More Web Proxy on the site http://driver.im/

Article

Combining static and dynamic reasoning for bug detection

Authors:

Yannis Smaragdakis,

Christoph CsallnerAuthors Info & Claims

TAP'07: Proceedings of the 1st international conference on Tests and proofs

Pages 1 - 16

Published: 12 February 2007 Publication History

Abstract

Many static and dynamic analyses have been developed to improve program quality. Several of them are well known and widely used in practice. It is not entirely clear, however, how to put these analyses together to achieve their combined benefits. This paper reports on our experiences with building a sequence of increasingly more powerful combinations of static and dynamic analyses for bug finding in the tools JCrasher, Check 'n' Crash, and DSD-Crasher. We contrast the power and accuracy of the tools using the same example program as input to all three.

At the same time, the paper discusses the philosophy behind all three tools. Specifically, we argue that trying to detect program errors (rather than to certify programs for correctness) is well integrated in the development process and a promising approach for both static and dynamic analyses. The emphasis on finding program errors influences many aspects of analysis tools, including the criteria used to evaluate them and the vocabulary of discourse.

References

[1]

Beck, K., Gamma, E.: Test infected: Programmers love writing tests. Java Report 3(7), 37-50 (1998).

[2]

Cok, D.R., Kiniry, J.R.: ESC/Java2: Uniting ESC/Java and JML: Progress and issues in building and using ESC/Java2. Technical Report NIII-R0413, Nijmegen Institute for Computing and Information Science (May 2004).

[3]

Csallner, C., Smaragdakis, Y.: JCrasher: An automatic robustness tester for Java. Software--Practice & Experience 34(11), 1025-1050 (2004).

Digital Library

[4]

Csallner, C., Smaragdakis, Y.: Check 'n' Crash: Combining static checking and testing. In: ICSE 2005, pp. 422-431. ACM, New York (2005).

Digital Library

[5]

Csallner, C., Smaragdakis, Y.: DSD-Crasher: A hybrid analysis tool for bug finding. In: Proc. ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), pp. 245-254. ACM Press, New York (2006).

Digital Library

[6]

Csallner, C., Smaragdakis, Y.: Dynamically discovering likely interface invariants. In: ICSE. Proc. 28th International Conference on Software Engineering, Emerging Results Track, pp. 861-864. ACM Press, New York (2006).

Digital Library

[7]

Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: A theorem prover for program checking. Technical Report HPL-2003-148, Hewlett-Packard Systems Research Center (July 2003).

[8]

Engler, D., Musuvathi, M.: Static analysis versus software model checking for bug finding. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 191-210. Springer, Heidelberg (2004).

[9]

Ernst, M.D., Cockrell, J., Griswold, W.G., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering 27(2), 99-123 (2001).

Digital Library

[10]

Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proc. ACMSIGPLAN Conference on Programming Language Design and Implementation (PLDI), pp. 234-245. ACM Press, New York (2002).

Digital Library

[11]

Hovemeyer, D., Pugh, W.: Finding bugs is easy. In: Companion to the 19th ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 132-136. ACM Press, New York (2004).

Digital Library

[12]

Jackson, D., Rinard, M.: Software analysis: A roadmap. In: Proc. Conference on The Future of Software Engineering, pp. 133-145. ACM Press, New York (2000).

Digital Library

[13]

Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: A behavioral interface specification language for Java. Technical Report TR98-06y, Department of Computer Science, Iowa State University (June 1998).

[14]

Lindahl, T., Sagonas, K.: Practical type inference based on success typings. In: PPDP. Proc. 8th ACM SIGPLAN Symposium on Principles and Practice of Declarative Programming, pp. 167-178. ACM Press, New York (2006).

Digital Library

[15]

Meyer, B.: Object-Oriented Software Construction, 2nd edn. Prentice Hall PTR, Englewood Cliffs (1997).

Digital Library

[16]

Meyer, B., Ciupa, I., Leitner, A., Liu, L.: Automatic testing of object-oriented software. In: van Leeuwen, J., Italiano, G.F., van der Hoek, W., Meinel, C., Sack, H., Plášil, F. (eds.) SOFSEM 2007. LNCS, vol. 4362, Springer, Heidelberg, 2007 (to appear).

Digital Library

[17]

Nimmer, J.W., Ernst, M.D.: Invariant inference for static checking: An empirical evaluation. In: Proc. 10th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), pp. 11-20. ACM Press, New York (2002).

Digital Library

[18]

Parasoft Inc.: Jtest. October 2002 (accessed March 2007), http://www.parasoft.com/

[19]

Rutar, N., Almazan, C.B., Foster, J.S.: A comparison of bug finding tools for Java. In: ISSRE. Proc. 15th International Symposium on Software Reliability Engineering, pp. 245-256. IEEE Computer Society Press, Los Alamitos (2004).

Digital Library

[20]

Xie, T., Notkin, D.: Tool-assisted unit test selection based on operational violations. In: ASE. Proc. 18th IEEE International Conference on Automated Software Engineering, pp. 40-48. IEEE Computer Society Press, Los Alamitos (2003).

Digital Library

Cited By

Gong LPradel MSridharan MSen KYoung MXie T(2015)DLint: dynamically checking bad coding practices in JavaScriptProceedings of the 2015 International Symposium on Software Testing and Analysis10.1145/2771783.2771809(94-105)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1145/2771783.2771809
Chaudhary SFischmeister STan L(2014)em-SPADEACM SIGPLAN Notices10.1145/2666357.259782349:5(105-114)Online publication date: 12-Jun-2014
https://dl.acm.org/doi/10.1145/2666357.2597823
Li KReichenbach CCsallner CSmaragdakis Y(2014)Residual InvestigationACM Transactions on Software Engineering and Methodology10.1145/265620124:2(1-32)Online publication date: 23-Dec-2014
https://dl.acm.org/doi/10.1145/2656201
Show More Cited By

Combining static and dynamic reasoning for bug detection
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis

Recommendations

Combined Static and Dynamic Analysis

Static analysis is usually faster than dynamic analysis but less precise. Therefore it is often desirable to retain information from static analysis for run-time verification, or to compare the results of both techniques. However, this requires writing ...
Enhancing Compositional Static Analysis with Dynamic Analysis
ASE '24: Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering

In this paper we introduce a novel method for improving static analysis of real code by using dynamic analysis. We have implemented our technique to enhance the Infer static analyzer [6] for Erlang by supplementing its analysis with data obtained by ...
Static and Dynamic Weaving in System Software with AspectC++
HICSS '06: Proceedings of the 39th Annual Hawaii International Conference on System Sciences - Volume 09

System software strongly relies on the availability of static as well as dynamic adaptation techniques. With Aspect-OrientedProgramming (AOP) it is now possible to adapt even policy-like crosscutting concerns in the implementation of system software. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

TAP'07: Proceedings of the 1st international conference on Tests and proofs

February 2007

217 pages

ISBN:3540737693

Editors:
Yuri Gurevich
Microsoft Research, Redmond, WA
,
Bertrand Meyer
ETH Zurich, Zurich, Switzerland

Sponsors

ETH Zurich
Microsoft Research: Microsoft Research
IFIP

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 12 February 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
3
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gong LPradel MSridharan MSen KYoung MXie T(2015)DLint: dynamically checking bad coding practices in JavaScriptProceedings of the 2015 International Symposium on Software Testing and Analysis10.1145/2771783.2771809(94-105)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1145/2771783.2771809
Chaudhary SFischmeister STan L(2014)em-SPADEACM SIGPLAN Notices10.1145/2666357.259782349:5(105-114)Online publication date: 12-Jun-2014
https://dl.acm.org/doi/10.1145/2666357.2597823
Li KReichenbach CCsallner CSmaragdakis Y(2014)Residual InvestigationACM Transactions on Software Engineering and Methodology10.1145/265620124:2(1-32)Online publication date: 23-Dec-2014
https://dl.acm.org/doi/10.1145/2656201
Chaudhary SFischmeister STan LZhang YKulkarni P(2014)em-SPADEProceedings of the 2014 SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systems10.1145/2597809.2597823(105-114)Online publication date: 12-Jun-2014
https://dl.acm.org/doi/10.1145/2597809.2597823
Chebaro OCuoq PKosmatov NMarre BPacalet AWilliams NYakobowski B(2014)Behind the scenes in SANTEAutomated Software Engineering10.1007/s10515-013-0127-x21:1(107-143)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1007/s10515-013-0127-x
Delahaye MKosmatov NSignoles JShin SMaldonado J(2013)Common specification language for static and dynamic analysis of C programsProceedings of the 28th Annual ACM Symposium on Applied Computing10.1145/2480362.2480593(1230-1235)Online publication date: 18-Mar-2013
https://dl.acm.org/doi/10.1145/2480362.2480593
Li KReichenbach CSmaragdakis YDiao YCsallner CDenney EBultan TZeller A(2013)SEDGEProceedings of the 28th IEEE/ACM International Conference on Automated Software Engineering10.1109/ASE.2013.6693083(235-245)Online publication date: 11-Nov-2013
https://dl.acm.org/doi/10.1109/ASE.2013.6693083
Pradel MGross T(2012)Fully automatic and precise detection of thread safety violationsACM SIGPLAN Notices10.1145/2345156.225412647:6(521-530)Online publication date: 11-Jun-2012
https://dl.acm.org/doi/10.1145/2345156.2254126
Li KReichenbach CCsallner CSmaragdakis YHeimdahl MSu Z(2012)Residual investigation: predictive and precise bug detectionProceedings of the 2012 International Symposium on Software Testing and Analysis10.1145/2338965.2336789(298-308)Online publication date: 15-Jul-2012
https://dl.acm.org/doi/10.1145/2338965.2336789
Pradel MGross TVitek JLin HTip F(2012)Fully automatic and precise detection of thread safety violationsProceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/2254064.2254126(521-530)Online publication date: 11-Jun-2012
https://dl.acm.org/doi/10.1145/2254064.2254126
Show More Cited By

View Options

View options

Figures

Tables

Media

View Table of Conten