Static detection of dynamic memory errors
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
Bugs as deviant behavior: a general approach to inferring errors in systems code
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
ARCHER: using symbolic, path-sensitive analysis to detect memory access errors
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
ACM SIGPLAN Notices
Evaluating and tuning a static analysis to find null pointer bugs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Tracking defect warnings across versions
Proceedings of the 2006 international workshop on Mining software repositories
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Evaluating static analysis defect warnings on production software
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Finding more null pointer bugs, but not too many
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Variably interprocedural program analysis for runtime error detection
Proceedings of the 2007 international symposium on Software testing and analysis
Calysto: scalable and precise extended static checking
Proceedings of the 30th international conference on Software engineering
Predicting accurate and actionable static analysis warnings: an experimental approach
Proceedings of the 30th international conference on Software engineering
Verifying dereference safety via expanding-scope analysis
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Z-ranking: using statistical analysis to counter the impact of static analysis approximations
SAS'03 Proceedings of the 10th international conference on Static analysis
Fault localization and repair for Java runtime exceptions
Proceedings of the eighteenth international symposium on Software testing and analysis
Gaining insight into programs that analyze programs: by visualizing the analyzed program
Proceedings of the 24th ACM SIGPLAN conference companion on Object oriented programming systems languages and applications
Proceedings of the 24th ACM SIGPLAN conference companion on Object oriented programming systems languages and applications
Demystifying model transformations: an approach based on automated rule inference
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
BUGINNINGS: identifying the origins of a bug
Proceedings of the 3rd India software engineering conference
Towards a unified fault-detection benchmark
Proceedings of the 9th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Null dereference analysis in practice
Proceedings of the 9th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Making defect-finding tools work for you
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Exploiting program dependencies for scalable multiple-path symbolic execution
Proceedings of the 19th international symposium on Software testing and analysis
Defective error/pointer interactions in the Linux kernel
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Reuse, recycle to de-bloat software
Proceedings of the 25th European conference on Object-oriented programming
Null dereference verification via over-approximated weakest pre-conditions analysis
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
A framework for analyzing programs written in proprietary languages
Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion
BugRedux: reproducing field failures for in-house debugging
Proceedings of the 34th International Conference on Software Engineering
Puzzle-based automatic testing: bringing humans into the loop by solving puzzles
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
What should developers be aware of? An empirical study on the directives of API documentation
Empirical Software Engineering
Reproducing and debugging field failures in house
Proceedings of the 2013 International Conference on Software Engineering
Combining concern input with program analysis for bloat detection
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Efficient high-level abstractions for web programming
Proceedings of the 12th international conference on Generative programming: concepts & experiences
| Hi-index | 0.00 |
Null dereference is a commonly occurring defect in Java programs, and many static-analysis tools identify such defects. However, most of the existing tools perform a limited interprocedural analysis. In this paper, we present an interprocedural path-sensitive and context-sensitive analysis for identifying null dereferences. Starting at a dereference statement, our approach performs a backward demand-driven analysis to identify precisely paths along which null values may flow to the dereference. The demand-driven analysis avoids an exhaustive program exploration, which lets it scale to large programs. We present the results of empirical studies conducted using large open-source and commercial products. Our results show that: (1) our approach detects fewer false positives, and significantly more interprocedural true positives, than other commonly used tools; (2) the analysis scales to large subjects; and (3) the identified defects are often deleted in subsequent releases, which indicates that the reported defects are important.