Dynamic program analysis
Program execution |
---|
General concepts |
Compilation strategies |
Notable runtimes |
|
Notable compilers & toolchains |
|
Dynamic program analysis is the analysis of computer software that is performed by executing programs on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior. Use of software testing measures such as code coverage helps ensure that an adequate slice of the program's set of possible behaviors has been observed. Also, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program. Inadequate testing can lead to catastrophic failures similar to the maiden flight of the Ariane 5 rocket launcher where dynamic execution errors (run time error) resulted in the destruction of the vehicle.[1]
Dynamic analysis is in contrast to static testing. Unit tests, integration tests, system tests and acceptance tests use dynamic testing.
Example tools
- AddressSanitizer: Memory error detection for Linux, OSX, Windows, and more. Part of LLVM.
- BoundsChecker: Memory error detection for Windows based applications. Part of Micro Focus DevPartner.
- Daikon (system) is an implementation of dynamic invariant detection. Daikon runs a program, observes the values that the program computes, and then reports properties that were true over the observed executions, and thus likely true over all executions.
- Dmalloc, library for checking memory allocation and leaks. Software must be recompiled, and all files must include the special C header file dmalloc.h.
- DynInst is a runtime code-patching library that is useful in developing dynamic program analysis probes and applying them to compiled executables. Dyninst does not require source code or recompilation in general, however, non-stripped executables and executables with debugging symbols are easier to instrument.
- Gcov is the GNU source code coverage program.
- HP Security Suite is a suite of Tools at various stages of development. QAInspect and WebInspect are generally considered Dynamic Analysis Tools, while DevInspect is considered a static code analysis tool.
- IBM Rational AppScan is a suite of application security solutions targeted for different stages of the development lifecycle. The suite includes two main dynamic analysis products - IBM Rational AppScan Standard Edition, and IBM Rational AppScan Enterprise Edition. In addition, the suite includes IBM Rational AppScan Source Edition - a static analysis tool.
- Intel Thread Checker is a runtime threading error analysis tool which can detect potential data races and deadlocks in multithreaded Windows or Linux applications.
- Intel Parallel Inspector performs run time threading and memory error analysis in Windows.
- Parasoft Insure++ is runtime memory analysis and error detection tool. Its Inuse component provides a graphical view of memory allocations over time, with specific visibility into overall heap usage, block allocations, possible outstanding leaks, etc.
- Parasoft Jtest uses runtime error detection to expose defects such as race conditions, exceptions, resource & memory leaks, and security attack vulnerabilities.
- Prism from CriticalBlue is an tool that dynamically traces software applications at runtime and captures data that can be used to analyze and identify the causes of poor performance.
- Purify: mainly memory corruption detection and memory leak detection.
- Valgrind runs programs on a virtual processor and can detect memory errors (e.g., misuse of malloc and free) and race conditions in multithread programs.
- VB Watch injects dynamic analysis code into Visual Basic programs to monitor their performance, call stack, execution trace, instantiated objects, variables and code coverage.
Most performance analysis tools use dynamic program analysis techniques.
Historical examples
- SIMMON: IBM internal instruction Set Simulator used for testing operating system components, utilities and I/O processors
See also
- Abstract interpretation
- Daikon
- Dynamic load testing
- Profiling (computer programming)
- Runtime verification
- Program analysis (computer science)
- Static code analysis
- Time Partition Testing
References
- ↑ Dowson, M. (March 1997). "The Ariane 5 Software Failure". Software Engineering Notes. 22 (2): 84. doi:10.1145/251880.251992.
Further reading
- Myers, G. J. (1979). The Art of Software Testing. New York, USA: John Wiley and Sons.