Analyzer of Program Errors!!!

sergic@iis.nsk.su
24 Jun 1997 23:33:05 -0400

          From comp.compilers

Related articles
Analyzer of Program Errors!!! sergic@iis.nsk.su (1997-06-24)
| List of all articles for this month |
From: sergic@iis.nsk.su
Newsgroups: comp.compilers,comp.lang.modula2,comp.lang.oberon
Date: 24 Jun 1997 23:33:05 -0400
Organization: Institute of informatic Systems
Keywords: tools, analysis, Oberon, modula

            Static Analyzer OSA for Oberon-2/Modula-2 Programs
                        based on Must-data-flow Analysis


      Almost all static analyzers developed in the world are not
comfortable in usage because they may produce only warnings.
An user needs to waste much time and efforts to find real errors
in a long list of warnings. This is the main problem of existing
static analyzers. Usually a static analyzer has complicated multi-level
mechanisms for warnings suppression. For example, D.Evans [2] suggested
to include in source code the appropriate annotations about variable
states.


      Unlike most static analyzers, OSA is able to recognize errors in
a program. Mainly, in the current release, OSA detects data flow
anomalies of a program: uninitialized and unused variables, null pointer
dereference, unreachable branches of program, etc. Usually OSA indicates
to user a condition (a context) when detected situation turns to an error.


      In order to enable OSA to detect errors in analysed program, powerful
data flow analysis called a must-data-flow analysis has to be performed
before. Must-data-flow analysis accurately approximates must-definition
of variables. An assignment statement is called a must-definition for
a variable, if a variable value would be always changed after execution
of this assignment statement. Notions of strong update and definite
assignment are equivalent to must-definition.
      A typical analyzer uses may-definitions of variables. May-definition
is an assignment which may assign to variable for some executions
of program. Another equivalent notions are possible definition and
week update.


      Static analyzer OSA was implemented as a back-end in
the Modula-2/Oberon-2 development system called XDS [1]. OSA may
analyse programs written in the mix of Modula-2 and Oberon-2 languages.


      Static analyzer was applied to real programs which constitute
XDS itself, such as debugger, front-end, converter, interpreter, etc.
Several non-trivial bugs, proved to be difficult to find during usual
debugging and testing stages, were found by OSA.
      During our experiments with OSA we discovered that warnings induced
by may-definitions (which are not must-definitions) are actually useless.
Now all messages are based only on must-definitions, resulting in message
lists for big programs being at least 10 times shorter than before.


      Now everyone may download curent release of OSA through WWW:


                                    http://www.xds.ru/osa/


    References:


1. http://www.xds.ru/xds/


2. D. Evans. Static Detection of Dynamic Memory Errors.
    In the Proceedings of the ACM SIGPLAN'96 Conference in Programming
    Language Design and Implementation, pages 44-53, v.31, no.5, May 1996.
--


Post a followup to this message

Return to the comp.compilers page.
Search the comp.compilers archives again.