MarketDynamic program analysis
Company Profile

Dynamic program analysis

Dynamic program analysis is the act of analyzing software that involves executing a program – as opposed to static program analysis, which does not execute it.

Types
Functional testing Functional testing includes relatively common programming techniques such as unit testing, integration testing and system testing. Code coverage Computing the test code coverage identifies code that is not tested. Although this analysis identifies code that is not tested, it does not determine whether the tested code is adequately tested. Code can be executed even if the tests do not actually verify correct behavior. • Gcov is the GNU source code coverage program. • VB Watch injects dynamic analysis code into Visual Basic programs to monitor code coverage, the call stack, execution trace, instantiated objects, and variables. Dynamic testing Dynamic testing involves executing a program on a set of test cases. Memory error detection AddressSanitizer: Memory error detection for Linux, macOS, Windows, and more. Part of LLVM. • BoundsChecker: Memory error detection for Windows based applications. Part of Micro Focus DevPartner. • Dmalloc: Library for checking memory allocation and leaks. Software must be recompiled, and all files must include the special C header file dmalloc.h. • Intel Inspector: Dynamic memory error debugger for C, C++, and Fortran applications that run on Windows and Linux. • Purify: Mainly memory corruption detection and memory leak detection. • Valgrind: Runs programs on a virtual processor and can detect memory errors (e.g., misuse of malloc and free) and race conditions in multithread programs. Fuzzing Fuzzing is a testing technique that involves executing a program on a wide variety of inputs; often, these inputs are randomly generated (at least in part). Gray-box fuzzers use code coverage to guide input generation. Dynamic symbolic execution Dynamic symbolic execution (also known as DSE or concolic execution) involves executing a test program on a concrete input, collecting the path constraints associated with the execution, and using a constraint solver (generally, an SMT solver) to generate new inputs that would cause the program to take a different control-flow path, thus increasing code coverage of the test suite. DSE can be considered a type of fuzzing ("white-box" fuzzing). Dynamic data-flow analysis Dynamic data-flow analysis tracks the flow of information from sources to sinks. Forms of dynamic data-flow analysis include dynamic taint analysis and even dynamic symbolic execution. Invariant inference Daikon is an implementation of dynamic invariant detection. Daikon runs a program, observes the values the program computes, and then reports properties that were true during the observed executions and are thus likely true over all executions. Security analysis Dynamic analysis can be used to detect security problems. • IBM Rational AppScan is a suite of application security solutions targeted for different stages of the development lifecycle. The suite includes two main dynamic analysis products: IBM Rational AppScan Standard Edition and IBM Rational AppScan Enterprise Edition. In addition, the suite includes IBM Rational AppScan Source Edition—a static analysis tool. Concurrency errors Parasoft Jtest uses runtime error detection to expose defects such as race conditions, exceptions, resource and memory leaks, and security attack vulnerabilities. • Intel Inspector performs run-time threading and memory error analysis in Windows. • Parasoft Insure++ is a runtime memory analysis and error detection tool. Its Inuse component provides a graphical view of memory allocations over time, with specific visibility of overall heap usage, block allocations, possible outstanding leaks, etc. • Google's Thread Sanitizer is a data race detection tool. It instruments LLVM IR to capture racy memory accesses. Program slicing For a given subset of a program’s behavior, program slicing consists of reducing the program to the minimum form that still produces the selected behavior. The reduced program is called a “slice” and is a faithful representation of the original program within the domain of the specified behavior subset. Generally, finding a slice is an unsolvable problem, but by specifying the target behavior subset based on the values of a set of variables, it is possible to obtain approximate slices using a data-flow algorithm. These slices are usually used by developers during debugging to locate the source of errors. Performance analysis Most performance analysis tools use dynamic program analysis techniques. == Techniques ==
Techniques
Most dynamic analysis involves instrumentation or transformation. Since instrumentation can affect runtime performance, interpretation of test results must account for this to avoid misidentifying a performance problem. Examples DynInst is a runtime code-patching library useful for developing dynamic program analysis probes and applying them to compiled executables. Dyninst does not require source code or recompilation in general; however, non-stripped executables and executables with debugging symbols are easier to instrument. Iroh.js is a runtime code analysis library for JavaScript. It keeps track of the code execution path, provides runtime listeners to detect specific executed code patterns and allows interception and manipulation of the program's execution behavior. == See also ==
Source: Wikipedia ↗
tickerdossier.comtickerdossier.substack.com