Static detection of dynamic memory errors
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Bugs as deviant behavior: a general approach to inferring errors in systems code
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
RacerX: effective, static detection of race conditions and deadlocks
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Evaluating and tuning a static analysis to find null pointer bugs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Techniques for specifying bug patterns
Proceedings of the 2007 ACM workshop on Parallel and distributed systems: testing and debugging
Hang analysis: fighting responsiveness bugs
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
A report on a survey and study of static analysis users
DEFECTS '08 Proceedings of the 2008 workshop on Defects in large software systems
Semantic Foundations and Inference of Non-null Annotations
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
A non-null annotation inferencer for Java bytecode
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
XFindBugs: eXtended FindBugs for AspectJ
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Accurate Interprocedural Null-Dereference Analysis for Java
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Using checklists to review static analysis warnings
Proceedings of the 2nd International Workshop on Defects in Large Software Systems: Held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2009)
Automatic Inference of Frame Axioms Using Static Analysis
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Java bytecode verification for @NonNull types
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Towards a unified fault-detection benchmark
Proceedings of the 9th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Formal Methods in System Design
The nullness analyser of JULIA
LPAR'10 Proceedings of the 16th international conference on Logic for programming, artificial intelligence, and reasoning
Formalisation and implementation of an algorithm for bytecode verification of @NonNull types
Science of Computer Programming
Inference of field initialization
Proceedings of the 33rd International Conference on Software Engineering
Software and Systems Modeling (SoSyM)
Defective error/pointer interactions in the Linux kernel
Proceedings of the 2011 International Symposium on Software Testing and Analysis
A multilayer overlay network architecture for enhancing IP services availability against dos
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Object model construction for inheritance in c++ and its applications to program analysis
CC'12 Proceedings of the 21st international conference on Compiler Construction
Residual investigation: predictive and precise bug detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
| Hi-index | 0.00 |
In the summer of 2006, the FindBugs project was challenged to improve the null pointer analysis in FindBugs so that we could find more null pointer bugs. In particular, we were challenged to try to do as well as a publicly available analysis by Reasoning, Inc on version 4.1.24 of Apache Tomcat. Reasoning's report is a result of running their own static analysis tool and using manual auditing to remove false positives. Reasoning reported a total of 9 null pointer warnings in Tomcat 4.1.24, of which only 2 were reported by FindBugs 1.0. While we wanted to improve the analysis in FindBugs, we wanted to retain our current low level of false positives. As of result of the work presented in this paper, FindBugs now reports 4 of the 9 warnings in Tomcat, shows that one of the warnings reported by Reasoning is a false positive, and classifies the remaining 4 as being dependent on the feasibility of a particular path, which cannot be easier ascertained by a local examination of the source code. Moreover, we found 24 additional null pointer bugs in Tomcat that had been missed by Reasoning, and overall doubled the number of null pointer bugs found by FindBugs while improving the quality and significance of reported defects.