Dynamic program analysis
Encyclopedia
Dynamic program analysis is the analysis of computer software
that is performed by executing programs built from that software system on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior. Use of software testing
techniques such as code coverage
helps ensure that an adequate slice of the program's set of possible behaviors has been observed. Also, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program. Inadequate testing can lead to catastrophic failures similar to the maiden flight of the Ariane 5
rocket launcher where dynamic execution errors (run time error) resulted in the destruction of the vehicle.
Most performance analysis tools use dynamic program analysis techniques.
Program analysis (computer science)
In computer science, program analysis is the process of automatically analysing the behavior of computer programs. Two main approaches in program analysis are static program analysis and dynamic program analysis...
that is performed by executing programs built from that software system on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior. Use of software testing
Software testing
Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software...
techniques such as code coverage
Code coverage
Code coverage is a measure used in software testing. It describes the degree to which the source code of a program has been tested. It is a form of testing that inspects the code directly and is therefore a form of white box testing....
helps ensure that an adequate slice of the program's set of possible behaviors has been observed. Also, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program. Inadequate testing can lead to catastrophic failures similar to the maiden flight of the Ariane 5
Ariane 5 Flight 501
Cluster was a constellation of four European Space Agency spacecraft which were launched on the maiden flight of the Ariane 5 rocket, Flight 501, and subsequently lost when that rocket failed to achieve orbit. The launch, which took place on Tuesday, June 4, 1996, ended in failure due to an error...
rocket launcher where dynamic execution errors (run time error) resulted in the destruction of the vehicle.
Examples of Tools
- AvalancheAvalanche (dynamic analysis tool)For other uses, see Avalanche Avalanche is a dynamic program analysis tool developed in ISP RAS that performs symbolic execution in order to generate input data that causes an analysed program to crash...
is an open sourceOpen-source softwareOpen-source software is computer software that is available in source code form: the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study, change, improve and at times also to distribute the software.Open...
tool that generates input data demonstrating crashesCrash (computing)A crash in computing is a condition where a computer or a program, either an application or part of the operating system, ceases to function properly, often exiting after encountering errors. Often the offending program may appear to freeze or hang until a crash reporting service documents...
in the analysed program. - BoundsCheckerBoundsCheckerBoundsChecker is a memory checking and API call validation tool used for C++ software development with Microsoft Visual C++. It was created by Nu-Mega Technologies in the early 1990s. When Nu-Mega was purchased by Compuware in 1997, BoundsChecker became part of a larger tool suite, DevPartner...
: Memory error detection for Windows based applications. Part of Micro Focus DevPartnerDevPartnerDevPartner is a set of software development and testing tools developed by Nu-Mega Technologies, acquired by Compuware Corporation in 1997, which on June 1, 2009 sold it to Micro Focus International...
. - ClearSQL: is a review and quality control and a code illustration tool for PL/SQL.
- Daikon (system)Daikon (system)For other uses, see Daikon Daikon is a computer program that detects likely invariants of programs. An invariant is a condition that always holds true at certain points in the program...
is an implementation of dynamic invariant detection. Daikon runs a program, observes the values that the program computes, and then reports properties that were true over the observed executions, and thus likely true over all executions. - DmallocDmallocDmalloc is a memory debugger C library, written by Gray Watson, that helps programmers to find a variety of memory allocation programming errors for dynamic memory...
, library for checking memory allocation and leaks. Software must be recompiled, and all files must include the special C header file dmalloc.h. - DynInstDynInstDynInst is a multi-platform runtime code-patching library developed at the University of Wisconsin–Madison and University of Maryland, College Park. It may be useful in the development of performance measurement tools, debuggers, and simulators. The most recent release is Version 7.0....
is a runtime code-patching library that is useful in developing dynamic program analysis probes and applying them to compiled executables. Dyninst does not require source code or recompilation in general, however, non-stripped executables and executables with debugging symbols are easier to instrument. - HP Security SuiteHP Application Security CenterHP Application Security Center is a set of technology solutions by HP Software Division. Much of the portfolio for this solution suite was from HP's acquisition of SPI Dynamics...
is a suite of Tools at various stages of development. QAInspect and WebInspect are generally considered Dynamic Analysis Tools, while DevInspect is considered a static code analysis tool. - IBM Rational AppScanIBM Rational AppScanIBM Rational AppScan is a family of web security testing and monitoring tools from the Rational Software division of IBM. AppScan is intended to test Web applications for security vulnerabilities during the development process, when it is least expensive to fix such problems...
is a suite of application security solutions targeted for different stages of the development lifecycle. The suite includes two main dynamic analysis products - IBM Rational AppScan Standard Edition, and IBM Rational AppScan Enterprise Edition. In addition, the suite includes IBM Rational AppScan Source Edition - a static analysis tool. - Intel Thread CheckerIntel C++ CompilerIntel C++ Compiler is a group of C and C++ compilers from Intel Corporation available for GNU/Linux, Mac OS X, and Microsoft Windows....
is a runtime threading error analysis tool which can detect potential data races and deadlocks in multithreaded Windows or Linux applications. - Intel Parallel InspectorIntel Parallel InspectorIntel Parallel Inspector adds memory and thread checking into Microsoft Visual Studio. Parallel Inspector helps increase the reliability, security, and accuracy of C/C++ applications.* Reliability: Find deadlocks and memory errors that cause lockups & crashes...
performs run time threading and memory error analysis in Windows. - ParasoftParasoftParasoft is an independent software vendor with headquarters in Monrovia, California. It was founded in 1987 by five graduates of the California Institute of Technology who had been working on Caltech Cosmic Cube....
Insure++Insure++Insure++ is a memory debugger computer program, used by software developers to detect various errors in programs written in C and C++. It is made by Parasoft, and is functionally similar to other memory debuggers, such as Purify and Valgrind.-Overview:...
is runtime memory analysis and error detection tool. Its Inuse component provides a graphical view of memory allocations over time, with specific visibility into overall heap usage, block allocations, possible outstanding leaks, etc. - ParasoftParasoftParasoft is an independent software vendor with headquarters in Monrovia, California. It was founded in 1987 by five graduates of the California Institute of Technology who had been working on Caltech Cosmic Cube....
JtestJtestJtest is an automated Java testing and static code analysis product that is made by Parasoft. It aims to improve Java code reliability, functionality, security, performance, and maintainability. Basic functionality includes Unit test-case generation, static analysis, regression testing, runtime...
uses runtime error detection to expose defects such as race conditions, exceptions, resource & memory leaks, and security attack vulnerabilities. - PolyspacePolyspacePolyspace is a static code analysis tool inspired by the failure of the maiden flight of Ariane 5 where a run time error resulted in destruction of the launch vehicle. It is the first example of large-scale static code analysis by abstract interpretation to detect and prove the absence of certain...
uses abstract interpretationAbstract interpretationIn computer science, abstract interpretation is a theory of sound approximation of the semantics of computer programs, based on monotonic functions over ordered sets, especially lattices. It can be viewed as a partial execution of a computer program which gains information about its semantics In...
to detect and prove the absence of certain run time errors in source codeSource codeIn computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...
. - Purify: mainly memory corruptionStorage violationA storage violation occurs when a task modifies, or attempts to modify, computer storage that it does not own.-Types of storage violation:Storage violation can, for instance, consist of writing to or freeing storage not owned by the task....
detection and memory leak detection. - ValgrindValgrindValgrind is a GPL licensed programming tool for memory debugging, memory leak detection, and profiling. The name valgrind comes from the main entrance to Valhalla in Norse mythology....
runs programs on a virtual processor and can detect memory errors (e.g., misuse of mallocMallocC dynamic memory allocation refers to performing dynamic memory allocation in the C via a group of functions in the C standard library, namely malloc, realloc, calloc and free....
and free) and race conditions in multithread programs. - VB WatchVB WatchVB Watch is a Visual Basic programming utility. VB Watch consists of three tools for Visual Basic 6.0: Profiler, Protector and Debugger.-Profiler:...
injects dynamic analysis code into Visual Basic programs to monitor their performance, call stack, execution trace, instantiated objects, variables and code coverageCode coverageCode coverage is a measure used in software testing. It describes the degree to which the source code of a program has been tested. It is a form of testing that inspects the code directly and is therefore a form of white box testing....
.
Most performance analysis tools use dynamic program analysis techniques.
Historical examples
- IBM OLIVER (CICS interactive test/debug): CICSCICSCustomer Information Control System is a transaction server that runs primarily on IBM mainframe systems under z/OS and z/VSE.CICS is a transaction manager designed for rapid, high-volume online processing. This processing is mostly interactive , but background transactions are possible...
application error detection including storage violationStorage violationA storage violation occurs when a task modifies, or attempts to modify, computer storage that it does not own.-Types of storage violation:Storage violation can, for instance, consist of writing to or freeing storage not owned by the task....
s using an instruction Set SimulatorInstruction Set SimulatorAn instruction set simulator is a simulation model, usually coded in a high-level programming language, which mimics the behavior of a mainframe or microprocessor by "reading" instructions and maintaining internal variables which represent the processor's registers.Instruction simulation is a...
to detect most CICS errors interactively - SIMON (Batch Interactive test/debug)SIMON (Batch Interactive test/debug)SIMON was a proprietary test/debugging toolkit for interactively testing Batch programs designed to run on IBM's System 360/370/390 architecture....
interactive batch program analyzer and test/debug using an instruction Set SimulatorInstruction Set SimulatorAn instruction set simulator is a simulation model, usually coded in a high-level programming language, which mimics the behavior of a mainframe or microprocessor by "reading" instructions and maintaining internal variables which represent the processor's registers.Instruction simulation is a... - SIMMONSIMMONSIMMON was a proprietary software testing system developed in the late 1960s in the IBM Product Test Laboratory, then at Poughkeepsie, N.Y...
: IBM internal instruction Set SimulatorInstruction Set SimulatorAn instruction set simulator is a simulation model, usually coded in a high-level programming language, which mimics the behavior of a mainframe or microprocessor by "reading" instructions and maintaining internal variables which represent the processor's registers.Instruction simulation is a...
used for testing operating system components, utilities and I/O processors
See also
- Performance analysisPerformance analysisIn software engineering, profiling is a form of dynamic program analysis that measures, for example, the usage of memory, the usage of particular instructions, or frequency and duration of function calls...
- Program analysis (computer science)Program analysis (computer science)In computer science, program analysis is the process of automatically analysing the behavior of computer programs. Two main approaches in program analysis are static program analysis and dynamic program analysis...
- Static code analysisStatic code analysisStatic program analysis is the analysis of computer software that is performed without actually executing programs built from that software In most cases the analysis is performed on some version of the source code and in the other cases some form of the object code...