1 / 9

RubyPolish: Static Bug Detection in Ruby Programs

John Locke Alex Mont. RubyPolish: Static Bug Detection in Ruby Programs. Background. FindBugs is a static analysis tool used to identify common bugs in Java programs Ruby is a dynamic, interpreted programming language Idea: Develop a FindBugs-type tool which operates on Ruby programs

archie
Download Presentation

RubyPolish: Static Bug Detection in Ruby Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. John Locke Alex Mont RubyPolish: Static Bug Detection in Ruby Programs

  2. Background FindBugs is a static analysis tool used to identify common bugs in Java programs Ruby is a dynamic, interpreted programming language Idea: Develop a FindBugs-type tool which operates on Ruby programs DRuby provides a means to do this

  3. DRuby DRuby adds static typing to the standard Ruby language To accomplish this, DRuby boils down Ruby code to “Ruby Intermediate Language (RIL)” to allow for simple static analysis RIL provides an easier way to parse Ruby code and identify common programming mistakes

  4. Project Plan • Examine FindBugs to determine which detectors are useful for Ruby • Implement extensible framework for static analysis using DRuby • Implement bug detectors using the framework • Test results on existing open-sourceRuby programs

  5. Framework • Dataflow Analyses • Specified by transfer function • Bug Detectors • Pattern match based on RIL code structure for common mistakes • Takes state and dataflow facts, determines if bug is detected • Time permitting: Pluggable interface • Conveniently add bug detectors on the fly

  6. Example: Null Pointer Analysis • Warning if: • Dereference of NULL or NSP • Nullcheck of NULL or NONNULL NULL NONNULL NSP NCP

  7. Bug Detectors • FindBugs has 131 correctness detectors • Identified 15 to potentially implement for this project • 2 require dataflow analysis • 13 require only pattern matching • Examples • Incompatible bit masks • Duplicate conditional tests • Useless control flow

  8. Project Progress Compiled and installed DRuby, examined existing code, learned about its operation Implemented prototypes of framework and detectors To do: Continue to fix bugs in the CFG logic Finish implementation of bug detectors Test detectors on existing code

  9. Future Directions Compare with other static analysis tools Extend framework Alias analysis Interprocedural and field analysis Implement additional bug detectors (There’s always something else to detect!  ). Possibly implement detectors not present in FindBugs

More Related