Inhalt des Dokuments
|Michael Pradel, ETH Zürich|
|Tuesday, June 18, 2013, 3 – 4 p.m., TU Hochhaus, 11th floor, room 1118/19|
Software has bugs and finding them takes lots of effort. This talk presents two approaches to detect bugs in an automatic and precise way. Automatic means that the approach requires no input but the software under test (no specifications, no hand-written tests). Precise means that all reported warnings are indeed correctness problems (no false positives). First, we present an analysis to find classes that violate API protocols, that is, constraints on the order in which clients can call API methods. The analysis automatically infers and checks API protocols by leveraging generated tests in two ways: Passing tests drive the program during protocol mining, and failing test executions are checked against the mined protocols. The analysis reports 54 API protocol violations in ten well-tested Java programs. Second, we present an analysis to test thread-safe classes. The key idea is to generate concurrent tests in which multiple threads call methods of a shared instance of the tested class. If a concurrent test exhibits an exception or a deadlock that cannot be triggered in any linearized execution of the test, the analysis reports a thread safety violation. The analysis finds various bugs in popular Java libraries, including two previously unknown bugs in the Java standard library.
ContactProf. Dr. Jean-Pierre Seifert