Article

Continuous code-quality assurance with SAFE

Authors:

Stephen FinkAuthors Info & Claims

PEPM '06: Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation

Pages 145 - 149

https://doi.org/10.1145/1111542.1111567

Published: 09 January 2006 Publication History

Abstract

This paper presents the design of SAFE (Scalable and Flexible Error Detection), a static analysis tool targeting lightweight program verification and bug finding for Java. The tool utilizes two types of analysis: a simple "structural" checker based on pattern-matching, and an interprocedural flow-sensitive dataflow solver which integrates typestate checking and alias analysis. We describe how the tool integrates into a team development platform for analysis of batch builds, and user interface support built on the Eclipse platform.

References

[1]

Apache Ant. http://ant.apache.org/.

[2]

T. Ball and S. K. Rajamani. The slam project: debugging system software via static analysis. In POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 1--3, New York, NY, USA, 2002. ACM Press.

Digital Library

[3]

D. Chase, M. Wegman, and F. Zadeck. Analysis of pointers and structures. In Proc. Conf. on Prog. Lang. Design and Impl., pages 296--310, New York, NY, 1990. ACM Press.

Digital Library

[4]

H. Chen and D. Wagner. Mops: an infrastructure for examining security properties of software. In CCS '02: Proceedings of the 9th ACM conference on Computer and communications security, pages 235--244, New York, NY, USA, 2002. ACM Press.

Digital Library

[5]

CodeReview. http://www128.ibm.com/developerworks/rational/library/05/higgins.

[6]

CruiseControl. http://cruisecontrol.sourceforge.net.

[7]

M. Das, S. Lerner, and M. Seigle. ESP: Path-sensitive program verification in polynomial time. In Proc. Conf. on Prog. Lang. Design and Impl., pages 57--68, June 2002.

Digital Library

[8]

J. Field, D. Goyal, G. Ramalingam, and E. Yahav. Typestate verification: Abstraction techniques and complexity results. In Proc. of SAS'03, volume 2694 of LNCS, pages 439--462. Springer, June 2003.

Digital Library

[9]

S. Fink, E. Yahav, N. Dor, G. Ramalingam, and E. Geay. Typestate checking in the presence of aliasing. in preparation, 2005.

[10]

M. Fowler. Continuous Integration. http://www.martinfowler.com/articles/continousIntegration.html.

[11]

S. Hallem, B. Chelf, Y. Xie, and D. Engler. A system and language for building system-specific, static analyses. In PLDI '02: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation, pages 69--82, New York, NY, USA, 2002. ACM Press.

Digital Library

[12]

N. Heintze and O. Tardieu. Ultra-fast aliasing analysis using CLA: A million lines of C code in a second. 36(5):254--263, May 2001. In Conference on Programming Language Design and Implementation (PLDI).

Digital Library

[13]

D. Hovemeyer and W. Pugh. Finding bugs is easy. In OOPSLA '04: Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications, pages 132--136, New York, NY, USA, 2004. ACM Press.

Digital Library

[14]

JLint. http://www.sureshotsoftware.com/javalint.

[15]

O. Lhoták and L. Hendren. Scaling Java points-to analysis using SPARK. In 12th International Conference on Compiler Construction (CC), volume 2622 of LNCS, pages 153--169, Apr. 2003.

Digital Library

[16]

Parasoft JTest. http://www.parasoft.com/jsp/products/home.jsp?product=Jtest.

[17]

PMD. http://pmd.sourceforge.net/.

[18]

G. Ramalingam, A. Warshavsky, J. Field, D. Goyal, and M. Sagiv. Deriving specialized program analyses for certifying component-client conformance. In Proc. Conf. on Prog. Lang. Design and Impl., volume 37, 5, pages 83--94, June 2002.

Digital Library

[19]

RCP. http://www.eclipse.org/rep.

[20]

N. Rutar, C. B. Almazan, and J. S. Foster. A comparison of bug finding tools for java. In ISSRE '04: Proceedings of the 15th IEEE International Symposium on Software Reliability Engineering, November 2004.

Digital Library

[21]

R. E. Strom and S. Yemini. Typestate: A programming language concept for enhancing software reliability. IEEE Trans. Software Eng., 12(1):157--171, 1986.

Digital Library

[22]

W. Weimer and G. C. Necula. Finding and preventing run-time error handling mistakes. In OOPSLA '04: Proceedings of the 19th annual ACM SIGPLAN Conference on Object-oriented programming, systems, languages, and applications, pages 419--431, New York, NY, USA, 2004. ACM Press.

Digital Library

Cited By

Christakis MCottenier TFilieri ALuo LMansur MPike LRosner NSchäf MSengupta AVisser WRoychoudhury ACadar CKim M(2022)Input splitting for cloud-based static application security testing platformsProceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3558944(1367-1378)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3558944
Eichberg MHermann BMezini MGlanz LDi Nitto EHarman MHeymans P(2015)Hidden truths in dead software pathsProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786865(474-484)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786865
Dallmeier VKnopp NMallon CHack SZeller ATonella POrso A(2010)Generating test cases for specification miningProceedings of the 19th international symposium on Software testing and analysis10.1145/1831708.1831719(85-96)Online publication date: 12-Jul-2010
https://dl.acm.org/doi/10.1145/1831708.1831719
Show More Cited By

Recommendations

A safe approximate algorithm for interprocedural pointer aliasing
20 Years of the ACM SIGPLAN Conference on Programming Language Design and Implementation 1979-1999: A Selection

During execution, when two or more names exist for the same location at some program point, we call them aliases. In a language which allows arbitrary pointers, the problem of determining aliases at a program point is P-space-hard [Lan92]. We present an ...
A safe approximate algorithm for interprocedural aliasing
PLDI '92: Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation

During execution, when two or more names exist for the same location at some program point, we call them aliases. In a language which allows arbitrary pointers, the problem of determining aliases at a program point is ρ-space-hard [Lan92]. We present an ...
A safe approximate algorithm for interprocedural aliasing

During execution, when two or more names exist for the same location at some program point, we call them aliases. In a language which allows arbitrary pointers, the problem of determining aliases at a program point is ρ-space-hard [Lan92]. We present an ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PEPM '06: Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation

January 2006

176 pages

ISBN:1595931961

DOI:10.1145/1111542

Conference Chairs:
John Hatcliff
Kansas State University
,
Frank Tip
IBM T.J. Watson Research Center

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 January 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

PEPM06

Sponsor:

SIGPLAN

PEPM06: Partial Evaluation and Program Manipulation 2006

January 9 - 10, 2006

South Carolina, Charleston

Acceptance Rates

Overall Acceptance Rate 66 of 120 submissions, 55%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
278
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Christakis MCottenier TFilieri ALuo LMansur MPike LRosner NSchäf MSengupta AVisser WRoychoudhury ACadar CKim M(2022)Input splitting for cloud-based static application security testing platformsProceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3558944(1367-1378)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3558944
Eichberg MHermann BMezini MGlanz LDi Nitto EHarman MHeymans P(2015)Hidden truths in dead software pathsProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786865(474-484)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786865
Dallmeier VKnopp NMallon CHack SZeller ATonella POrso A(2010)Generating test cases for specification miningProceedings of the 19th international symposium on Software testing and analysis10.1145/1831708.1831719(85-96)Online publication date: 12-Jul-2010
https://dl.acm.org/doi/10.1145/1831708.1831719
Nanda MGupta MSinha SChandra SSchmidt DBalachandran PKramer JBishop JDevanbu PUchitel S(2010)Making defect-finding tools work for youProceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 210.1145/1810295.1810310(99-108)Online publication date: 1-May-2010
https://dl.acm.org/doi/10.1145/1810295.1810310
WANG YYijun LCollins MLIU P(2008)Process improvement of peer code review and behavior analysis of its participantsACM SIGCSE Bulletin10.1145/1352322.135217140:1(107-111)Online publication date: 12-Mar-2008
https://dl.acm.org/doi/10.1145/1352322.1352171
WANG YYijun LCollins MLIU PDougherty JRodger SFitzgerald SGuzdial M(2008)Process improvement of peer code review and behavior analysis of its participantsProceedings of the 39th SIGCSE technical symposium on Computer science education10.1145/1352135.1352171(107-111)Online publication date: 12-Mar-2008
https://dl.acm.org/doi/10.1145/1352135.1352171
Volanschi N(2007)A portable compiler-integrated approach to permanent checkingAutomated Software Engineering10.1007/s10515-007-0022-415:1(3-33)Online publication date: 27-Nov-2007
https://doi.org/10.1007/s10515-007-0022-4

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten