CN100470683C - Method for implementing dynamic storage error static detecting of embedded system - Google Patents
Method for implementing dynamic storage error static detecting of embedded system Download PDFInfo
- Publication number
- CN100470683C CN100470683C CNB2006100522276A CN200610052227A CN100470683C CN 100470683 C CN100470683 C CN 100470683C CN B2006100522276 A CNB2006100522276 A CN B2006100522276A CN 200610052227 A CN200610052227 A CN 200610052227A CN 100470683 C CN100470683 C CN 100470683C
- Authority
- CN
- China
- Prior art keywords
- node
- memory
- pointer
- tree
- control stream
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention relates to embedded system dynamic store error static state detecting method which belongs to embedded system dynamic store technical field. The method uses pointer tree to record control flow information and detect the dynamic store error. The invention has better precision and reliability, can judge whether the memory is transpired or not by defining the pointer tree in compilation process. If this happens, it can orient accurately by syntactic tree, analyze and cover whole program compiling by pointer tree to make the dynamic store detecting reliable.
Description
Technical field
The present invention relates to embedded system dynamic memory degree technical field, especially relate to a kind of implementation method of embedded system dynamic memory mistake Static Detection.
Background technology
In the embedded system, the single task operating system memory is divided into two parts, and a part has been given the resident program of operating system, and another part has then been given consumer process.And in multiple task operating system, a back part needs to continue segmentation and gives different processes.This work is to realize by the memory management of operating system is machine-processed.The memory management efficient of an operating system has very significant effects to its performance.Generally speaking, wish interior the existence by holding more task after the effective distribution to improve the utilization factor of CPU.
Generally speaking, memory management need be finished following function: secondary addressing, protection, share, logical organization and physical organization.At first, process is called in and is accessed internal memory and have randomness, and we need memory management to provide secondary addressing function to make task.Call in once more internal memory can with the same normal operation before.Secondly, different processes needs oneself private room for oneself normal operation, and memory management need provide corresponding protection mechanism to allow existing of this private room.Once more, to finish more senior function in order working in coordination with, to need multi-form alternately between the different processes, such as visit the other side data use the other side's process code or the like, and the sharing functionality that memory management is finished can guarantee smooth realization.
In addition, because what computing machine adopted is linear memory device, and computer program itself has just had the logical partitioning that is fit to own characteristics for the logic task of finishing self, if operating system or computer hardware can realize smoothly that the smooth conversion between this logical partitioning and the linear storage is without benefits to the aspects such as relative independentability that program itself realizes.Therefore memory management need provide corresponding logical organization function.
Many important programming languages use pointer to support dynamic memory management.Pointer operation has improved the language of expression ability, has increased the language dirigibility, also can produce a large amount of dynamic memory mistakes simultaneously.For example take off and quote null pointer, revise read-only storage space, quote storage space undefined or that discharged, storage leakage etc.These mistakes are difficult to detect and the location in the program debug stage, and reason is:
(1) may in repeatedly carrying out, program just can occur once;
(2) its harm manifests the period that the needs operation is quite grown;
(3) program has different behaviors under the different platform, makes it be difficult for manifesting;
(4) a large amount of storage allocation and releasing operation and complicated control flow make the wrong location that is difficult in the program.The dynamic memory mistake can cause program execution result mistake, and execution speed reduces, even program crashing.
Therefore need detect the dynamic memory mistake,, improve the efficient of system so that carry out effective error-detecting, location and processing.
Summary of the invention
The objective of the invention is to overcome deficiency of the prior art, a kind of implementation method of embedded system dynamic memory mistake Static Detection is provided.
The technical scheme that the present invention solves its technical matters employing is as follows:
The invention provides a kind of implementation method of embedded system dynamic memory mistake Static Detection, may further comprise the steps:
(1) use pointer tree that the control stream information is carried out record;
Described pointer tree is the multiway tree that a logging program dynamically uses the storage space situation, is made of two kinds of nodes: entry node and memory node; Ingress node is the root node of pointer tree, is the inlet of visit memory node; Memory node is the leafy node of pointer tree, and each memory node is corresponding with a storage space of program dynamic assignment;
(2) use pointer tree that dynamic memory mistake in the process is detected:
1. when certain procedure grammar analysis begins, construct the Ingress node E and the interim memory node T of the corresponding pointer tree of this process;
2. in the grammatical analysis process, use the current control stream of interim memory node record node T position;
3. work as grammatical analysis and identify an allocate statement storage, be the newly-built corresponding memory node S of the address pointer PI in the allocate statement, the control stream position of node T is copied to node S, and whether recording address pointer PI points to the array space, and judge whether to exist memory overflow, this is provided warning if having;
4. identify the storage free statement when analytic process,, on pointer tree, search corresponding node N according to decomposition result with its decomposition, and if have and only have among the address pointer PI one corresponding with the array space, this is provided warning; The control stream position of comparison node N and node T record if can not find node N or because judgment value is returned as very and can't deletes this node, this releasing operation failure is described, provides warning to this;
5. after this procedure grammar analysis finishes, its pointer tree is analyzed; Each disconnected memory node representative loses the storage space of index, and other memory node representative undelivered dynamic memory spaces in process provide warning to these memory nodes.
As a kind of improvement of the present invention, described use pointer tree writes down in the following manner the control stream information and realizes:
Memory node write down its corresponding stored space when being assigned with in control stream residing position, use following simple form to represent this position: in process, claim that action scope comprises all branches of certain statement and the control flow depth degree that round-robin adds up to this statement, it for control flow depth degree 1 allocate statement storage, use the combination of the row number at the branch at its place or round-robin name and branch or circulation place to write down this control stream, and this combination is called the control flow label.
The present invention compares with background technology, and the useful effect that has is:
In the implementation method of embedded system dynamic memory mistake Static Detection, the pointer tree detection method is used the storage space of memory node representation program dynamic assignment, and logging program distributes and the control stream position when discharging storage space; Utilize the operation of additions and deletions node on the pointer tree, dynamic storage allocation of simulator program and releasing operation.The state of pointer tree has reflected the situation in the current use dynamic memory of program space.
(1) accuracy.The present invention can judge in the program compilation process accurately by the definition pointer tree, the problems such as leakage of internal memory whether occurred, if, can carry out accurate localization by syntax tree.
(2) reliability.The present invention analyzes the program compilation process by pointer tree, has covered the whole process of program compilation, can reliably comprehensively carry out the detection of dynamic memory.
Description of drawings
Accompanying drawing 1 is a pointer tree detection method synoptic diagram of the present invention.
Specific implementation method
The present invention is further illustrated below in conjunction with drawings and Examples.
A kind of implementation method of embedded system dynamic memory mistake Static Detection, its embodiment is:
1) in the embedded system program compiling, for the definition of pointer tree:
Pointer tree is the multiway tree that a logging program dynamically uses the storage space situation, constitute by two kinds of nodes: entry node and memory node, Ingress node is the root node of pointer tree, it is the inlet of visit memory node, memory node is the leafy node of pointer tree, and each memory node is corresponding with a storage space of program dynamic assignment;
In the pointer tree, for control stream information record:
Memory node write down its corresponding stored space when being assigned with in control stream residing position, use following simple form to represent this position, in process, claim that action scope comprises all branches of certain statement and the control flow depth degree that round-robin adds up to this statement, it for control flow depth degree 1 allocate statement storage, use the combination of the row number at the branch at its place or round-robin name and branch or circulation place to write down this control stream, and this combination be called the control flow label.
For example: certain allocate statement storage is in the while circulation that eighth row begins, and then control corresponding is failed to be sold at auction and is designated as while_8.For control flow depth degree greater than 1 storage allocation operation, use the * mark with the control flow label of each degree of depth from coupling together record controls stream position outside to inside, * representative control flows to into more further flow process.Same pointer may be in the different branches of control stream the repeated dispensing storage space, the * mark is used for these control stream positions are connected.
Pointer tree utilizes the nest relation of the set membership reflection pointer action scope between memory node.
As follows in common dynamic memory mistake of embedded system and reason:
A) pointer in point at objects array space does not use Delete[] discharge, cause the destructor function except that first array element to fail to call, produce storage problem.
B) space discharges sequence error generation storage errors.
C) to same pointer repeated dispensing storage space, or, make the space of initial allocation lose index, produce memory overflow the pointer assignment of allocation space.
D) storage problem that causes of the complicated control flow that exists in the program.
The reason that above dynamic memory mistake produces is varied, does not match but its essence can be summed up as the distribution and the release of storage space.This not matching is presented as in program:
● the pointer of object array does not use Delete[] discharge, cause the destructor function except that first element of array to fail to call;
● the pointer that pointer and action scope are nested in this pointer structure pointed distributes;
● space and Free up Memory do not match in proper order;
● the storage that pointer assignment statement causes is leaked;
● distribution and release that the control flow of program complexity causes do not match.
2) method of dynamic memory mistake in the use pointer tree testing process
Pointer tree can detect 1) in dynamic memory mistake in four kinds of typical processes of a, b, c, d of mentioning.Pointer tree is dynamically set up in the grammatical analysis process and is used.Have only an Ingress node at first, along with the grammatical analysis procedure identification goes out storage allocation and releasing operation, additions and deletions node correspondingly on pointer tree.
(parameter p t is the pointer name for a, b) two auxiliary functions, and a and b are memory nodes to utilize pointer tree detection dynamic memory mistake need use detach (pt) and compare.Function d etach (pt) is used for the pointer that action scope is nested and decomposes.Base-for example〉c pointer name after detach (pt) decomposes, form base and two pointer names of c.(a, b) can control stream position analysis a and the b corresponding memory space according to memory node a and b all be assigned with in program is once carried out function compare.(a, b) ") rreturn value is true to function compare, and different branches and this two branches that the allocation space operation of and if only if a and b correspondence is in control stream do not occur in same circulation.
1. when certain procedure grammar analysis begins, construct the Ingress node E and the interim memory node T of the corresponding pointer tree of this process, each territory of T is sky.
2. in the grammatical analysis process, use the current control stream of interim memory node record T position.
3. work as grammatical analysis and identify an allocate statement storage, be the newly-built corresponding memory node S of the address pointer PI in the allocate statement, the control stream position of T is copied to S, and whether record PI points to the array space, utilize detach (pt) function that PI is decomposed, according to the position that decomposition result finds S to insert, insert node S on pointer tree.If this position has node N, (if the compare function is returned as very, flow the control of S record after control that the position is connected N flows with the * mark a, the b) control of function comparison node N and node S stream position to use compare.If be returned as vacation, explanation may be in program be once carried out, and the space release that will not distribute for the first time twice space of PI continuous dispensing causes memory overflow, this is provided warning and judges whether to exist memory overflow.
4. store free statement delete PI or delete[when analytic process identifies] PI, utilize detach (pt) with its decomposition.On pointer tree, search corresponding node N according to decomposition result, if having and only have among N and the pointer PI one corresponding with the array space, this is provided warning.Utilize compare (a, b) the control stream position of more interim node T and node N record is returned as under the false situation at compare, if N control stream does not comprise * mark, deletion of node N; Make compare among the N (a b) is false control stream part if comprise * then delete.If can not find node N or, this releasing operation failure be described, this is provided warning because compare is returned as very and can't deletes this node.
5. after this procedure grammar analysis finishes, its pointer tree is analyzed; Each disconnected memory node representative loses the storage space of index, and other memory node representative undelivered dynamic memory spaces in process provide warning to these memory nodes.
Claims (2)
1, a kind of implementation method of embedded system dynamic memory mistake Static Detection is characterized in that, may further comprise the steps:
(1) use pointer tree that the control stream information is carried out record;
Described pointer tree is the multiway tree that a logging program dynamically uses the storage space situation, is made of two kinds of nodes: entry node and memory node; Ingress node is the root node of pointer tree, is the inlet of visit memory node; Memory node is the leafy node of pointer tree, and each memory node is corresponding with a storage space of program dynamic assignment;
(2) use pointer tree that dynamic memory mistake in the process is detected:
1. when certain procedure grammar analysis begins, construct the Ingress node E and the interim memory node T of the corresponding pointer tree of this process;
2. in the grammatical analysis process, use the current control stream of interim memory node T record node T position;
3. work as grammatical analysis and identify an allocate statement storage, be the newly-built corresponding memory node S of the address pointer PI in the allocate statement, the control stream position of node T is copied to node S, and whether recording address pointer PI points to the array space, and judge whether to exist memory overflow, if having then to existing memory overflow to provide warning;
4. identify the storage free statement when analytic process,, on pointer tree, search corresponding node N according to decomposition result with its decomposition, and if have and only have among the address pointer PI one corresponding with the array space, this is provided warning; The control stream position of comparison node N and node T record if can not find node N or because judgment value is returned as very and can't deletes this node, this releasing operation failure is described, provides warning to this;
5. after this procedure grammar analysis finishes, its pointer tree is analyzed; Each disconnected memory node representative loses the storage space of index; Other memory node representative undelivered dynamic memory spaces in process provide warning to the latter.
2, the implementation method of embedded system dynamic memory mistake Static Detection according to claim 1 is characterized in that, described use pointer tree writes down in the following manner the control stream information and realizes:
Memory node write down its corresponding stored space when being assigned with in control stream residing position, use following simple form to represent this position: in process, claim that action scope comprises all branches of certain statement and the control flow depth degree that round-robin adds up to this statement, it for control flow depth degree 1 allocate statement storage, use the combination of the row number at the branch at its place or round-robin name and branch or circulation place to write down this control stream, and this combination is called the control flow label.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100522276A CN100470683C (en) | 2006-06-30 | 2006-06-30 | Method for implementing dynamic storage error static detecting of embedded system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100522276A CN100470683C (en) | 2006-06-30 | 2006-06-30 | Method for implementing dynamic storage error static detecting of embedded system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1905076A CN1905076A (en) | 2007-01-31 |
| CN100470683C true CN100470683C (en) | 2009-03-18 |
Family
ID=37674307
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100522276A Expired - Fee Related CN100470683C (en) | 2006-06-30 | 2006-06-30 | Method for implementing dynamic storage error static detecting of embedded system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100470683C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763291B (en) * | 2009-12-30 | 2012-01-18 | 中国人民解放军国防科学技术大学 | Method for detecting error of program control flow |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102339252B (en) * | 2011-07-25 | 2014-04-23 | 大连理工大学 | Static state detecting system based on XML (Extensive Makeup Language) middle model and defect mode matching |
| CN103745755B (en) * | 2014-01-06 | 2017-01-11 | 中国科学院软件研究所 | Space memory error detection method with high efficiency and high availability |
| CN104461886A (en) * | 2014-12-10 | 2015-03-25 | 深圳航天东方红海特卫星有限公司 | Control flow error detection method |
| CN116450402B (en) * | 2023-06-15 | 2023-08-18 | 北京智芯微电子科技有限公司 | Program flow monitoring method, compiling device, processor and computer equipment |
-
2006
- 2006-06-30 CN CNB2006100522276A patent/CN100470683C/en not_active Expired - Fee Related
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763291B (en) * | 2009-12-30 | 2012-01-18 | 中国人民解放军国防科学技术大学 | Method for detecting error of program control flow |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1905076A (en) | 2007-01-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | A memory model for static analysis of C programs | |
| US6182283B1 (en) | Linker optimization for compiled object oriented programs | |
| CN100442245C (en) | Method and system for analyzing runtime memory access errors | |
| US7673295B1 (en) | System and method for compile-time non-concurrency analysis | |
| CN102073589A (en) | Code static analysis-based data race detecting method and system thereof | |
| Wotawa et al. | Model-based debugging or how to diagnose programs automatically | |
| CN102073588B (en) | Code static analysis based multithread deadlock detection method and system | |
| CN100470683C (en) | Method for implementing dynamic storage error static detecting of embedded system | |
| CN105808369B (en) | A kind of memory leakage detecting method based on semiology analysis | |
| Ivannikov et al. | Static analyzer Svace for finding defects in a source program code | |
| CN104573503B (en) | The detection method and device that a kind of internal storage access overflows | |
| CN102073591A (en) | Method and system for detecting memory occupancy state of embedded system | |
| JPH10254716A (en) | Detection of concurrent error in multi-threaded program | |
| CN102063328B (en) | System for detecting interrupt-driven type program data competition | |
| CN104133733B (en) | A kind of detecting memory errors method | |
| US8141082B2 (en) | Node-based representation of multi-threaded computing environment tasks, and node-based data race evaluation | |
| Zibin et al. | Efficient subtyping tests with PQ-encoding | |
| CN107533549A (en) | For the system and method for the selective snapshot for creating database | |
| CN104375941A (en) | Automated evaluation method for binary code coverage of testing case set for executable program | |
| CN101710303B (en) | Memory leakage detecting method based on flow sensitivity and context sensitivity directing picture | |
| Nepomniaschy et al. | Verification-oriented language C-light and its structural operational semantics | |
| Deutsch | Semantic models and abstract interpretation techniques for inductive data structures and pointers | |
| US20130152053A1 (en) | Computer memory access monitoring and error checking | |
| CN114282227A (en) | Safety analysis and detection method for intelligent contract of Fabric block chain system | |
| CN114153451A (en) | Method for analyzing memory security in C code by using data flow analysis algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090318 Termination date: 20110630 |