Automatic and Precise Bug Detection in Sequential and Concurrent Programs
Software has bugs and finding them takes lots of effort. This talk presents two approaches to detect bugs in an automatic and precise way. Automatic means that the approach requires no input but the software under test (no specifications, no hand-written tests). Precise means that all reported warnings are indeed correctness problems (no false positives). First, we present an analysis to find classes that violate API protocols, that is, constraints on the order in which clients can call API methods. The analysis automatically infers and checks API protocols by leveraging generated tests in two ways: Passing tests drive the program during protocol mining, and failing test executions are checked against the mined protocols. Second, we present an analysis to test thread-safe classes. The key idea is to generate concurrent tests in which multiple threads call methods of a shared instance of the tested class. If a concurrent test exhibits an exception or a deadlock that cannot be triggered in any linearized execution of the test, the analysis reports a thread safety violation. Both analyses finds various bugs in popular Java software, including two previously unknown bugs in the Java standard library.
Michael Pradel is a postdoctoral researcher and lecturer at ETH Zurich. His primary research interests are in the area of software engineering and programming languages. In particular, he is interested in automated program analyses for finding programming errors. Michael received his Ph.D. from ETH Zurich in 2012. He graduated in computer science at Technical University in Dresden, Germany. He also spent two years at Ecole Centrale Paris, France, where he became a graduate engineer, and visited EPFL, Switzerland, to pursue his master thesis.