首页 | 本学科首页   官方微博 | 高级检索  
     检索      

基于值依赖分析的空指针解引用检测
引用本文:马森,赵文,习翔宇,王栋伟.基于值依赖分析的空指针解引用检测[J].电子学报,2015,43(4):647-651.
作者姓名:马森  赵文  习翔宇  王栋伟
作者单位:1. 北京大学信息科学技术学院, 北京 100871; 2. 北京大学软件工程国家工程研究中心, 北京 100871; 3. 北京大学信息科学技术学院软件研究所高可信软件技术教育部重点实验室, 北京 100871
摘    要:本文提出了一种基于程序值依赖分析的、路径敏感的空指针解引用检测方法.该方法通过结合数据流分析中的到达定值分析、区间分析及指向分析创建了值依赖分析图,该图刻画了可能产生空指针语句到其解引用语句的值依赖关系.该图中的边采用守卫标注,即描述了相邻点之间的到达条件.为了降低误报率,本文同时提出了一种需求驱动的必然别名算法.由本文所述方法实现的工具展示了良好的实验效果,在10个SPEC2000项目中发现了70余个空指针解引用缺陷,误报率仅为6%左右.

关 键 词:程序分析  静态缺陷检测  空指针解引用检测  需求驱动别名分析  
收稿时间:2014-03-03

Null Pointer Dereference Detection Based on Value Dependences Analysis
MA Sen , ZHAO Wen , XI Xiang-yu , WANG Dong-wei.Null Pointer Dereference Detection Based on Value Dependences Analysis[J].Acta Electronica Sinica,2015,43(4):647-651.
Authors:MA Sen  ZHAO Wen  XI Xiang-yu  WANG Dong-wei
Institution:1. School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China; 2. National Engineering Research Center for Software Engineering, Peking University, Beijing 100871, China; 3. Key Laboratory of High Confidence Software Technologies (Ministry of Education), School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China
Abstract:This paper presents a context-sensitive and path-sensitive algorithm for detecting null pointer dereferences (NPD).Our algorithm tracks the flow of values from the points where a null pointer might be produced to dereference points via value dependence graph that captures def-use relations and combines interval analysis results.Edges in the graph are annotated with guards that describe branch conditions in the program.In the meantime,for reducing the false warnings we propose an innovative demand-driven must-alias algorithm using this graph.Our implemented tool detects more than 70 points which might produce null pointer dereferences in ten SPEC 2000 benchmarks while keeping the false positive rate around 6%,which is excellent experimental results.
Keywords:program analysis  static error detection  null pointer dereference detection  demand-driven alias analysis
本文献已被 CNKI 万方数据 等数据库收录!
点击此处可从《电子学报》浏览原始摘要信息
点击此处可从《电子学报》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号