Presentation is loading. Please wait.

Presentation is loading. Please wait.

BY Al Bessey, Ken Block, Ben Chelf, Andy Chou,

Published byPaula Horton Modified over 6 years ago

Similar presentations

Presentation on theme: "BY Al Bessey, Ken Block, Ben Chelf, Andy Chou,"— Presentation transcript:

1 A few Billion Lines of code Later using Static Analysis to find Bugs in the Real World
BY Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-gros, Asya Kamsky, Scott McPeak and Dawson Engle

2 Introduction Coverity is a brand of software development products, consisting primarily of static code analysis and dynamic code analysis tools. How static code analysis was commercialized ? What had to be changed for real world use ? How to adapt to the constant change in requirements ? What was the lesson learnt ?

3 Lab vs Industry The software was able to find bugs in a large code base easily with few simple analyses and tricks in a lab environment. In the real world, hundreds of programmers use the tool to check hundreds of different code bases. The types of errors, number of false positives, type of build are all different from what is predicted by lab results. The programmers do not know how the tool works, unlike testers in the lab who have a knowledge of the tools’ internal process.

4 Customer Interaction Two scenarios of customer interaction
Initial trial Long term use The trial is a pre-sale demonstration that attempts to show that the tool works well on a potential customer’s code. Sales Engineers educate the customers about the tool. Usually happens over a period of 1 day or 2-3 days if code base is very large

5 Laws of Bug Finding You can’t check code you don’t see
Ability to extract code from build No access to modify build Test Machine You can’t check code you can’t parse No standard compilers

6 BUGS Myth: More analysis is always good Do bugs matter?
No, your tool is broken, that is not a bug Misunderstood errors/bugs are considered as false positives How to handle cluelessness ? Do not change the results after an upgrade Myth: More analysis is always good

7 QUESTIONS What are the lessons learnt ?
How would you commercialize a bug finding tool ? Any experience using a bug finding tool ?

8 Thank You

Download ppt "BY Al Bessey, Ken Block, Ben Chelf, Andy Chou,"

Similar presentations

Testing and Quality Assurance

Testing and Quality Assurance
ENGLISH A1. DEAR STUDENTS, TO UNIT 2 DURING UNIT 2 YOU WILL STUDY THE FOLLOWING TOPICS: TELLING THE TIME CAN (FOR ABILITIES) SIMPLE PRESENT PRESENT PROGRESSIVE.

ENGLISH A1. DEAR STUDENTS, TO UNIT 2 DURING UNIT 2 YOU WILL STUDY THE FOLLOWING TOPICS: TELLING THE TIME CAN (FOR ABILITIES) SIMPLE PRESENT PRESENT PROGRESSIVE.
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
Predictor of Customer Perceived Software Quality By Haroon Malik.

Predictor of Customer Perceived Software Quality By Haroon Malik.
CS 501: Software Engineering Fall 2000 Lecture 27 Software Engineering as Engineering.

CS 501: Software Engineering Fall 2000 Lecture 27 Software Engineering as Engineering.
Software Engineering COMP 201

Software Engineering COMP 201
CS351 © 2003 Ray S. Babcock Software Testing What is it?

CS351 © 2003 Ray S. Babcock Software Testing What is it?
Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions Dawson Engler, Benjamin Chelf, Andy Chow, Seth Hallem Computer Systems.

Checking System Rules Using System-Specific, Programmer- Written Compiler Extensions Dawson Engler, Benjamin Chelf, Andy Chow, Seth Hallem Computer Systems.
1 Chapter 1 Software and Software Engineering Software Engineering: A Practitioner’s Approach, 6th edition by Roger S. Pressman.

1 Chapter 1 Software and Software Engineering Software Engineering: A Practitioner’s Approach, 6th edition by Roger S. Pressman.
Project Life Cycle Jon Ivins DMU. Introduction n Projects consist of many separate components n Constraints include: time, costs, staff, equipment n Assets.

Project Life Cycle Jon Ivins DMU. Introduction n Projects consist of many separate components n Constraints include: time, costs, staff, equipment n Assets.
MULTIVIE W Checking System Rules Using System-Specific, Program-Written Compiler Extensions Paper: Dawson Engler, Benjamin Chelf, Andy Chou, and Seth Hallem.

MULTIVIE W Checking System Rules Using System-Specific, Program-Written Compiler Extensions Paper: Dawson Engler, Benjamin Chelf, Andy Chou, and Seth Hallem.
Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.

Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.
Introduction to Software Engineering CS-300 Fall 2005 Supreeth Venkataraman.

Introduction to Software Engineering CS-300 Fall 2005 Supreeth Venkataraman.
Static/Dynamic Analysis Tools Alex Aiken David Evans Dawson Engler Henny Sipma Scott McPeak Klaus Havelund Yuan Yu.

Static/Dynamic Analysis Tools Alex Aiken David Evans Dawson Engler Henny Sipma Scott McPeak Klaus Havelund Yuan Yu.
Introduction to Agile Methodologies and Concepts Roy Osherove Principal, Team Agile www.TeamAgile.com Blog : ISerializable.com.

Introduction to Agile Methodologies and Concepts Roy Osherove Principal, Team Agile Blog : ISerializable.com.
Profile and a quick introduction Software Engineering: ) هندسة البرمجيات (in Arabic: is the branch of computer science Designed to develop a set rules.

Profile and a quick introduction Software Engineering: ) هندسة البرمجيات (in Arabic: is the branch of computer science Designed to develop a set rules.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved. 0-13-222158-6 1 Chapter 12 Object-Oriented.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved Chapter 12 Object-Oriented.
CO1301: Games Concepts Dr Nick Mitchell (Room CM 226) Material originally prepared by Laurent Noel.

CO1301: Games Concepts Dr Nick Mitchell (Room CM 226) Material originally prepared by Laurent Noel.
M.Ellis 17th August 20041 MICE Software School Aims Course content –Management –Specifications –Design –Production –Testing –Use Information –Operation.

M.Ellis 17th August MICE Software School Aims Course content –Management –Specifications –Design –Production –Testing –Use Information –Operation.
Parser-Driven Games Tool programming © Allan C. Milne Abertay University v12.7.11.

Parser-Driven Games Tool programming © Allan C. Milne Abertay University v

Similar presentations

Ads by Google