Static Analysis Versus Model Checking for Bug Finding

  • Dawson Engler
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3653)


This talk tries to distill several years of experience using both model checking and static analysis to find errors in large software systems. We initially thought that the tradeoffs between the two was clear: static analysis was easy but would mainly find shallow bugs, while model checking would require more work but would be strictly better — it would find more errors, the errors would be deeper and the approach would be more powerful. These expectations were often wrong. This talk will describe some of the sharper tradeoffs between the two, as well as a detailed discussion of one domain — finding errors in file systems code — where model checking seems to work very well.

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Dawson Engler
    • 1
  1. 1.Computer Systems LaboratoryStanford UniversityStanfordU.S.A

Personalised recommendations