Specification Based Bug Detection for Embedded Software
Chaudhary, Sandeep Kumar
MetadataShow full item record
Traditional compilers do not automatically analyze processor specifications, thousands of pages of which are available for modern processors. The specifications describe constraints and requirements for processors, and therefore, are useful for software development for these processors. To bridge this gap, our tool em-SPADE analyzes processor specifications and creates processor-specific rules to detect low-level programming errors. This work shows the potential of automatically analyzing processor specifications to detect low-level programming errors at compile time. em-SPADE is a compiler extension to automatically detect software bugs in low-level programs. From processor specifications, em-SPADE preprocessor extracts target-specific rules such as register use and read-only or reserved registers. A special LLVM pass in em-SPADE then uses these rules to detect incorrect register assignments. Our experiments with em-SPADE have correctly extracted 652 rules from 15 specifications and consequently found 20 bugs in ten software projects. In addition, we explore the use of data mining techniques to learn more about the nature and type of complex checkable rules other than access and reserved bit rules. After applying the frequent itemset mining technique on three specifications, we found that the mining can report complex checkable rules from the specifications with a precision of 53.53% to 82.22% and recall of 36.88% to 75.18%. Thus, the data mining approach is useful for learning complex type of rules in large specifications. These techniques help us identify complex rules. In addition, insights gained from the mining results can be used to improve and standardize specifications. The work is generalizable to other types of specifications and shows the clear prospects of using processor specifications to enhance compilers.