Static detection of dynamic memory errors
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
ESP: path-sensitive program verification in polynomial time
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Using redundancies to find errors
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Declaring and checking non-null types in an object-oriented language
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Evaluating the imprecision of static analysis
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
MSR '05 Proceedings of the 2005 international workshop on Mining software repositories
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Finding more null pointer bugs, but not too many
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Improving software quality with static analysis
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Techniques for specifying bug patterns
Proceedings of the 2007 ACM workshop on Parallel and distributed systems: testing and debugging
Tracking bad apples: reporting the origin of null and undefined value errors
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Practical pluggable types for java
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
A report on a survey and study of static analysis users
DEFECTS '08 Proceedings of the 2008 workshop on Defects in large software systems
Semantic Foundations and Inference of Non-null Annotations
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Masked types for sound object initialization
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A non-null annotation inferencer for Java bytecode
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Accurate Interprocedural Null-Dereference Analysis for Java
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Fault localization and repair for Java runtime exceptions
Proceedings of the eighteenth international symposium on Software testing and analysis
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Java bytecode verification for @NonNull types
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
The fluid software metadata framework (FSM)
Proceedings of the 2nd ACM SIGCHI symposium on Engineering interactive computing systems
Fade to Grey: Tuning Static Program Analysis
Electronic Notes in Theoretical Computer Science (ENTCS)
Building and using pluggable type systems
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
The case for software evolution
Proceedings of the FSE/SDP workshop on Future of software engineering research
Formal Methods in System Design
Formalisation and implementation of an algorithm for bytecode verification of @NonNull types
Science of Computer Programming
Inference of field initialization
Proceedings of the 33rd International Conference on Software Engineering
Building and using pluggable type-checkers
Proceedings of the 33rd International Conference on Software Engineering
Software and Systems Modeling (SoSyM)
Null dereference verification via over-approximated weakest pre-conditions analysis
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Measuring enforcement windows with symbolic trace interpretation: what well-behaved programs say
Proceedings of the 2012 International Symposium on Software Testing and Analysis
What should developers be aware of? An empirical study on the directives of API documentation
Empirical Software Engineering
Non-null references by default in java: alleviating the nullity annotation burden
ECOOP'07 Proceedings of the 21st European conference on Object-Oriented Programming
Innovations in Systems and Software Engineering
Inferring project-specific bug patterns for detecting sibling bugs
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Hi-index | 0.00 |
Using static analysis to detect memory access errors, such as null pointer dereferences, is not a new problem. However, much of the previous work has used rather sophisticated analysis techniques in order to detect such errors.In this paper we show that simple analysis techniques can be used to identify many such software defects, both in production code and in student code. In order to make our analysis both simple and effective, we use a non-standard analysis which is neither complete nor sound. However, we find that it is effective at finding an interesting class of software defects.We describe the basic analysis we perform, as well as the additional errors we can detect using techniques such as annotations and inter-procedural analysis.In studies of both production software and student projects, we find false positive rates of around 20% or less. In the student code base, we find that our static analysis techniques are able to pinpoint 50% to 80% of the defects leading to a null pointer exception at runtime.