Evaluating and tuning a static analysis to find null pointer bugs

Hovemeyer, David; Spacco, Jaime; Pugh, William

doi:10.1145/1108768.1108798

Cited by 63 publications

(60 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Null pointer dereferences are frequent [31], and have been reported as "a very serious threat to the safety of programs" and are the most common error in Java programs [7]. Many classes of null pointer exceptions can be found automatically by static analyses [15]. Addressing such risks with fault-tolerance techniques is a promising avenue.…”

Section: Introductionmentioning

confidence: 99%

Changing Java's Semantics for Handling Null Pointer Exceptions

Dobolyi

Weimer

2008

2008 19th International Symposium on Software Reliability Engineering (ISSRE)

View full text Add to dashboard Cite

We envision a world where no exceptions are raised; instead, language semantics are changed so that operations are total functions. Either an operation executes normally or tailored recovery code is applied where exceptions would have been raised. As an initial step and evaluation of this idea, we propose to transform programs so that null pointer dereferences are handled automatically without a large runtime overhead. We increase robustness by replacing code that raises null pointer exceptions with error-handling code, allowing the program to continue execution. Our technique first finds potential null pointer dereferences and then automatically transforms programs to insert null checks and error-handling code. These transformations are guided by composable, context-sensitive recovery policies. Errorhandling code may, for example, create default objects of the appropriate types, or restore data structure invariants. If no null pointers would be dereferenced, the transformed program behaves just as the original.We applied our transformation in experiments involving multiple benchmarks, the Java Standard Library, and externally reported null pointer exceptions. Our technique was able to handle the reported exceptions and allow the programs to continue to do useful work, with an average execution time overhead of less than 1% and an average bytecode space overhead of 22%.

show abstract

Section: Introductionmentioning

confidence: 99%

Changing Java's Semantics for Handling Null Pointer Exceptions

Dobolyi

Weimer

2008

2008 19th International Symposium on Software Reliability Engineering (ISSRE)

View full text Add to dashboard Cite

show abstract

“…However, no mechanism for actually checking non-null types was presented. The FindBugs tool checks @NonNull annotations using a dataflow analysis that accounts for comparisons against null [16,15]. Their approach does not employ type aliasing and provides no guarantee that all potential errors will be reported.…”

Section: Related Workmentioning

confidence: 99%

“…[25,10,16,3,8]), none has directly addressed the problem of bytecode verification. While these existing techniques could be used for this purpose, they operate on higher-level program representations and must first translate bytecode into their representation.…”

Section: Introductionmentioning

confidence: 99%

Java Bytecode Verification for @NonNull Types

Male

Pearce

Potanin

et al.

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Java's annotation mechanism allows us to extend its type system with non-null types. However, checking such types cannot be done using the existing bytecode verification algorithm. We extend this algorithm to verify non-null types using a novel technique that identifies aliasing relationships between local variables and stack locations in the JVM. We formalise this for a subset of Java Bytecode and report on experiences using our implementation.

show abstract

“…In response, many tools have been developed to reduce the overwhelming cost of finding and fixing bugs (e.g. [4,15,20,23,30,31,45,47,53,71]) and to ensure long-term system understandability and evolvability (e.g. [11,12,13,41,55,58,59]).…”

Section: Introductionmentioning

confidence: 99%

“…[11,12,13,41,55,58,59]). Despite these advancements, developers still struggle to handle the volume of maintenance tasks that arise in practice [31].…”

Section: Introductionmentioning

confidence: 99%

Leveraging Light-Weight Analyses to Aid Software Maintenance

Fry

View full text Add to dashboard Cite

Software maintenance can account for up to 90% of a system's life cycle cost. As a result, many automated techniques have been developed to reduce the overall effort necessary to sustain software over time. While many of these tools work well under certain circumstances, we believe that they could be improved by taking advantage of large untapped sources of unstructured information that result from natural software development. As the size and complexity of systems increases, taking advantage of such previously-overlooked information is of paramount importance.The proposed research will design lightweight analyses to extract latent information encoded by humans in software development artifacts and thereby reduce the costs of software maintenance. We will design analyses that apply throughout the maintenance process, focusing on three areas: (1) triaging large collections of exposed defects; (2) guiding the search for automatic defect repairs; and (3) ensuring the continued consistency of system documentation over time.For each area of proposed research we aim to improve upon existing approaches to reduce the total cost of software maintenance while requiring minimal additional developer effort. We will evaluate the proposed work using these criteria on a diverse set of real world programs totaling millions of lines of code to concretely show the reduction of maintenance cost and improvement upon existing processes.

show abstract

Evaluating and tuning a static analysis to find null pointer bugs

Cited by 63 publications

References 16 publications

Changing Java's Semantics for Handling Null Pointer Exceptions

Changing Java's Semantics for Handling Null Pointer Exceptions

Java Bytecode Verification for @NonNull Types

Leveraging Light-Weight Analyses to Aid Software Maintenance

Contact Info

Product

Resources

About