Abstract
Uninitialized variables have been a source of errors since the beginning of software engineering. Some programming languages (e.g. Java and Python) will automatically zero-initialize such variables, but others, like C and C++, leave their state undefined. While laying aside initialization in C and C++ might be a performance advantage if an initial value can't be supplied, working with such variables is an undefined behavior, and is a common source of instabilities and crashes. To avoid such errors, whenever meaningful initialization is possible, it should be used. Tools for detecting these errors run time have existed for decades, but those require the problematic code to be executed. Since in many cases the number of possible execution paths are combinatoric, static analysis techniques emerged as an alternative. In this paper, we overview the technique for detecting uninitialized C++ variables using the Clang Static Analyzer, and describe various heuristics to guess whether a specific variable was left in an undefined state intentionally. We implemented a prototype tool based on our idea and successfully tested it on large open source projects.
Subject
Computer Vision and Pattern Recognition,Software,Computer Science (miscellaneous),Electrical and Electronic Engineering,Information Systems and Management,Management Science and Operations Research,Theoretical Computer Science
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献