FindBugs papers

The  FindBugs web page (  http://findbugs.sourceforge.net/#papers  ) links to two papers, both presented at PASTE 2007.  They are

• Finding More Null Pointer Bugs, But Not Too Many, by David Hovemeyer, York College of Pennsylvania and William Pugh, Univ. of Maryland, 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, June, 2007
• Evaluating Static Analysis Defect Warnings On Production Software, Nathaniel Ayewah and William Pugh, Univ. of Maryland, and J. David Morgenthaler, John Penix and YuQian Zhou, Google, Inc., 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, June, 2007 

An earlier paper, from OOPSLA 2004, gives a more thorough description of the basic ideas in FindBugs.  It is

• Hovemeyer, D. and Pugh, W. 2004. Finding bugs is easy. In Companion To the 19th Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications (Vancouver, BC, CANADA, October 24 - 28, 2004). OOPSLA '04. ACM, New York, NY, 132-136. DOI= http://doi.acm.org/10.1145/1028664.1028717

Although the OOPSLA paper is older, I think we need the general overview, so I'd like to suggest we read that one.  But actually I'd like to read that plus the null pointer detection paper, to see how the (fairly simple) pattern detection in the original version of FindBugs is extended and refined to be more effective.

Dysy paper link

It's
Csallner, C., Tillmann, N., and Smaragdakis, Y. 2008. DySy: dynamic symbolic execution for invariant inference. In Proceedings of the 30th international Conference on Software Engineering (Leipzig, Germany, May 10 - 18, 2008). ICSE '08. ACM, New York, NY, 281-290. DOI= http://doi.acm.org/10.1145/1368088.1368127

The background paper on symbolic execution is
King, J. C. 1976. Symbolic execution and program testing. Commun. ACM 19, 7 (Jul. 1976), 385-394. DOI= http://doi.acm.org/10.1145/360248.360252

We will meet in Deschutes 160 (first floor conference room)

I just signed us up for room 160, one floor down from where we were last week.  It has a table, which feels more "seminar-like" to me than the desks in 260 ... and besides, it was available and 260 wasn't.

Reading link, new time

The Daikon paper by Ernst et al is available from his web site here as well as from IEEE.

Tuesday 10am has been proposed as an alternative time to meet.  Please let me know if that does not work for you ... I think it's definitely an improvement over Monday 4pm.  I'm not sure yet about a room, but I'm reasonably confident we can find something.  OK?

Welcome to the Seminar on Program Analysis

I will use this blog in lieu of a course web page to post links to readings, schedule, etc.

We have so far:
    Week 2:  Anthony leading discussion of Ernst's IEEE TSE paper on dynamic invariant detection (Daikon)
    Week 3:  Jed (backup Dan) leading discussion of Csallner's ICSE paper on dynamic symbolic execution in dynamic invariant detection (DySy).

Be sure to fill in the Doodle poll put together by Daniel to find a better seminar meeting time.

The first is
Ernst, M. D., Cockrell, J., Griswold, W. G., and Notkin, D. 2001. Dynamically Discovering Likely Program Invariants to Support Program Evolution. IEEE Trans. Softw. Eng. 27, 2 (Feb. 2001), 99-123. DOI= http://dx.doi.org/10.1109/32.908957

Theoretically this is available through our library, but I'm finding it difficult to use the IEEE digital library from home through the library account.  You should be able to use the DOI link while using a computer at school.