SUMMARY-BASED POINTER ANALYSIS FRAMEWORK FOR MODULAR BUG FINDING

AUTOR(ES)

Marcio de Oliveira Buss

FONTE

IBICT - Instituto Brasileiro de Informação em Ciência e Tecnologia

DATA DE PUBLICAÇÃO

2008

RESUMO

Modern society is irreversibly dependent on computers and, consequently, on software. However, as the complexity of programs increase, so does the number of defects within them. To alleviate the problem, automated techniques are constantly used to improve software quality. Static analysis is one such approach in which violations of correctness properties are searched and reported. Static analysis has many advantages, but it is necessarily conservative because it symbolically executes the program instead of using real inputs, and it considers all possible executions simultaneously. Being conservative often means issuing false alarms, or missing real program errors. Pointer variables are a challenging aspect of many languages that can force static analyis tools to be overly conservative. It is often unclear what variables are affected by pointer-manipulating expressions, and aliasing between variables is one of the banes of program analysis. To alleviate that, a common solution is to allow the programmer to provide annotations such as declaring a variable as unaliased in a given scope, or providing special constructs such as the \"never-null\" pointer of Cyclone. However, programmers rarely keep these annotations up-to-date. The solution is to provide some form of pointer analysis, which derives useful information about pointer variables in the program. An appropriate pointer analysis equips the static tool so that it is capable of reporting more errors without risking too many false alarms. This dissertation proposes a methodology for pointer analysis mat is specially tailored for \"modular bug finding.\" It presents a new analysis space for pointer analysis, defined by finer-grain \"dimensions of precision,\" which allows us to explore and evaluate a variety of different algorithms to achieve better trade-offs between analysis precision and efficiency. This framework is developed around a new abstraction for computing points-to sets, the Assign-Fetch Graph, that has many interesting features. Empirical evaluation shows promising results, as some unknown errors in well-known applications were discovered.

ASSUNTO(S)

análise estática de programas compiladores linguagens de programação ciencia da computacao engenharia de software sistemas digitais bug-finding pointer analysis

Documentos Relacionados

• Biopipe: A Flexible Framework for Protocol-Based Bioinformatics Analysis
• UM FRAMEWORK PARA COMUNICAÇÃO BASEADA EM LOCALIZAÇÃO
• Research protocol: EB-GIS4HEALTH UK – foundation evidence base and ontology-based framework of modular, reusable models for UK/NHS health and healthcare GIS applications
• A knowledge based framework for planning house building projects
• Nursing home admission risk and the cost-effectiveness of community-based long-term care: a framework for analysis.