Interprocedural path-sensitive resource leaks detection for C programs

In this paper, we present a new tool, RL_Detector, which performs static analysis to detect resource leaks for C programs. The algorithm is inter-procedural and path-sensitive, and it is based on an underlying resource management property: the data flow from resource allocation point must reach resource deallocation point, otherwise the resource is leaked. For each resource, it symbolically executes the program to collect the constraints of all the paths and recorded as some sets. Then the data flow condition can be computed through these sets of all the paths. Finally, the resource leak detection is reduced to the satisfiability of DFC (the Data Flow Condition). It has been effective at detecting resource leak in the SPEC2000 benchmarks and in an open source software project, the actual test results show that the tool keeps the false positive rate below 10% and works on millions of lines of code in a matter of minutes.

[1]  Kishor S. Trivedi,et al.  Adaptive software rejuvenation: degradation model and rejuvenation scheme , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[2]  Monica S. Lam,et al.  A practical flow-sensitive and context-sensitive C and C++ memory leak detector , 2003, PLDI '03.

[3]  Emina Torlak,et al.  Effective interprocedural resource leak detection , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[4]  Alexander Aiken,et al.  Context- and path-sensitive memory leak detection , 2005, ESEC/FSE-13.

[5]  David E. Evans,et al.  Static detection of dynamic memory errors , 1996, PLDI '96.

[6]  Monica S. Lam,et al.  Static detection of leaks in polymorphic containers , 2006, ICSE '06.

[7]  Dawson R. Engler,et al.  Static analysis for bug finding in systems software , 2003 .

[8]  Lori A. Clarke,et al.  A System to Generate Test Data and Symbolically Execute Programs , 1976, IEEE Transactions on Software Engineering.

[9]  Sigmund Cherem,et al.  Practical memory leak detection using guarded value-flow analysis , 2007, PLDI '07.

[10]  Gang Wu,et al.  Detecting resource leaks through dynamical mining of resource usage patterns , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[11]  George C. Necula,et al.  Finding and preventing run-time error handling mistakes , 2004, OOPSLA.

[12]  Alexander Aiken,et al.  Saturn: A scalable framework for error detection using Boolean satisfiability , 2007, TOPL.

[13]  Radu Rugina,et al.  Memory Leak Analysis by Contradiction , 2006, SAS.

[14]  Sorin Lerner,et al.  ESP: path-sensitive program verification in polynomial time , 2002, PLDI '02.

[15]  Radu Rugina,et al.  Region-based shape analysis with tracked locations , 2005, POPL '05.

[16]  William R. Bush,et al.  A static analyzer for finding dynamic programming errors , 2000 .

[17]  David Hovemeyer,et al.  Using Static Analysis to Find Bugs , 2008, IEEE Software.