Abstract: In order to fully detect null pointer dereference defects for C procedures based on static analysis, this paper introduces a method based on property sound analysis. Firstly, defect pattern and feature of null pointer dereference are introduced. Then, the property sound analysis theory is proposed to detect null pointer dereference defects, and the point property of pointers is abstracted as attribute lattice. Through an abstract memory model and transfer function of each kind of statement, point-to property of each pointer can be get soundly, and null pointer dereference defects detection can be realized based on the point-to property of each referenced pointer. Experiment results of five real projects show that this method can fully detect null pointer dereference defects.

Key words: defect detection, defect pattern, null pointer dereference, property sound analysis

摘要： 为实现基于静态分析技术充分地检测出C程序中的空指针引用缺陷，提出了一种基于属性可靠分析的缺陷检测方法。首先介绍了空指针引用缺陷模式及特征。然后针对空指针引用缺陷的检测特点提出了属性可靠分析理论，并将指针的指向属性描述为一个属性格。通过提出的抽象内存模型，基于给出的每种程序语句上的迁移实现指针指向属性的可靠分析，根据得到的每个被引用指针的指向属性进而实现空指针引用缺陷的检测。通过对五个实际工程的检测结果分析表明，方法可充分检测出C程序的空指针引用缺陷。

关键词: 缺陷检测, 缺陷模式, 空指针引用, 属性可靠分析