research-article

Free access

A few billion lines of code later: using static analysis to find bugs in the real world

Authors:

Dawson EnglerAuthors Info & Claims

Communications of the ACM, Volume 53, Issue 2

Pages 66 - 75

https://doi.org/10.1145/1646353.1646374

Published: 01 February 2010 Publication History

All formats PDF

Abstract

How Coverity built a bug-finding tool, and a business, around the unlimited supply of bugs in software systems.

References

[1]

Ball, T. and Rajamani, S.K. Automatically validating temporal safety properties of interfaces. In Proceedings of the Eighth international SPIN Workshop on Model Checking of Software (Toronto, Ontario, Canada). M. Dwyer, Ed. Springer-Verlag, New York, 2001, 103--122.

Digital Library

Google Scholar

[2]

Bush, W., Pincus, J., and Sielaff, D. A static analyzer for finding dynamic programming errors. Software: Practice and Experience 30, 7 (June 2000), 775--802.

Digital Library

Google Scholar

[3]

Coverity static analysis; http://www.coverity.com

Google Scholar

[4]

Das, M., Lerner, S., and Seigle, M. ESP: Path-sensitive program verification in polynomial time. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (Berlin, Germany, June 17--19). ACM Press, New York, 2002, 57--68.

Digital Library

Google Scholar

[5]

Edison Design Group. EDG C compiler front-end; http://www.edg.com

Google Scholar

[6]

Engler, D., Chelf, B., Chou, A., and Hallem, S. Checking system rules using system-specific, programmer-written compiler extensions. In Proceedings of the Fourth Conference on Operating System Design & Implementation (San Diego, Oct. 22--25). USENIX Association, Berkeley, CA, 2000, 1--1.

Digital Library

Google Scholar

[7]

Flanagan, C., Leino, K.M., Lillibridge, M., Nelson, G., Saxe, J.B., and Stata, R. Extended static checking for Java. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany, June 17--19). ACM Press, New York, 2002, 234--245.

Digital Library

Google Scholar

[8]

Foster, J.S., Terauchi, T., and Aiken, A. Flow-sensitive type qualifiers. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (Berlin, Germany, June 17--19). ACM Press, New York, 2002, 1--12.

Digital Library

Google Scholar

[9]

Hallem, S., Chelf, B., Xie, Y., and Engler, D. A system and language for building system-specific, static analyses. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany, June 17--19). ACM Press, New York, 2002, 69--82.

Digital Library

Google Scholar

[10]

Hastings, R. and Joyce, B. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter 1992 USENIX Conference (Berkeley, CA, Jan. 20--24). USENIX Association, Berkeley, CA, 1992, 125--138.

Google Scholar

[11]

Xie, Y. and Aiken, A. Context- and path-sensitive memory leak detection. In Proceedings of the 10th European Software Engineering Conference Held Jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering (Lisbon, Portugal, Sept. 5--9). ACM Press, New York, 2005, 115--125.

Digital Library

Google Scholar

Cited By

View all

Conrado GKjelstrøm Avan de Pol JPavlogiannis A(2025)Program Analysis via Multiple Context Free Language ReachabilityProceedings of the ACM on Programming Languages10.1145/37048549:POPL(509-538)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704854
Pei KLi WJin QLiu SGeng SCavallaro LYang JJana SSalakhutdinov RKolter ZHeller KWeller AOliver NScarlett JBerkenkamp F(2024)Exploiting code symmetries for learning program semanticsProceedings of the 41st International Conference on Machine Learning10.5555/3692070.3693695(40092-40113)Online publication date: 21-Jul-2024
https://dl.acm.org/doi/10.5555/3692070.3693695
Gerogiannis VTzimos DKakarontzas GTsoni EIatrellis OSon LKanavos A(2024)An Approach Based on Intuitionistic Fuzzy Sets for Considering Stakeholders’ Satisfaction, Dissatisfaction, and Hesitation in Software Features PrioritizationMathematics10.3390/math1205068012:5(680)Online publication date: 26-Feb-2024
https://doi.org/10.3390/math12050680
Show More Cited By

Index Terms

A few billion lines of code later: using static analysis to find bugs in the real world

Recommendations

Flow-sensitive pointer analysis for millions of lines of code
CGO '11: Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimization

Many program analyses benefit, both in precision and performance, from precise pointer analysis. An important dimension of pointer analysis precision is flow-sensitivity, which has been shown to be useful for applications such as program verification ...
Bug localization via searching crowd-contributed code
Internetware '14: Proceedings of the 6th Asia-Pacific Symposium on Internetware

Bug localization, i.e., locating bugs in code snippets, is a frequent task in software development. Although static bug-finding tools are available to reduce manual effort in bug localization, these tools typically detect bugs with known project-...
Understanding code snippets in code reviews: a preliminary study of the OpenStack community
ICPC '22: Proceedings of the 30th IEEE/ACM International Conference on Program Comprehension

Code review is a mature practice for software quality assurance in software development with which reviewers check the code that has been committed by developers, and verify the quality of code. During the code review discussions, reviewers and ...

Comments

Information & Contributors

Information

Published In

Communications of the ACM Volume 53, Issue 2

February 2010

147 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/1646353

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 February 2010

Published in CACM Volume 53, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Popular
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

584
Total Citations
View Citations
302,790
Total Downloads

Downloads (Last 12 months)3,845
Downloads (Last 6 weeks)479

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Conrado GKjelstrøm Avan de Pol JPavlogiannis A(2025)Program Analysis via Multiple Context Free Language ReachabilityProceedings of the ACM on Programming Languages10.1145/37048549:POPL(509-538)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704854
Pei KLi WJin QLiu SGeng SCavallaro LYang JJana SSalakhutdinov RKolter ZHeller KWeller AOliver NScarlett JBerkenkamp F(2024)Exploiting code symmetries for learning program semanticsProceedings of the 41st International Conference on Machine Learning10.5555/3692070.3693695(40092-40113)Online publication date: 21-Jul-2024
https://dl.acm.org/doi/10.5555/3692070.3693695
Gerogiannis VTzimos DKakarontzas GTsoni EIatrellis OSon LKanavos A(2024)An Approach Based on Intuitionistic Fuzzy Sets for Considering Stakeholders’ Satisfaction, Dissatisfaction, and Hesitation in Software Features PrioritizationMathematics10.3390/math1205068012:5(680)Online publication date: 26-Feb-2024
https://doi.org/10.3390/math12050680
Umann KHorváth GPorkoláb Z(2024)Uncovering Hidden Dependencies: Constructing Intelligible Path Witnesses using Dataflow AnalysesActa Cybernetica10.14232/actacyb.29980526:3(713-747)Online publication date: 4-Mar-2024
https://doi.org/10.14232/actacyb.299805
Linger RPleszkoch MMcGaughey JMchugh JGhardallou WMili A(2024)“Function Extraction: A New Paradigm for Producing Secure Code“Proceedings of the New Security Paradigms Workshop10.1145/3703465.3703473(96-105)Online publication date: 16-Sep-2024
https://dl.acm.org/doi/10.1145/3703465.3703473
Silva TCorreia PSousa LBispo JCarvalho T(2024)Towards a Rust-Like Borrow Checker for CACM Transactions on Embedded Computing Systems10.1145/3702229Online publication date: 29-Oct-2024
https://dl.acm.org/doi/10.1145/3702229
Oliveria de Souza LSantana de Almeida ESilveira Neto PBarr EPetke J(2024)Software Product Line Engineering via Software TransplantationACM Transactions on Software Engineering and Methodology10.1145/369598734:2(1-27)Online publication date: 20-Sep-2024
https://dl.acm.org/doi/10.1145/3695987
Schaef MCirisci BLuo LMansur MTripp OSanchez DZhou QZafar MFilkov VRay BZhou M(2024)Understanding Developer-Analyzer Interactions in Code ReviewsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695257(1945-1955)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695257
Dietrich JRasheed SJordan AWhite TTorres-Arias SDe Carli LZhang Y(2024)On the Security Blind Spots of Software Composition AnalysisProceedings of the 2024 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses10.1145/3689944.3696165(77-87)Online publication date: 19-Nov-2024
https://dl.acm.org/doi/10.1145/3689944.3696165
Paltenghi MPradel M(2024)Analyzing Quantum Programs with LintQ: A Static Analysis Framework for QiskitProceedings of the ACM on Software Engineering10.1145/36608021:FSE(2144-2166)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660802
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Flow-sensitive pointer analysis for millions of lines of code

Bug localization via searching crowd-contributed code

Understanding code snippets in code reviews: a preliminary study of the OpenStack community

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Digital Edition

Magazine Site

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations