Type-based race detection for Java
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ESP: path-sensitive program verification in polynomial time
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Houdini, an Annotation Assistant for ESC/Java
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
RacerX: effective, static detection of race conditions and deadlocks
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
LOCKSMITH: context-sensitive correlation analysis for race detection
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Modular checking for buffer overflows in the large
Proceedings of the 28th international conference on Software engineering
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
An overview of the saturn project
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
RELAY: static race detection on millions of lines of code
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Back to the future: revisiting precise program verification using SMT solvers
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient E-Matching for SMT Solvers
CADE-21 Proceedings of the 21st international conference on Automated Deduction: Automated Deduction
Unifying type checking and property checking for low-level code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
A reachability predicate for analyzing low-level software
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Structural abstraction of software verification conditions
CAV'07 Proceedings of the 19th international conference on Computer aided verification
The spec# programming system: an overview
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
ExplainHoudini: making Houdini inference transparent
VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
Beyond first-order satisfaction: fixed points, interpolants, automata and polynomials
SPIN'12 Proceedings of the 19th international conference on Model Checking Software
SMT solvers for software security
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Predicate analysis with block-abstraction memoization
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
| Hi-index | 0.00 |
Theorem-prover based modular checkers have the potential to perform scalable and precise checking of user-defined properties by combining path-sensitive intraprocedural reasoning with user-defined procedure abstractions. However, such tools have seldom been deployed on large software applications of industrial relevance due to the annotation burden required to provide the procedure abstractions. In this work, we present two case studies of applying a modular checker HAVOC to check properties on large modules in the Microsoft Windows operating system. The first detailed case study describes checking the synchronization protocol of a core Microsoft Windows component with more than 300 thousand lines of code and 1500 procedures. The effort found 45 serious bugs in the component with modest annotation effort and low false alarms; most of these bugs have since been fixed by the developers of the module. The second case study reports preliminary user experience in using the tool for checking security related properties in several Windows components. We describe our experience in using a modular checker to create various property checkers for finding errors in a well-tested applications of this scale, and our design decisions to find them with low false alarms, modest annotation burden and high coverage.