Detecting Errors with Configurable Whole-program Dataflow Analysis
نویسندگان
چکیده
In this paper, we present an automatic compiler-based approach for detecting programming errors. Our system uses a configurable and scalable whole-program dataflow analysis engine driven by highlevel programmer-written annotations. We show that our system can automatically detect a wide range of programmer errors in C programs, including improper use of libraries, information leaks, and security vulnerabilities. We show that the aggressive compiler analysis that our system performs yields precise results. Our system precisely detects a wide range of errors with greater scalability than previous automatic approaches. For one important class of security vulnerabilities, our system automatically finds all known errors in five medium to large C programs without producing any false positives.
منابع مشابه
Detecting Concurrently Executed Paris of Statements Using Adapted MHP Algorithm
Information about which pairs of statements in a concurrent program can be executed concurrently is important for improving the accuracy of dataflow analysis, optimizing programs, and detecting errors. This paper presents a new method named Concurrent Control Flow Graph for representing concurrent Ada programs in a simple and precise way. Based on this method, we develop an Adapted MHP (May Hap...
متن کاملTractable Dataflow Analysis for Distributed Systems
Automated behavior analysis is a valuable technique in the development and maintainence of distributed systems. In this paper, we present a tractable dataflow analysis technique for the detection of unreachable states and actions in distributed systems. The technique follows an approximate approach described by Reif and Smolka, but delivers a more accurate result in assessing unreachable states...
متن کاملDataflow Frequency Analysis CS701
This lecture continues the presentation of how to perform Dataflow Frequency Analysis [5] on the folded DAG structure generated via the Larus algorithm for collecting a whole-program path. The frequency-analysis technique can be applied to the class of bi-distributive dataflowanalysis problems. This lecture formalizes the technique of generating dataflow-frequency facts by traversing the DAG re...
متن کاملStatic Analysis of Dynamic Languages
Dynamic programming languages are highly popular and widely used. JavaScript is often called the lingua franca of the web and it is the de facto standard for client-side web programming. On the server-side the PHP, Python and Ruby languages are prevalent. What these languages have in common is an expressive power which is not easily captured by any static type system. These, and similar dynamic...
متن کاملInterprocedural Dataflow Analysis in the Presence of Large Libraries
Interprocedural dataflow analysis has a large number of uses for software optimization, maintenance, testing, and verification. For software built with reusable components, the traditional approaches for whole-program analysis cannot be used directly. This paper considers component-level analysis of a main component which is built on top of a pre-existing library component. We propose an approa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001