Combined Static and Dynamic Analysis

Static analysis is usually faster than dynamic analysis but less precise. Therefore it is often desirable to retain information from static analysis for run-time verification, or to compare the results of both techniques. However, this requires writing two programs, which may not act identically under the same conditions. It would be desirable to share the same generic algorithm by static and dynamic analysis. In JNuke, a framework for static and dynamic analysis of Java programs, this has been achieved. By keeping the architecture of static analysis similar to a virtual machine, the only key difference between abstract interpretation and execution remains the nature of program states. In dynamic analysis, concrete states are available, while in static analysis, sets of (abstract) states are considered. Our new analysis is generic because it can re-use the same algorithm in static analysis and dynamic analysis. This paper describes the architecture of such a generic analysis. To our knowledge, JNuke is the first tool that has achieved this integration, which enables static and dynamic analysis to interact in novel ways.

[1]  Klaus Havelund,et al.  Model checking programs , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[2]  Stephen N. Freund,et al.  Checking Concise Specifications for Multithreaded Software , 2004, J. Object Technol..

[3]  François Bourdoncle,et al.  Efficient chaotic iteration strategies with widenings , 1993, Formal Methods in Programming and Their Applications.

[4]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[5]  Ivar Jacobson,et al.  Unified Modeling Language User Guide, The (2nd Edition) (Addison-Wesley Object Technology Series) , 2005 .

[6]  Sarfraz Khurshid,et al.  Combining Test Case Generation with Run-time Verification , 2005 .

[7]  Gerard J. Holzmann,et al.  Design and validation of computer protocols , 1991 .

[8]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[9]  Pascal Eugster Java Virtual Machine with Rollback Procedure allowing Systematic and Exhaustive Testing of Multi-threaded Java Programs , 2003 .

[10]  Susan Horwitz,et al.  An efficient general iterative algorithm for dataflow analysis , 2004, Acta Informatica.

[11]  Martin D. Westhead,et al.  A methodology for benchmarking Java Grande applications , 1999, JAVA '99.

[12]  Armin Biere,et al.  Applying static analysis to large-scale, multi-threaded Java programs , 2001, Proceedings 2001 Australian Software Engineering Conference.

[13]  Armin Biere,et al.  High‐level data races , 2003, Softw. Test. Verification Reliab..

[14]  Allen Goldberg,et al.  Instrumentation of Java Bytecode for Runtime Analysis , 2003 .

[15]  Michael R. Lowry,et al.  Experimental Evaluation of Verification and Validation Tools on Martian Rover Software , 2013, Formal Methods Syst. Des..

[16]  Barbara G. Ryder,et al.  An efficient hybrid algorithm for incremental data flow analysis , 1989, POPL '90.

[17]  Viktor Schuppan,et al.  JNuke: Efficient Dynamic Analysis for Java , 2004, CAV.

[18]  Markus Mohnen,et al.  A Graph-Free Approach to Data-Flow Analysis , 2002, CC.

[19]  Doug Lea Concurrent Programming in Java. Second Edition: Design Principles and Patterns , 1999 .

[20]  Armin Biere,et al.  Subroutine Inlining and Bytecode Abstraction to Simplify Static and Dynamic Analysis , 2005, Bytecode@ETAPS.

[21]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multi-threaded programs , 1997, TOCS.

[22]  Armin Biere,et al.  Using Block-Local Atomicity to Detect Stale-Value Concurrency Errors , 2004, ATVA.

[23]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[24]  C Haythornwaite,et al.  Gamma, E., Helm, R., Johnson, R. & Vlissides, J. Design Patterns: Elements of Reusable Object Oriented Software. New York: Addison-Wesley, 1995. , 2002 .

[25]  Martin C. Rinard,et al.  Compositional pointer and escape analysis for Java programs , 1999, OOPSLA '99.

[26]  Thomas R. Gross,et al.  Object race detection , 2001, OOPSLA '01.

[27]  Derek L. Bruening Systematic testing of multithreaded Java programs , 1999 .

[28]  Grigore Rosu,et al.  Monitoring Java Programs with Java PathExplorer , 2001, RV@CAV.

[29]  Doug Lea,et al.  Concurrent Programming In Java , 1996 .

[30]  Ivar Jacobson,et al.  The unified modeling language reference manual , 2010 .

[31]  John A. Trono A new exercise in concurrency , 1994, SGCS.

[32]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[33]  M. Burrows,et al.  Finding stale‐value errors in concurrent programs , 2004, Concurr. Pract. Exp..

[34]  Matthew B. Dwyer,et al.  Finding feasible abstract counter-examples , 2003, International Journal on Software Tools for Technology Transfer.

[35]  Monica S. Lam,et al.  Cloning-based context-sensitive pointer alias analysis using binary decision diagrams , 2004, PLDI '04.