RARE: An Efficient Static Fault Detection Framework for Definition-Use Faults in Large Programs

Lujie Zhong, Pen Chung Yew, Wei Huo, Feng Li, Xiaobing Feng, Zhaoqing Zhang

Research output: Contribution to journalArticlepeer-review


A range-reduced static definition-use (def-use) fault detection framework is proposed to improve the scalability, but still retain its accuracy, when applied to large application programs. It casts common faults, such as null pointer dereferences, undefined references, buffer overflows, and memory leaks into a common def-use fault pattern, and uses a two-level path-insensitive approach to classify variable uses that can trigger faults into must-trigger, must-not-trigger, and may-trigger categories depending on whether the unsafe uses can actually be, never be, or may be executed. For those must-trigger unsafe uses, faults are immediately reported, and those must-not-trigger uses are dropped from further analysis. The already reduced program range that is relevant to the may-trigger unsafe uses is further reduced by using a binary decision diagram encoded path extraction scheme for more accurate, but more expensive, path-sensitive analysis. A prototype has been built using this approach, and a set of large realistic applications (a total of more than 4.8 MLOC) was tested for such common types of def-use faults. Compared with existing popular path-sensitive detection tools such as Clang Static Analyzer, we find our approach incurs less analysis time, but achieves good accuracy with a low false positive rate and no false negative.

Original languageEnglish (US)
Pages (from-to)10432-10444
Number of pages13
JournalIEEE Access
StatePublished - Feb 13 2018

Bibliographical note

Funding Information:
This work was supported in part by the National Natural Science Foundation of China under Grant 61402303 and in part by the Project of Beijing Municipal Commission of Education under Grant KM201510028016.


  • Accuracy
  • fault detection
  • scalability
  • sensitivity
  • software reliability

Fingerprint Dive into the research topics of 'RARE: An Efficient Static Fault Detection Framework for Definition-Use Faults in Large Programs'. Together they form a unique fingerprint.

Cite this