Combining Static and Dynamic Analyses for Automated Bug-finding

Speaker:	Christoph Csallner
		Georgia Tech

Title:		"Combining Static and Dynamic Analyses for
		 Automated Bug-finding"

Date:		Monday, 31 March 2008

Time:		4:00pm - 5:00pm

Venue:		Lecture Theater F
		(Leung Yat Sing Lecture Theater, lifts 25/26)
		HKUST

Abstract:

Finding bugs is like finding a few needles in an infinitely large haystack
of program execution paths. False bug warnings are one of the biggest
problems, both for automated correctness provers (such as type systems and
model-checkers) and for automated bug-finders (such as static bug-pattern
matchers). To address this problem, I will present three techniques for
turning an existing, powerful, but false-positive-ridden, static analysis
into a precise tool for automatic bug-finding.

First, we will automatically convert the output of a static analysis to
concrete JUnit test cases, using constraint solving techniques. We thereby
eliminate language-level false bug warnings and make the results easier to
understand for human consumers. We will then add a dynamic invariant
inference step to also address the harder problem of bug warnings that are
technically correct but still irrelevant to the user (these bugs could
occur, but only under obscure conditions). Finally, we will adapt dynamic
invariant inference to work correctly with subtyping. Previous approaches
do not take behavioral subtyping into account and therefore produce
imprecise or inconsistent results, which can throw off automated analyses
such as the ones we are performing for bug-finding.

I have implemented these techniques in the JCrasher, Check 'n' Crash, and
DSD-Crasher automatic testing tools, which have been used by multiple
research groups.


***********************
Biography:

Christoph Csallner is currently a Ph.D. candidate at Georgia Tech, advised
by Professor Yannis Smaragdakis. He worked on automated bug-finding for
Google and Microsoft Research. He has received two Distinguished Paper
Awards-the first one at ISSTA 2006 (the ACM SIGSOFT International
Symposium on Software Testing and Analysis) and the second one at ASE 2007
(the IEEE/ACM International Conference on Automated Software Engineering).
For more information, please visit his web site at
http://www.cc.gatech.edu/~csallnch/
Privacy Sitemap
Combining Static and Dynamic Analyses for Automated Bug-finding

About

People

Research

Academics

Admissions
