Static Analysis for Stack Usage

Only available on StudyMode
  • Topic: Analysis of algorithms, Computational complexity theory, Best, worst and average case
  • Pages : 17 (3030 words )
  • Download(s) : 18
  • Published : April 15, 2013
Open Document
Text Preview
08-02-10

Static Analysis Considerations for Stack Usage

Static Analysis Considerations for Stack Usage
ESC-423
Gerald T. Rigdon
Fellow, Software Engineering
Boston Scientific, Inc.
gerald.rigdon@bsci.com

Hiten Doshi
Fellow, Software Engineering
Boston Scientific, Inc.
hiten.doshi@bsci.com

Xin Zheng
Software Engineer
Boston Scientific, Inc.
xin.zheng@bsci.com

In [3], David N. Kleidermacher, chief technology officer at Green Hills Software, discussed future directions for static analysis. He identified that using static analyzers for detecting stack overflow conditions is a prime example of how having these capabilities in tools could be beneficial, especially in safety critical applications. One particular tool that offers a solution is StackX from Express Logic, Inc. On their website [4], they state the following:

“StackX™ is a unique, patent pending, development tool that helps developers avoid stack overflow problems that traditionally have plagued embedded systems. StackX performs a comprehensive analysis of a complete application at the executable code level, computing the worst-case stack usage the application can experience. Express Logic is the only RTOS company that can identify how large a stack customers need for each application thread and automatically alerts them if they fail to allocate sufficient memory!”

The website [4] goes on to discuss how the decision to allocate memory for stack use has typically been a trial and error process and then quotes Jack Ganssle [2], who has been a long time contributor to Embedded Systems Magazine, as saying: “With experience, one learns the standard, scientific way to compute the proper size for a stack: Pick a size at random and hope.”

Although it is not the goal of this paper to discuss the various COTS (Commercial Off The Shelf) solutions for detecting stack overflow, we did take the liberty of inquiring about StackX for use with our firmware, but the tool did not support our build environment.

In the absence of COTS tools for detecting stack overflow, the embedded community has embraced effective alternative methods. Let us now explore one such method and then consider a customized approach.

Using Common and Customized Solutions
In [1], we discussed a project, namely CSAP (Custom Static Analysis Project), between Boston Scientific, Inc. and Grammatech, Inc. The driving objective of that project was to 1

08-02-10

Static Analysis Considerations for Stack Usage

customize CodeSonar, Grammatech’s flagship static analysis tool, to meet a very specific set of requirements based on our domain. The primary reason we undertook this customization effort was to tackle the analysis of shared data (AKA race conditions) in our firmware. However, as described in [1], there were other project deliverables, including a CFUA (Call Frame Usage Analysis), in particular, as a customized solution to detecting stack overflow. Since [1] only referenced CFUA at a very high level, we will take the opportunity to elaborate on that particular analysis for the purpose of this paper. Before we get into the details of CFUA, it is worth exploring a common method used in many embedded environments. This method uses a watermark approach to determine stack usage during dynamic testing. To illustrate, we present an arbitrarily chosen stack size of 100 bytes, as shown in Figure 1. For the sake of simplicity, assume all stack memory is initialized to zero (although developers may prefer a specific pattern for initialization). This effectively establishes a known initialization state, which allows one to run dynamic test scenarios likely to execute almost all branches of execution in order to determine stack usage.

This approach allows one to generate a profile of stack usage since the stack memory can be inspected after testing to determine the high watermark. In the example in Figure 1, the highest watermark indicates a usage of 80 bytes, or 80% of the allocated...
tracking img