Residual investigation: Predictive and precise bug detection

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceeding

Abstract

We introduce the concept of "residual investigation" for program analysis. A residual investigation is a dynamic check installed as a result of running a static analysis that reports a possible program error. The purpose is to observe conditions that indicate whether the statically predicted program fault is likely to be realizable and relevant. The key feature of a residual investigation is that it has to be much more precise (i.e., with fewer false warnings) than the static analysis alone, yet significantly more general (i.e., reporting more errors) than the dynamic tests in the program's test suite pertinent to the statically reported error. That is, good residual investigations encode dynamic conditions that, when taken in conjunction with the static error report, increase confidence in the existence of an error, as well as its severity, without needing to directly observe a fault resulting from the error. We enhance the static analyzer FindBugs with several residual investigations, appropriately tuned to the static error patterns in FindBugs, and apply it to 7 large open-source systems and their native test suites. The result is an analysis with a low occurrence of false warnings ("false positives") while reporting several actual errors that would not have been detected by mere execution of a program's test suite.

Details

Authors
External organisations
  • University of Massachusetts
  • Google Inc.
  • University of Texas at Arlington
  • National and Kapodistrian University of Athens
Research areas and keywords

Subject classification (UKÄ) – MANDATORY

  • Software Engineering

Keywords

  • existing test cases, False warnings, RFBI
Original languageEnglish
Title of host publication2012 International Symposium on Software Testing and Analysis, ISSTA 2012 - Proceedings
PublisherAssociation for Computing Machinery (ACM)
Pages298-308
Number of pages11
ISBN (Print)9781450314541
Publication statusPublished - 2012 Aug 28
Publication categoryResearch
Peer-reviewedYes
Externally publishedYes
Event21st International Symposium on Software Testing and Analysis, ISSTA 2012 - Minneapolis, MN, United States
Duration: 2012 Jul 152012 Jul 20

Conference

Conference21st International Symposium on Software Testing and Analysis, ISSTA 2012
CountryUnited States
CityMinneapolis, MN
Period2012/07/152012/07/20

Related prizes

Christoph Reichenbach (Recipient), 2012 Jul 20

Prizes and Distinctions: Prize (including medals and awards)

View all (1)