Saturn: A scalable framework for error detection using Boolean satisfiability
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special issue on POPL 2005
Generating precise and concise procedure summaries
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A few billion lines of code later: using static analysis to find bugs in the real world
Communications of the ACM
Precise range analysis on large industry code
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Hi-index | 0.00 |
Static program analysis is widely used in property checking of software systems, especially safety and mission critical embedded systems. Most of these efforts check for violation of only standard properties such as array index out of bound, overflow/underflow and so on. However, our studies have shown that checking for these standard properties only captures less than 10% of all the defects detectable through static analysis. The remaining defects can be detected by checking for domain specific (custom) properties. We have applied two static analysis tools (TCS Embedded Code Analyzer and Saturn), varying in their analysis techniques, over a large embedded code base to check for a particular custom property. The code base consisted of 10 million lines of code (LOC) and belonged to the automotive domain. The custom property (semaphore consistency) to be verified was chosen after a detailed causal analysis of the history of various defects encountered in the code base. Here, we present our experience with this effort -- key problems encountered, solutions provided and results obtained. Our experience shows that static analysis of very large code bases is practically feasible and is a value-add in software quality assurance.