Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Programming

Ruby Polish: Static Bug Detection in Ruby Programs

advertisement 
RubyPolish: Static Bug
Detection in Ruby Programs
John Locke
Alex Mont
Background




FindBugs is a static analysis tool used to
identify common bugs in Java programs
Ruby is a dynamic, interpreted programming
language
Idea: Develop a FindBugs-type tool which
operates on Ruby programs
DRuby provides a means to do this
DRuby



DRuby adds static typing to the standard
Ruby language
To accomplish this, DRuby boils down Ruby
code to “Ruby Intermediate Language (RIL)”
to allow for simple static analysis
RIL provides an easier way to parse Ruby
code and identify common programming
mistakes
Project Plan




Examine FindBugs to determine which
detectors are useful for Ruby
Implement extensible framework for static
analysis using DRuby
Implement bug detectors using the
framework
Test results on existing open-sourceRuby
programs
Framework

Dataflow Analyses


Bug Detectors



Specified by transfer function
Pattern match based on RIL code structure for
common mistakes
Takes state and dataflow facts, determines if bug
is detected
Time permitting: Pluggable interface

Conveniently add bug detectors on the fly
Example: Null Pointer Analysis
NULL
NONNULL
NSP
NCP
Warning if:
- Dereference of
NULL or NSP
- Nullcheck of NULL
or NONNULL
Bug Detectors


FindBugs has 131 correctness detectors
Identified 15 to potentially implement for this
project



2 require dataflow analysis
13 require only pattern matching
Examples



Incompatible bit masks
Duplicate conditional tests
Useless control flow
Project Progress



Compiled and installed DRuby, examined
existing code, learned about its operation
Implemented prototypes of framework and
detectors
To do:



Continue to fix bugs in the CFG logic
Finish implementation of bug detectors
Test detectors on existing code
Future Directions


Compare with other static analysis tools
Extend framework



Alias analysis
Interprocedural and field analysis
Implement additional bug detectors (There’s
always something else to detect!  ).
Possibly implement detectors not present in
FindBugs
Related documents
Soal 3 OOSE pert3
Soal 3 OOSE pert3
Laboratory SAXS-WAXS: first-hand experiences in a multiuser
Laboratory SAXS-WAXS: first-hand experiences in a multiuser
ELECTRICAL CODE INTERPRETATION
ELECTRICAL CODE INTERPRETATION
Download
advertisement