Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Object-oriented type inference
OOPSLA '91 Conference proceedings on Object-oriented programming systems, languages, and applications
Two classes of Boolean functions for dependency analysis
Science of Computer Programming
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Java Virtual Machine Specification
Java Virtual Machine Specification
Houdini, an Annotation Assistant for ESC/Java
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
Declaring and checking non-null types in an object-oriented language
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Evaluating and tuning a static analysis to find null pointer bugs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Propagation of JML non-null annotations in Java programs
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
Deriving escape analysis by abstract interpretation
Higher-Order and Symbolic Computation
Finding more null pointer bugs, but not too many
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Establishing object invariants with delayed types
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
The JastAdd extensible Java compiler
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
The Daikon system for dynamic detection of likely invariants
Science of Computer Programming
Practical pluggable types for java
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Semantic Foundations and Inference of Non-null Annotations
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Nullness Analysis in Boolean Form
SEFM '08 Proceedings of the 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods
Java bytecode verification for @NonNull types
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Pair-sharing analysis of object-oriented programs
SAS'05 Proceedings of the 12th international conference on Static Analysis
Magic-sets transformation for the analysis of java bytecode
SAS'07 Proceedings of the 14th international conference on Static Analysis
Non-null references by default in java: alleviating the nullity annotation burden
ECOOP'07 Proceedings of the 21st European conference on Object-Oriented Programming
The nullness analyser of JULIA
LPAR'10 Proceedings of the 16th international conference on Logic for programming, artificial intelligence, and reasoning
Inference of field initialization
Proceedings of the 33rd International Conference on Software Engineering
Static analysis of Android programs
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Magic-sets for localised analysis of Java bytecode
Higher-Order and Symbolic Computation
Null dereference verification via over-approximated weakest pre-conditions analysis
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Automaton-Based array initialization analysis
LATA'12 Proceedings of the 6th international conference on Language and Automata Theory and Applications
Verification games: making verification fun
Proceedings of the 14th Workshop on Formal Techniques for Java-like Programs
Static analysis of Android programs
Information and Software Technology
Automated detection of non-termination and nullpointerexceptions for Java Bytecode
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Definite expression aliasing analysis for java bytecode
ICTAC'12 Proceedings of the 9th international conference on Theoretical Aspects of Computing
Inferring complete initialization of arrays
Theoretical Computer Science
Inferring project-specific bug patterns for detecting sibling bugs
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Reachability analysis of program variables
ACM Transactions on Programming Languages and Systems (TOPLAS)
Hi-index | 0.00 |
In Java, C or C++, attempts to dereference the null value result in an exception or a segmentation fault. Hence, it is important to identify those program points where this undesired behaviour might occur or prove the other program points (and possibly the entire program) safe. To that purpose, null-pointer analysis of computer programs checks or infers non-null annotations for variables and object fields. With few notable exceptions, null-pointer analyses currently use run-time checks or are incorrect or only verify manually provided annotations. In this paper, we use abstract interpretation to build and prove correct a first, flow and context-sensitive static null-pointer analysis for Java bytecode (and hence Java) which infers non-null annotations. It is based on Boolean formulas, implemented with binary decision diagrams. For better precision, it identifies instance or static fields that remain always non-null after being initialised. Our experiments show this analysis faster and more precise than the correct null-pointer analysis by Hubert, Jensen and Pichardie. Moreover, our analysis deals with exceptions, which is not the case of most others; its formulation is theoretically clean and its implementation strong and scalable. We subsequently improve that analysis by using local reasoning about fields that are not always non-null, but happen to hold a non-null value when they are accessed. This is a frequent situation, since programmers typically check a field for non-nullness before its access. We conclude with an example of use of our analyses to infer null-pointer annotations which are more precise than those that other inference tools can achieve.