Article

Finding more null pointer bugs, but not too many

Authors:
David Hovemeyer

York College of Pennsylvania, York, PA

York College of Pennsylvania, York, PA
View Profile

,
William Pugh

Univ. of Maryland, College Park, MD

Univ. of Maryland, College Park, MD
View Profile

PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineeringJune 2007Pages 9–14https://doi.org/10.1145/1251535.1251537

Published:13 June 2007Publication History

PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering

Pages 9–14

ABSTRACT

In the summer of 2006, the FindBugs project was challenged to improve the null pointer analysis in FindBugs so that we could find more null pointer bugs. In particular, we were challenged to try to do as well as a publicly available analysis by Reasoning, Inc on version 4.1.24 of Apache Tomcat. Reasoning's report is a result of running their own static analysis tool and using manual auditing to remove false positives. Reasoning reported a total of 9 null pointer warnings in Tomcat 4.1.24, of which only 2 were reported by FindBugs 1.0. While we wanted to improve the analysis in FindBugs, we wanted to retain our current low level of false positives.

As of result of the work presented in this paper, FindBugs now reports 4 of the 9 warnings in Tomcat, shows that one of the warnings reported by Reasoning is a false positive, and classifies the remaining 4 as being dependent on the feasibility of a particular path, which cannot be easier ascertained by a local examination of the source code. Moreover, we found 24 additional null pointer bugs in Tomcat that had been missed by Reasoning, and overall doubled the number of null pointer bugs found by FindBugs while improving the quality and significance of reported defects.

References

Apache Tomcat. http://tomcat.apache.org, 2006.Google Scholar
I. Dillig, T. Dillig, and A. Aiken. Static error detection using semantic inconsistency inference. In Proceedings of the Conference on Programming Language Design and Implementation, June 2007. Google ScholarDigital Library
D. Engler and K. Ashcraft. RacerX: effective, static detection of race conditions and deadlocks. In SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 237--252, New York, NY, USA, 2003. ACM Press. Google ScholarDigital Library
D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf. Bugs as deviant behavior: a general approach to inferring errors in systems code. In SOSP '01: Proceedings of the eighteenth ACM symposium on Operating systems principles, pages 57--72, New York, NY, USA, 2001. ACM Press. Google ScholarDigital Library
D. Evans. Static detection of dynamic memory errors. In PLDI '96: Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation, pages 44--53, New York, NY, USA, 1996. ACM Press. Google ScholarDigital Library
D. Hovemeyer, J. Spacco, and W. Pugh. Evaluating and tuning a static analysis to find null pointer bugs. In PASTE '05: The 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, pages 13--19, New York, NY, USA, 2005. ACM Press. Google ScholarDigital Library
W. Pugh. Null pointer detection microbenchmarks. http://findbugs.googlecode.com/svn/trunk/NullPointerBenchmark/, 2006.Google Scholar
Reasoning, Inc. Reasoning inspection service defect data report for Tomcat, version 4.1.24, January 2003. http://www.reasoning.com/pdf/Tomcat Defect Report.pdf.Google Scholar

Index Terms

Finding more null pointer bugs, but not too many

Recommendations

Evaluating and tuning a static analysis to find null pointer bugs
PASTE '05: Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering

Using static analysis to detect memory access errors, such as null pointer dereferences, is not a new problem. However, much of the previous work has used rather sophisticated analysis techniques in order to detect such errors.In this paper we show that ...
Read More
Evaluating static analysis defect warnings on production software
PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering

Static analysis tools for software defect detection are becoming widely used in practice. However, there is little public information regarding the experimental evaluation of the accuracy and value of the warnings these tools report. In this paper, we ...
Read More
Finding bugs in eclipse
OOPSLA '07: Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion

This will be a live demonstration of FindBugs, a static analysis bug finding tool, on the current development version of Eclipse 3.4. FindBugs reports issues such as null pointer dereferences, comparing incompatible types with equals, invalid method ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
June 2007
96 pages
ISBN:9781595935953
DOI:10.1145/1251535
General Chairs:
Manuvir Das
Center for Software Excellence, Microsoft Corp, USA
,
Dan Grossman
University of Washington, USA
Copyright © 2007 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 June 2007
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
FindBugs
Java
bug patterns
bugs
null pointers
software quality
static analysis
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate57of159submissions,36%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 91
  Total Citations
  View Citations
- 807
  Total Downloads
- Downloads (Last 12 months)41
- Downloads (Last 6 weeks)3
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Finding more null pointer bugs, but not too many

PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering

ABSTRACT

References

Cited By

Index Terms

Recommendations

Evaluating and tuning a static analysis to find null pointer bugs

Evaluating static analysis defect warnings on production software

Finding bugs in eclipse