Program matching and transformation at a massive scale: Coccinelle meets Software Heritage
Contract type : Fixed-term contract
Level of qualifications required : Graduate degree or equivalent
Fonction : Temporary scientific engineer
Corps d'accueil : Ingénieur d'Etudes (IE)
Context
Coccinelle (https://coccinelle.gitlabpages.inria.fr/website/) is a tool for program matching and transformation that has been developed in the Whisper team. Coccinelle has been extensively used for making repetitive transformations in the Linux kernel. Today, in the context of the project SWHSec, we would like to consider how Coccinelle can be used effectively to improve quality of software more generally, by targeting the sorce code collected in Software Heritage (https://www.softwareheritage.org/).
Assignment
Expected tasks include:
- Developing infrastructure to allow Coccinelle to interact with Software Heritage
- Identifying and resolving weaknesses in Coccinelle (typically in the parser) with respect to the software projects found in Software Heritage
- Identifying transformation and bug finding rules that can be applicable to a wide range of software projects found in Software Heritage
- Contributing to the design and evaluation of an approach to inferring transformation rules from examples, targeting the range of software projects found in Software Heritage
Note that Coccinelle is implemented in OCaml, and thus improvements to Coccinelle will involve OCaml programming. There is also the possibility to work with Coccinelle for Rust, which is written in Rust. Infrastructure for evaluating Coccinelle on the software projects found in Software Heritage can be developed using other programming languages, subject to the constraints of the task at hand and the interfaces provided by Software Heritage.
Main activities
The principal activities are described in the previous section.
Skills
Strong software development skills. Experience in designing and developing software that is robust and can be used and maintained by others.
Experience in programming with OCaml or another functional language.
Familiarity with common code patterns that indicate insecure or poor quality software.
Familiarity with build tools and git.
The ability to work independently.
Benefits package
- Restauration subventionnée
- Transports publics remboursés partiellement
- Congés: 7 semaines de congés annuels + 10 jours de RTT (base temps plein) + possibilité d'autorisations d'absence exceptionnelle (ex : enfants malades, déménagement)
- Possibilité de télétravail et aménagement du temps de travail (après 12 mois d'ancienneté)
- Équipements professionnels à disposition (visioconférence, prêts de matériels informatiques, etc.)
- Prestations sociales, culturelles et sportives (Association de gestion des œuvres sociales d'Inria)
- Accès à la formation professionnelle
- Sécurité sociale
General Information
- Theme/Domain :
Distributed Systems and middleware
Software engineering (BAP E) - Town/city : Paris
- Inria Center : Centre Inria de Paris
- Starting date : 2024-10-01
- Duration of contract : 2 years
- Deadline to apply : 2024-06-18
Warning : you must enter your e-mail address in order to save your application to Inria. Applications must be submitted online on the Inria website. Processing of applications sent from other channels is not guaranteed.
Instruction to apply
Defence Security :
This position is likely to be situated in a restricted area (ZRR), as defined in Decree No. 2011-1425 relating to the protection of national scientific and technical potential (PPST).Authorisation to enter an area is granted by the director of the unit, following a favourable Ministerial decision, as defined in the decree of 3 July 2012 relating to the PPST. An unfavourable Ministerial decision in respect of a position situated in a ZRR would result in the cancellation of the appointment.
Recruitment Policy :
As part of its diversity policy, all Inria positions are accessible to people with disabilities.
Contacts
- Inria Team : WHISPER
-
Recruiter :
Lawall Julia / Julia.Lawall@inria.fr
About Inria
Inria is the French national research institute dedicated to digital science and technology. It employs 2,600 people. Its 200 agile project teams, generally run jointly with academic partners, include more than 3,500 scientists and engineers working to meet the challenges of digital technology, often at the interface with other disciplines. The Institute also employs numerous talents in over forty different professions. 900 research support staff contribute to the preparation and development of scientific and entrepreneurial projects that have a worldwide impact.