Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications 2011
DOI: 10.1145/2048066.2048144
|View full text |Cite
|
Sign up to set email alerts
|

Null dereference verification via over-approximated weakest pre-conditions analysis

Abstract: Null dereferences are a bane of programming in languages such as Java. In this paper we propose a sound, demanddriven, inter-procedurally context-sensitive dataflow analysis technique to verify a given dereference as safe or potentially unsafe. Our analysis uses an abstract lattice of formulas to find a pre-condition at the entry of the program such that a null-dereference can occur only if the initial state of the program satisfies this pre-condition. We use a simplified domain of formulas, abstracting out in… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
13
0

Year Published

2012
2012
2021
2021

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 22 publications
(13 citation statements)
references
References 18 publications
0
13
0
Order By: Relevance
“…Another option is to use the predicates as elements of an abstract domain in static analysis (abstract interpretation). We could extend the technique described in [32], which aims to verify the correctness of dereferences using weakest preconditions and backward data flow analysis, so that it handles collections more precisely. We might also consider interpolation-based model checking procedures [22,24,35] that construct the abstraction on-the-fly during the traversal of the program state space.…”
Section: Resultsmentioning
confidence: 99%
“…Another option is to use the predicates as elements of an abstract domain in static analysis (abstract interpretation). We could extend the technique described in [32], which aims to verify the correctness of dereferences using weakest preconditions and backward data flow analysis, so that it handles collections more precisely. We might also consider interpolation-based model checking procedures [22,24,35] that construct the abstraction on-the-fly during the traversal of the program state space.…”
Section: Resultsmentioning
confidence: 99%
“…The base analysis was originally proposed, discussed, and evaluated by Madhavan and Komondoor [4]. The key elements of the base analysis are a base lattice of formulas, backwards transfer functions for each kind of statement that overapproximate the corresponding wp 1 semantics, as well as an inter-procedural component, based on a variant of Sharir-Pneuli's [5] tabulation based approach.…”
Section: The Base Analysismentioning
confidence: 99%
“…In this section we give an overview of the abstract lattice and transfer functions used by this analysis, as well as a few other key features of this analysis. A detailed discussion of this analysis can be found in a previous publication [4]. The data-flow lattice of the base analysis is described in Figure 2.…”
Section: Base Analysismentioning
confidence: 99%
See 2 more Smart Citations