Finding more null pointer bugs, but not too many

Hovemeyer, David; Pugh, William

doi:10.1145/1251535.1251537

Cited by 93 publications

(49 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…5,7 Although developers might need to examine dozens of lines to understand some defects reported by FindBugs, most can be understood by examining only a few lines of code. One common case is using the wrong relational or Boolean operation, as in a test to see whether (name != null || name.length > 0).…”

Section: Defects In Real Codementioning

confidence: 99%

See 1 more Smart Citation

Using Static Analysis to Find Bugs

et al. 2008

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Defects In Real Codementioning

confidence: 99%

“…[5][6][7] The FindBugs project began as an observation, developed into an experiment, and snowballed into a widely used tool with more than half a million downloads worldwide. The observation that started it all was that some Java programs contained blatant mistakes that were detectable with fairly trivial analysis techniques.…”

mentioning

confidence: 99%

Using Static Analysis to Find Bugs

et al. 2008

Self Cite

View full text Add to dashboard Cite

show abstract

“…inferring nullness property for blocks of code from the guards. This is notably the case of FindBugs [11,10] and of the work by Male et al [15]. They rely on path-sensitive analysis and the treatment of field initialization is very weak.…”

Section: Introductionmentioning

confidence: 99%

Semantic Foundations and Inference of Non-null Annotations

Hubert

Jensen

Pichardie

2008

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper proposes a semantics-based automatic null pointer analysis for inferring non-null annotations of fields in objectoriented programs. The analysis is formulated for a minimalistic OO language and is expressed as a constraint-based abstract interpretation of the program which for each field of a class infers whether the field is definitely non-null or possibly null after object initialization. The analysis is proved correct with respect to an operational semantics of the minimalistic OO language. This correctness proof has been machine checked using the Coq proof assistant. We also prove the analysis complete with respect to the non-null type system proposed by Fähndrich and Leino, in the sense that for every typable program the analysis is able to prove the absence of null dereferences without any hand-written annotations. Experiments with a prototype implementation of the analysis show that the inference is feasible for large programs.

show abstract

“…With the generation of this list of warnings, we attempt to accumulate "lessons learned" experiences such that common errors and pitfalls are detected. The approach is stimulated by the way software development is supported by static code analysis, where a software tool generates a report for a given program code that lists locations in the code base that require further attention based on a set of rules that incorporate knowledge on common pitfalls in programming; see FindBugs as a particular example [7]. In dependability modeling, there is no one (or few) common main stream model notation as it is the case in programming, but there is a common ground for the execution of stochastic DEDS models as a state transition system.…”

Section: Introductionmentioning

confidence: 99%

Report generation for simulation traces with Traviando

Kemper

2009

2009 IEEE/IFIP International Conference on Dependable Systems &Amp; Networks

View full text Add to dashboard Cite

Any model-based evaluation of the dependability of a system requires validation and verification to justify that its results are meaningful. Modern modeling frameworks enable us to create and evaluate models of great complexity. However, we believe that much more can be done to support a modeler in ensuring that the dynamic behavior of an executable simulation model is consistent with the modeler's understanding. In this paper, we describe a new command line version of Traviando that reads an execution trace of a discrete event simulation and generates a set of HTML formatted web pages to document properties that it recognizes from its input. Those properties include characteristics of state variables as well as changes to state variables that are performed by events. The point is to highlight the content of a simulation run in a format that is immediately accessible and understandable.

show abstract

Finding more null pointer bugs, but not too many

Cited by 93 publications

References 8 publications

Using Static Analysis to Find Bugs

Using Static Analysis to Find Bugs

Semantic Foundations and Inference of Non-null Annotations

Report generation for simulation traces with Traviando

Contact Info

Product

Resources

About