Aspect: detecting bugs with abstract dependences

Aspect is a static analysis technique for detecting bugs in imperative programs, consisting of an annotation language and a checking tool. Like a type declaration, an Aspect annotation of a procedure is a kind of declarative, partial specification that can be checked efficiently in a modular fashion. But instead of constraining the types of arguments and results, Aspect specifications assert dependences that should hold between inputs and outputs. The checker uses a simple dependence analysis to check code against annotations and can find bugs automatically that are not detectable by other static means, especially errors of omission, which are common, but resistant to type checking. This article explains the basic scheme and shows how it is elaborated to handle data abstraction and aliasing.

[1]  Dewayne E. Perry The logic of propagation in the inscape environment , 1989 .

[2]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[3]  Jong-Deok Choi,et al.  Efficient flow-sensitive interprocedural computation of pointer-induced aliases and side effects , 1993, POPL '93.

[4]  Robert E. Strom Mechanisms for compile-time enforcement of security , 1983, POPL '83.

[5]  Alain Deutsch,et al.  Interprocedural may-alias analysis for pointers: beyond k-limiting , 1994, PLDI '94.

[6]  Karl J. Ottenstein,et al.  The program dependence graph in a software development environment , 1984, SDE 1.

[7]  Lori A. Clarke,et al.  A Formal Model of Program Dependences and Its Implications for Software Testing, Debugging, and Maintenance , 1990, IEEE Trans. Software Eng..

[8]  Mark Weiser,et al.  Program Slicing , 1981, IEEE Transactions on Software Engineering.

[9]  D. Perry The Logic of Propagation in the Inscape Environment , 1989, Symposium on Testing, Analysis, and Verification.

[10]  Wuu Yang,et al.  The Semantics of Program Slicing and Program Integration , 1989, TAPSOFT, Vol.2.

[11]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[12]  David K. Gifford,et al.  Polymorphic effect systems , 1988, POPL '88.

[13]  Cliff B. Jones,et al.  Systematic software development using VDM (2. ed.) , 1990, Prentice Hall International Series in Computer Science.

[14]  Stephen J. Garland,et al.  Larch: Languages and Tools for Formal Specification , 1993, Texts and Monographs in Computer Science.

[15]  Daniel Jackson,et al.  Aspect: a formal specification language for detecting bugs , 1992 .

[16]  Bernard Carré,et al.  Information-flow and data-flow analysis of while-programs , 1985, TOPL.

[17]  Daniel M. Yellin,et al.  A checkable interface language for pointer-based structures , 1994 .

[18]  James R. Larus,et al.  Detecting conflicts between structure accesses , 1988, PLDI '88.

[19]  David W. Binkley,et al.  Interprocedural slicing using dependence graphs , 1990, TOPL.

[20]  Dewayne E. Perry The inscape environment , 1989, ICSE '89.

[21]  Frank Pfenning,et al.  Refinement types for ML , 1991, PLDI '91.

[22]  Elaine J. Weyuker,et al.  The Cost of Data Flow Testing: An Empirical Study , 1990, IEEE Trans. Software Eng..

[23]  Yang Meng Tan,et al.  LCLint: a tool for using specifications to check code , 1994, SIGSOFT '94.

[24]  Elaine J. Weyuker,et al.  Selecting Software Test Data Using Data Flow Information , 1985, IEEE Transactions on Software Engineering.

[25]  François Bourdoncle,et al.  Abstract debugging of higher-order imperative languages , 1993, PLDI '93.

[26]  Barbara G. Ryder,et al.  Interprocedural Def-Use Associations for C Systems with Single Level Pointers , 1994, IEEE Trans. Software Eng..

[27]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[28]  Stephen J. Garland,et al.  An Overview of LP, The Larch Power , 1989, RTA.

[29]  Leon J. Osterweil,et al.  Dave—a validation error detection and documentation system for fortran programs , 1976, Softw. Pract. Exp..

[30]  Leon J. Osterweil,et al.  Data Flow Analysis in Software Reliability , 1976, CSUR.

[31]  Peter Henderson Finite state modelling in program development , 1975 .

[32]  Leon J. Osterweil,et al.  Interprocedural static analysis of sequencing constraints , 1992, TSEM.

[33]  Matthias Felleisen,et al.  The semantics of program dependence , 1989, PLDI '89.

[34]  William E. Howden,et al.  Comments analysis and programming errors , 1990, IEEE Transactions on Software Engineering.

[35]  Phil Pfeiffer,et al.  Dependence analysis for pointer variables , 1989, PLDI '89.

[36]  Daniel Jackson,et al.  A new model of program dependences for reverse engineering , 1994, SIGSOFT '94.

[37]  Craig Schaffert,et al.  CLU Reference Manual , 1984, Lecture Notes in Computer Science.

[38]  William E. Howden,et al.  QDA-A Method for Systematic Informal Program Analysis , 1994, IEEE Trans. Software Eng..

[39]  Timothy C. Winkler,et al.  Approximate Reasoning About the Semantic Effects of Program Changes , 1990, IEEE Trans. Software Eng..