Computing Must and May Alias to Detect Null Pointer Dereference

Ma, Xiaodong; Wang, Ji; Dong, Wei

doi:10.1007/978-3-540-88479-8_18

Computing Must and May Alias to Detect Null Pointer Dereference

Xiaodong Ma³,
Ji Wang³ &
Wei Dong³

Conference paper

1039 Accesses
3 Citations

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 17))

Abstract

This paper presents a novel algorithm to detect null pointer dereference errors. The algorithm utilizes both of the must and may alias information in a compact way to improve the precision of the detection. Using may alias information obtained by a fast flow- and context- insensitive analysis algorithm, we compute the must alias generated by the assignment statements and the must alias information is also used to improve the precision of the may alias. We can strong update more expressions using the must alias information, which will reduce the false positives of the detection for null pointer dereference. We have implemented our algorithm in the SUIF2 compiler infrastructure and the experiments results are as expected.

This work is supported by National Natural Science Foundation of China(60725206, 60673118 and 90612009), National 863 project of China(2006AA01Z429), Program for New Century Excellent Talents in University under grant No. NCET-04-0996.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Altucher, R.Z., Landi, W.: An extended form of must alias analysis for dynamic allocation. In: POPL 1995: Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 74–84. ACM, New York (1995)
Google Scholar
Babić, D., Hu, A.J.: Calysto: Scalable and Precise Extended Static Checking. In: Proceedings of 30th International Conference on Software Engineering (ICSE 2008), May 10–18 (2008)
Google Scholar
Emami, M.: A practical interprocedural alias analysis for an optimizing/parallelizing c compiler. Master’s thesis, McGill University (1993)
Google Scholar
Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for java. In: PLDI 2002: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation, pp. 234–245. ACM, New York (2002)
Chapter Google Scholar
Hind, M.: Pointer analysis: haven’t we solved this problem yet? In: PASTE 2001: Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, pp. 54–61. ACM, New York (2001)
Chapter Google Scholar
Hind, M., Burke, M., Carini, P., Choi, J.-D.: Interprocedural pointer alias analysis. ACM Transactions on Programming Languages and Systems 21(4), 848–894 (1999)
Article Google Scholar
Jones, N.D., Muchnick, S.S.: Flow analysis and optimization of lisp-like structures. In: POPL 1979: Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, pp. 244–256. ACM, New York (1979)
Google Scholar
Liang, D., Harrold, M.J.: Efficient points-to analysis for whole-program analysis. In: ESEC / SIGSOFT FSE, pp. 199–215 (1999)
Google Scholar
Manevich, R., Sridharan, M., Adams, S., Das, M., Yang, Z.: Pse: Explaining program failures via postmortem static analysis. In: Richard, N. (ed.) Proceedings of the 12th International Symposium on the Foundations of Software Engineering (FSE 2004)November 2004. ACM, New York (2004)
Google Scholar
Rugina, R., Rinard, M.: Pointer analysis for multithreaded programs. In: PLDI 1999: Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation, pp. 77–90. ACM Press, New York (1999)
Chapter Google Scholar
Samate test cases, http://samate.nist.gov
Steensgaard, B.: Points-to analysis in almost linear time. In: Symposium on Principles of Programming Languages, pp. 32–41 (1996)
Google Scholar
Xie, Y., Aiken, A.: Saturn: A scalable framework for error detection using boolean satisfiability. ACM Trans. Program. Lang. Syst. 29(3), 16 (2007)
Article Google Scholar

Download references

Author information

Authors and Affiliations

National Laboratory for Parallel and Distributed Processing, P.R. China
Xiaodong Ma, Ji Wang & Wei Dong

Authors

Xiaodong Ma
View author publications
You can also search for this author in PubMed Google Scholar
Ji Wang
View author publications
You can also search for this author in PubMed Google Scholar
Wei Dong
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Universität Potsdam, August-Bebel-Str. 89, 14482, Potsdam, Germany
Tiziana Margaria
Technische Universität Dortmund, Otto-Hahn-Str. 14, 44227, Dortmund, Germany
Bernhard Steffen

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Ma, X., Wang, J., Dong, W. (2008). Computing Must and May Alias to Detect Null Pointer Dereference. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. ISoLA 2008. Communications in Computer and Information Science, vol 17. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88479-8_18

Download citation

DOI: https://doi.org/10.1007/978-3-540-88479-8_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88478-1
Online ISBN: 978-3-540-88479-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics