Dynamic program analysis

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Dynamic program analysis is the analysis of computer software that is performed by executing programs on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior.[clarification needed] Use of software testing measures such as code coverage helps ensure that an adequate slice of the program's set of possible behaviors has been observed.[why?] Also, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program.[why?][context?] Inadequate testing can lead to catastrophic failures similar to the maiden flight of the Ariane 5 rocket where dynamic execution errors (run time error) resulted in the destruction of the vehicle.[1][relevant? ]

Dynamic analysis is in contrast to static testing. Unit tests, integration tests, system tests and acceptance tests use dynamic testing.

Example tools[edit]

  • AddressSanitizer: Memory error detection for Linux, OSX, Windows, and more. Part of LLVM.
  • BoundsChecker: Memory error detection for Windows based applications. Part of Micro Focus DevPartner.
  • Daikon (system) is an implementation of dynamic invariant detection. Daikon runs a program, observes the values that the program computes, and then reports properties that were true over the observed executions, and thus likely true over all executions.
  • Dmalloc, library for checking memory allocation and leaks. Software must be recompiled, and all files must include the special C header file dmalloc.h.
  • DynInst is a runtime code-patching library that is useful in developing dynamic program analysis probes and applying them to compiled executables. Dyninst does not require source code or recompilation in general, however, non-stripped executables and executables with debugging symbols are easier to instrument.
  • Gcov is the GNU source code coverage program.
  • HP Security Suite is a suite of Tools at various stages of development. QAInspect and WebInspect are generally considered Dynamic Analysis Tools, while DevInspect is considered a static code analysis tool.
  • IBM Rational AppScan is a suite of application security solutions targeted for different stages of the development lifecycle. The suite includes two main dynamic analysis products - IBM Rational AppScan Standard Edition, and IBM Rational AppScan Enterprise Edition. In addition, the suite includes IBM Rational AppScan Source Edition - a static analysis tool.
  • Intel Thread Checker is a runtime threading error analysis tool which can detect potential data races and deadlocks in multithreaded Windows or Linux applications.
  • Intel Parallel Inspector performs run time threading and memory error analysis in Windows.
  • Iroh.js is a runtime code analysis library for JavaScript. It keeps track of the code execution path, provides runtime listeners to listen for specific executed code patterns and allows to intercept and manipulate the program's execution behavior.
  • Parasoft Insure++ is runtime memory analysis and error detection tool. Its Inuse component provides a graphical view of memory allocations over time, with specific visibility into overall heap usage, block allocations, possible outstanding leaks, etc.
  • Parasoft Jtest uses runtime error detection to expose defects such as race conditions, exceptions, resource & memory leaks, and security attack vulnerabilities.
  • Prism from CriticalBlue is an tool that dynamically traces software applications at runtime and captures data that can be used to analyze and identify the causes of poor performance.
  • Purify: mainly memory corruption detection and memory leak detection.
  • Valgrind runs programs on a virtual processor and can detect memory errors (e.g., misuse of malloc and free) and race conditions in multithread programs.
  • VB Watch injects dynamic analysis code into Visual Basic programs to monitor their performance, call stack, execution trace, instantiated objects, variables and code coverage.

Most performance analysis tools use dynamic program analysis techniques.[citation needed]

Historical examples[edit]

See also[edit]


  1. ^ Dowson, M. (March 1997). "The Ariane 5 Software Failure". Software Engineering Notes. 22 (2): 84. doi:10.1145/251880.251992. 

Further reading[edit]

External links[edit]