Program Analyses for Automatic and Precise Error Detection


This page provides my doctoral dissertation (Ph.D. thesis), written at ETH Zurich from 2008 to 2012.

Download as PDF BibTeX entry

Abstract

One of the largest challenges in software development is to ensure that the software is correct. Almost all software that is complex enough to accomplish a useful task contains programming errors. Unfortunately, developers must allocate their time to various activities and often, they do not have enough time for searching programming errors.

The goal of this dissertation is to support developers in finding programming errors despite a limited time budget. Therefore, we focus on program analyses with three properties. First, the analyses are automatic, that is, the only input required to analyze a program is the source code (or byte code) of the program itself. In particular, an automatic analysis does not rely on formal specifications or manually written test suites. Second, the analyses are precise, that is, they report warnings that are guaranteed to point to programming errors or that have a high chance of pointing to programming errors, instead of false positives. Third, the analyses can be applied to real-world software with low human and computational effort, that is, they provide developers a push button approach for existing code.

This dissertation argues that automatic program analysis allows for precisely detecting errors with little effort. The key idea is to leverage programs as their own oracles, for example, by leveraging a program as an executable specification for itself or by checking a program against properties inferred from the program itself. To support our thesis, we present five automatic and precise program analyses that effectively and efficiently detect programming errors. The analyses presented in this dissertation consider different kinds of errors (for example, incorrect API usages and thread safety violations), different kinds of programs (sequential and concurrent), and leverage different analysis techniques (static and dynamic). We evaluate our approach with mature and well-tested Java and C programs and show that it reveals errors automatically, precisely, and with low effort.

Publications

The dissertation is based upon the following publications:

Implementation and Supplementary Material