doi: 10.4304/jsw.8.12.3120-3131
Detecting Null-dereference Bugs via a Backward Analysis
Abstract—Null dereference is a common occurring bug in programming languages such as C. In this paper, we propose a path-sensitive and context-sensitive approach that performs a backward dataflow analysis to identify nulldereference bugs. One novel feature of our approach is that with the help of aliasing predicates, it can perform strong updates in presence of aliasing, thus eliminating false positives. The aliasing predicates are introduced on the premise of a canonical representation for program being analyzed. Moreover, a context-sensitive algorithm for interprocedural null-dereference analysis is also presented in this paper, which also contributes to improve accuracy. We have implemented this approach, and give an evaluation of it on a set of open source benchmarks. The experimental results verify the effectiveness of our approach, and show that it is suitable for exploring large real programs with reasonable accuracy.
Index Terms—Null-dereference Analysis, Aliasing, Strong updates, Context-sensitive Inter-procedural Analysis.
Cite: Qian Wang, Dahai Jin, Yunzhan Gong, Hongbo Zhou, "Detecting Null-dereference Bugs via a Backward Analysis," Journal of Software vol. 8, no. 12, pp. 3120-3131, 2013.
General Information
ISSN: 1796-217X (Online)
Abbreviated Title: J. Softw.
Frequency: Quarterly
APC: 500USD
DOI: 10.17706/JSW
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Cecilia Xie
Abstracting/ Indexing: DBLP, EBSCO,
CNKI, Google Scholar, ProQuest,
INSPEC(IET), ULRICH's Periodicals
Directory, WorldCat, etcE-mail: jsweditorialoffice@gmail.com
-
Oct 22, 2024 News!
Vol 19, No 3 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Jun 12, 2024 News!
Vol 19, No 2 has been published with online version [Click]