Dor Nurit, Rodeh Michael, and Sagiv Mooly. Detecting memory errors via static pointer analysis. In Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), pages 27--34, New York, NY, Jun 1998. ACM.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....similarities between our type system and Tofte and Talpin s region type system, we believe that Tofte and Birkedal s region inference algorithm [TB98] can be adapted to our type system. Automatic alias analysis has been heavily studied in recent years [And94, BCCH94, CRL99, Das00, DMW98, Deu94, DRS98, EGH94, FRD00, HT01, HP98, LR92, SRW99, SH97, Ste96, WL95, YHR99, ZRL96] Our type system incorporates may alias analysis to check the correctness of restrict annotations. The may alias analysis we use is very conservative, and in the future we plan to extend our type system to use more precise ....

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting Memory Errors via Static Pointer Analysis. In Proceedings of the ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, pages 27-34, Montreal, Canada, June 1998.

....specify the state of interface variables. On the one hand, this makes it possible to find a part of errors connected with interprocedural relations although the applied analysis is intraprocedural, and on the other hand, this helps one to reduce the number of warnings. There exist another approach [5] to the development of a realistic static analyser that detects memory errors. The goal of the approach is to reduce the number of false alarms in the analyser messages. The core of program analysis techniques was identified. The main technique was announced to be the pointer aliasing algorithm ....

....of previous instances of heap (new ) variables and local variables of recursive procedures; analysis of flows induced by exceptions in Java programs [17] The above analyses are implemented in the static analyser OSA. They cover the core of program analysis techniques presented in [5], except the shape analysis. The necessity of the above analyses is discussed below. The context sensitive analysis is obviously necessary. In the context insensitive analysis, the overwhelming majority of variable definitions can be approximated only as the possible ones. The following property ....

[Article contains additional citation context not shown here]

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis (preliminary experience) . SIGPLAN Notices, 33(7):27--34, 1998.

....connections with research on alias analyses [5, 21, 17] Much of that work aims to facilitate program optimizations that require aliasing information in order to be correct. However, these optimizations do not necessarily make it harder to check the safety of the resulting program. Other work [7, 6] attempts to determine when programs written in unsafe languages, such as C, perform potentially unsafe operations. Our goals are closer to the latter application but di#er because we are most interested in compiling safe languages and producing low level code that can be proven safe in a single ....

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), Montreal, June 1998.

....precision have the advantage of being independent of the speci c choices made in using the analysis information by a particular tool. 2 Related Work Andersen s [And94] and Steensgaard s [Ste96] points to analyses are only two choices in a vast array of possible alias analyses, among them [BCCH94, CRL99, Das00, DMW98, Deu94, DRS98, EGH94, FRD00, HP98, LR92, SRW99, SH97, WL95, YHR99, ZRL96]. As our results suggest, the bene t of polymorphism (more generally, context sensitivity) may vary greatly with the particular analysis. Hindley Milner style polymorphism [Mil78] has been studied extensively. The only direct applications of Hindley Milner polymorphism to C of which we are aware ....

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting Memory Errors via Static Pointer Analysis. In Proceedings of the ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, pages 27-34, Montreal, Canada, June 1998.

....connections with research on alias analyses [6, 19, 17] Much of that work aims to facilitate program optimizations that require aliasing information in order to be correct. However, these optimizations do not necessarily make it harder to check the safety of the resulting program. Other work [8, 7] attempts to determine when programs written in unsafe languages, such as C, perform potentially unsafe operations. Our goals are closer to the latter application but di er because we are most interested in compiling safe languages and producing low level code that can be proven safe in a single ....

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), Montreal, June 1998.

....of relative precision have the advantage of being independent of the speci c choices made in using the analysis information by a particular tool. 2 Related Work Andersen s [4] and Steensgaard s [29] points to analyses are only two choices in a vast array of possible alias analyses, among them [5, 6, 7, 8, 9, 10, 11, 15, 19, 20, 27, 28, 31, 33, 34]. As our results suggest, the bene t of polymorphism (more generally, context sensitivity) may vary greatly with the particular analysis. Hindley Milner style polymorphism [21] has been studied extensively. The only direct applications of Hindley Milner polymorphism to C of which we are aware are ....

N. Dor, M. Rodeh, and M. Sagiv. Detecting Memory Errors via Static Pointer Analysis. In Proceedings of the ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, pages 27-34, Montreal, Canada, June 1998.

....trees and name specifiers involving at most 3 attributes, 3 values and 3 objects. 3. 3 Finding Bugs in Code Our third case study illustrates how Alloy can be used at a lower level, to check code [14] We took a suite of list manipulating procedures that have been used to evaluate shape analyses [5]. Each procedure was specified by an Alloy constraint; we then used the Alloy analyzer to check that the body of the procedure satisfied the constraint. If the constraint was not found to be satisfied, a counterexample was generated that corresponds to a bad execution of the procedure. These ....

Nurit Dor, Michael Rodeh & Mooly Sagiv. Detecting Memory Errors via Static Pointer Analysis. Proceedings of the ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), Montreal, June 1998.

....For every program point a conservative, nite characterization of the possible shapes that the program s heap allocated data structures can have at that point is provided. For certain programs it is possible to infer the underlying data structures, e.g. linked lists and trees. However, in [7] it has been reported that for detecting some memory errors (memory leaks, dereferencing of nil pointers, etc. the relationship between di erent variables as well as control ow must be modeled, which is not included in the shape analysis of [23] This drawback has been overcome by a re ned shape ....

....for detecting some memory errors (memory leaks, dereferencing of nil pointers, etc. the relationship between di erent variables as well as control ow must be modeled, which is not included in the shape analysis of [23] This drawback has been overcome by a re ned shape analysis as described in [7]. On the other hand the approach of [7] limits the number of loop iterations which accounts also for the method speci ed in [20] In [15] a method is presented that approximates the shape of dynamic data structures. For programs that make major structural changes to data structures, the shape ....

[Article contains additional citation context not shown here]

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis. In Workshop on Program Analysis for Software Tools and Engineering PARLE'98. ACM Press, 1998.

....connections with research on alias analyses [6, 20, 17] Much of that work aims to facilitate program optimizations that require aliasing information in order to be correct. However, these optimizations do not necessarily make it harder to check the safety of the resulting program. Other work [8, 7] attempts to determine when programs written in unsafe languages, such as C, perform potentially unsafe operations. Our goals are closer to the latter application but di er because we are most interested in compiling safe languages and producing low level code that can be proven safe in a single ....

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), Montreal, June 1998.

No context found.

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis. In Proceedings of the ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), pages 27-34, June 1998. Available at \http://www.math.tau.ac.il/ nurr/paste98.ps.gz".

....information can be used to understand, verify, optimize [GH98] or parallelize [LH88, Hen90, AW93, PCK93, Zap99] programs. For example, it can be utilized to check at compile time for the absence of certain types of memory management errors, such as memory leakage or dereference of null pointers [DRS98, DRS00]. In the past two decades, many shape analysis algorithms have been developed [JM81, JM82, LH88, HPR89, CWZ90, Str92, AW93, PCK93, Wan94, SRW98] The quality , and thus the usability, of the information these algorithms can determine relies on the assumption that the number of variables is ....

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis. In Proceedings of the ACM SIGPLANSIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), pages 27-34, June 1998. Available at \http://www.math.tau.ac.il/ nurr/paste98.ps.gz".

....(see Section 2) It does not yield any false alarm on quite intricate C programs (see Table 1) On programs manipulating more complicated data structures such as cyclic lists and tree, it produces false alarms. It represents memory states as Shape Graphs with Reachability from stack variables (see [5]) and thus we call it SG R. To assess the usability of our new algorithm we implemented it using PAG a program analyzer generator developed at Saarland University [15] On bad examples SG R can be rather slow. However, it is reasonably efficient on non trivial programs that we tried. It runs ....

....of our new algorithm we implemented it using PAG a program analyzer generator developed at Saarland University [15] On bad examples SG R can be rather slow. However, it is reasonably efficient on non trivial programs that we tried. It runs significantly faster than the algorithm described in [5] since it avoids the cost of transitive closure. It also compares favorably with verification systems aimed at showing memory cleanness since it does not require loop invariants. Interestingly, SG R runs significantly faster than the verification system described in [13] on the programs we tried. ....

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis. In Proceedings of the ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), pages 27--34, June 1998. Available at "http://www.math.tau.ac.il/ nurr/paste98.ps.gz".

....of the elem delete procedure c is pointing to an acyclic list. This information is part of the shape information. 1.4. 2 Experimental results We have implemented the abstract memory representation and the cleannesschecking algorithm as suggested in this thesis and also partially presented in [13]. Our main concern in this thesis is the number of false alarm and not the efficiency of the algorithm. Therefore we choose to use sets of graphs which is much less efficient but more precise than the combined shape graph approach presented in [47] We have run the algorithm on a few small but ....

N. Dor, M. Rodeh, and M. Sagiv. Detecting memory errors via static pointer analysis. In SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), New York, NY, 1998. ACM Press.

No context found.

Dor Nurit, Rodeh Michael, and Sagiv Mooly. Detecting memory errors via static pointer analysis. In Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), pages 27--34, New York, NY, Jun 1998. ACM.

No context found.

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE'98), Montreal, June 1998.

No context found.

N. Dor, M. Rodeh, and M. Sagiv, "Detecting Memory Errors via Static Pointer Analysis", SIGPLAN / SIGSOFT Workshop on Program Analysis For Software Tools and Engineering (PASTE 98), June 1998, pp. 2734.

No context found.

N. Dor, M. Rodeh, and S. Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In Workshop on Program Analysis For Software Tools and Engineering, pages 27-34. ACM, 1998.

No context found.

Nurit Dor, Michael Rodeh, and Mooly Sagiv. Detecting memory errors via static pointer analysis (preliminary experience). In ACM Workshop on Program Analysis for Software Tools and Engineering, pages 27--34, Montreal, Canada, June 1998.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC