002-6533-4381"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Srikanth V. Krishnamurthy","raw_affiliation_strings":["University of California at Riverside, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Riverside, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000981358","display_name":"Paul Yu","orcid":"https://orcid.org/0000-0003-1577-3914"},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Paul Yu","raw_affiliation_strings":["U.S. Army Research Laboratory, USA"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Laboratory, USA","institution_ids":["https://openalex.org/I166416128"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5019222426"],"corresponding_institution_ids":["https://openalex.org/I103635307"],"apc_list":null,"apc_paid":null,"fwci":1.4953,"has_fulltext":true,"cited_by_count":27,"citation_normalized_percentile":{"value":0.86754914,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"221","last_page":"232"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/initialization","display_name":"Initialization","score":0.8242756128311157},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7978044748306274},{"id":"https://openalex.org/keywords/linux-kernel","display_name":"Linux kernel","score":0.752564549446106},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.6193386316299438},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5277493596076965},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.525649905204773},{"id":"https://openalex.org/keywords/symbolic-execution","display_name":"Symbolic execution","score":0.508492112159729},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.5083674788475037},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.49483126401901245},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.49057239294052124},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.48355910181999207},{"id":"https://openalex.org/keywords/control-flow-graph","display_name":"Control flow graph","score":0.4679001569747925},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4455417990684509},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.41698744893074036},{"id":"https://openalex.org/keywords/parallel-computing","display_name":"Parallel computing","score":0.3830833435058594},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.36679747700691223},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.1758059859275818},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.17336511611938477}],"concepts":[{"id":"https://openalex.org/C114466953","wikidata":"https://www.wikidata.org/wiki/Q6034165","display_name":"Initialization","level":2,"score":0.8242756128311157},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7978044748306274},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.752564549446106},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.6193386316299438},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5277493596076965},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.525649905204773},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.508492112159729},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.5083674788475037},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.49483126401901245},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.49057239294052124},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.48355910181999207},{"id":"https://openalex.org/C27458966","wikidata":"https://www.wikidata.org/wiki/Q1187693","display_name":"Control flow graph","level":2,"score":0.4679001569747925},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4455417990684509},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.41698744893074036},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.3830833435058594},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.36679747700691223},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.1758059859275818},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.17336511611938477},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3368089.3409686","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409686","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409686","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3368089.3409686","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409686","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409686","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.7400000095367432,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G2043895709","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3693556586","display_name":null,"funder_award_id":"2-004","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3732666562","display_name":null,"funder_award_id":"W911NF-13","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3803116301","display_name":null,"funder_award_id":"CNS-1718997","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"},{"id":"https://openalex.org/G3894958792","display_name":null,"funder_award_id":"CNS-1718997","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4307486606","display_name":null,"funder_award_id":"W911NF-13-2-0045 (ARL Cyber Security CRA)","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G4504108201","display_name":null,"funder_award_id":"N00014-17-1","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G4751570384","display_name":null,"funder_award_id":"4-17-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G5259331294","display_name":null,"funder_award_id":"W911NF","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G5979736433","display_name":null,"funder_award_id":"W911NF-13-2-0045 (ARL Cyber Security CRA)","funder_id":"https://openalex.org/F4320338456","funder_display_name":"DEVCOM Army Research Laboratory"},{"id":"https://openalex.org/G637290822","display_name":null,"funder_award_id":"N00014-17-1-289","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8000996158","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338456","funder_display_name":"DEVCOM Army Research Laboratory"},{"id":"https://openalex.org/G8727049869","display_name":null,"funder_award_id":"W911NF-13","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8763038417","display_name":null,"funder_award_id":"Cooperative Agreement Number W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320315784","display_name":"U.S. Army Combat Capabilities Development Command Soldier Center","ror":"https://ror.org/02rdkx920"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"},{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"},{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"},{"id":"https://openalex.org/F4320338456","display_name":"DEVCOM Army Research Laboratory","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3109904794.pdf","grobid_xml":"https://content.openalex.org/works/W3109904794.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W1542462119","https://openalex.org/W1710734607","https://openalex.org/W1899538528","https://openalex.org/W2043811931","https://openalex.org/W2078186835","https://openalex.org/W2108827856","https://openalex.org/W2156268601","https://openalex.org/W2538805569","https://openalex.org/W2612883158","https://openalex.org/W2613274303","https://openalex.org/W2792181598","https://openalex.org/W2793974819","https://openalex.org/W2891748016","https://openalex.org/W3004040842","https://openalex.org/W4240590466"],"related_works":["https://openalex.org/W2274607126","https://openalex.org/W2151725765","https://openalex.org/W2004278744","https://openalex.org/W2809434123","https://openalex.org/W1637912404","https://openalex.org/W4387321530","https://openalex.org/W2058510542","https://openalex.org/W2138788987","https://openalex.org/W4214665345","https://openalex.org/W3006186133"],"abstract_inverted_index":{"Use-before-Initialization":[0],"(UBI)":[1],"bugs":[2,59,69,191],"in":[3],"the":[4,53,85,98,103,167,179],"Linux":[5,105,180,204],"kernel":[6,168,181],"have":[7],"serious":[8],"security":[9],"impacts,":[10],"such":[11,94],"as":[12,196],"information":[13],"leakage":[14],"and":[15,62,122,128,159,199],"privilege":[16],"escalation.":[17],"Developers":[18],"are":[19,144],"adopting":[20],"forced":[21],"initialization":[22,48,81],"to":[23,34,45,56,76,90,102,125,140,146,166],"cope":[24],"with":[25],"UBI":[26,58,68,112,130,148],"bugs,":[27,187],"but":[28],"this":[29],"approach":[30],"can":[31,162],"still":[32],"lead":[33],"undefined":[35],"behaviors":[36],"(e.g.,":[37],"NULL":[38],"pointer":[39],"dereference).":[40],"As":[41],"it":[42,161],"is":[43,60],"hard":[44],"infer":[46],"correct":[47],"values,":[49],"we":[50],"believe":[51],"that":[52,143],"best":[54],"way":[55],"mitigate":[57],"detection":[61,66,99],"manual":[63,155],"patching.":[64],"Precise":[65],"of":[67],"requires":[70],"path-sensitive":[71],"analysis.":[72],"The":[73,133],"detector":[74],"needs":[75],"track":[77],"an":[78],"associated":[79],"variable\u2019s":[80],"status":[82],"along":[83],"all":[84],"possible":[86],"program":[87],"execution":[88,124,139],"paths":[89],"its":[91],"uses.":[92],"However,":[93],"exhaustive":[95],"analysis":[96,121,136],"prevents":[97],"from":[100],"scaling":[101],"whole":[104],"kernel.":[106],"This":[107],"paper":[108],"presents":[109],"UBITect,":[110],"a":[111],"bug":[113,131],"finding":[114],"tool":[115],"which":[116,189],"combines":[117],"flow-sensitive":[118],"type":[119],"qualifier":[120,135],"symbolic":[123,138],"perform":[126],"precise":[127],"scalable":[129,134],"detection.":[132],"guides":[137],"analyze":[141],"variables":[142],"likely":[145],"cause":[147],"bugs.":[149],"UBITect":[150,184],"also":[151],"does":[152],"not":[153],"require":[154],"effort":[156],"for":[157],"annotations":[158],"hence,":[160],"be":[163],"directly":[164],"applied":[165],"without":[169],"any":[170],"source":[171],"code":[172],"or":[173],"intermediate":[174],"representation":[175],"(IR)":[176],"change.":[177],"On":[178],"version":[182],"4.14,":[183],"reported":[185],"190":[186],"among":[188],"78":[190],"were":[192,201],"deemed":[193],"by":[194,203],"us":[195],"true":[197],"positives":[198],"52":[200],"confirmed":[202],"maintainers.":[205]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}