Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Residual investigation : Predictive and precise bug detection

Li, Kaituo ; Reichenbach, Christoph LU orcid ; Csallner, Christoph and Smaragdakis, Yannis (2012) 21st International Symposium on Software Testing and Analysis, ISSTA 2012 p.298-308
Abstract

We introduce the concept of "residual investigation" for program analysis. A residual investigation is a dynamic check installed as a result of running a static analysis that reports a possible program error. The purpose is to observe conditions that indicate whether the statically predicted program fault is likely to be realizable and relevant. The key feature of a residual investigation is that it has to be much more precise (i.e., with fewer false warnings) than the static analysis alone, yet significantly more general (i.e., reporting more errors) than the dynamic tests in the program's test suite pertinent to the statically reported error. That is, good residual investigations encode dynamic conditions that, when taken in... (More)

We introduce the concept of "residual investigation" for program analysis. A residual investigation is a dynamic check installed as a result of running a static analysis that reports a possible program error. The purpose is to observe conditions that indicate whether the statically predicted program fault is likely to be realizable and relevant. The key feature of a residual investigation is that it has to be much more precise (i.e., with fewer false warnings) than the static analysis alone, yet significantly more general (i.e., reporting more errors) than the dynamic tests in the program's test suite pertinent to the statically reported error. That is, good residual investigations encode dynamic conditions that, when taken in conjunction with the static error report, increase confidence in the existence of an error, as well as its severity, without needing to directly observe a fault resulting from the error. We enhance the static analyzer FindBugs with several residual investigations, appropriately tuned to the static error patterns in FindBugs, and apply it to 7 large open-source systems and their native test suites. The result is an analysis with a low occurrence of false warnings ("false positives") while reporting several actual errors that would not have been detected by mere execution of a program's test suite.

(Less)
Please use this url to cite or link to this publication:
author
; ; and
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
existing test cases, False warnings, RFBI
host publication
2012 International Symposium on Software Testing and Analysis, ISSTA 2012 - Proceedings
pages
11 pages
publisher
Association for Computing Machinery (ACM)
conference name
21st International Symposium on Software Testing and Analysis, ISSTA 2012
conference location
Minneapolis, MN, United States
conference dates
2012-07-15 - 2012-07-20
external identifiers
  • scopus:84865298348
ISBN
9781450314541
DOI
10.1145/2338965.2336789
language
English
LU publication?
no
id
82d9dc57-ebe4-4f6c-9e8b-0d6c95c9ca76
date added to LUP
2019-03-29 20:15:55
date last changed
2022-01-31 18:36:02
@inproceedings{82d9dc57-ebe4-4f6c-9e8b-0d6c95c9ca76,
  abstract     = {{<p>We introduce the concept of "residual investigation" for program analysis. A residual investigation is a dynamic check installed as a result of running a static analysis that reports a possible program error. The purpose is to observe conditions that indicate whether the statically predicted program fault is likely to be realizable and relevant. The key feature of a residual investigation is that it has to be much more precise (i.e., with fewer false warnings) than the static analysis alone, yet significantly more general (i.e., reporting more errors) than the dynamic tests in the program's test suite pertinent to the statically reported error. That is, good residual investigations encode dynamic conditions that, when taken in conjunction with the static error report, increase confidence in the existence of an error, as well as its severity, without needing to directly observe a fault resulting from the error. We enhance the static analyzer FindBugs with several residual investigations, appropriately tuned to the static error patterns in FindBugs, and apply it to 7 large open-source systems and their native test suites. The result is an analysis with a low occurrence of false warnings ("false positives") while reporting several actual errors that would not have been detected by mere execution of a program's test suite.</p>}},
  author       = {{Li, Kaituo and Reichenbach, Christoph and Csallner, Christoph and Smaragdakis, Yannis}},
  booktitle    = {{2012 International Symposium on Software Testing and Analysis, ISSTA 2012 - Proceedings}},
  isbn         = {{9781450314541}},
  keywords     = {{existing test cases; False warnings; RFBI}},
  language     = {{eng}},
  month        = {{08}},
  pages        = {{298--308}},
  publisher    = {{Association for Computing Machinery (ACM)}},
  title        = {{Residual investigation : Predictive and precise bug detection}},
  url          = {{http://dx.doi.org/10.1145/2338965.2336789}},
  doi          = {{10.1145/2338965.2336789}},
  year         = {{2012}},
}