JPH04182836A - Unspecific value reference and detection system for program - Google Patents

Abstract

PURPOSE:To speedily and surely analyze a program trouble place by reporting the trouble in the unspecific value reference of a program as a program error. CONSTITUTION:When the program 105 runs, a work area 110 is assigned on a memory 100. The area 110 is initialized in specific pattern and every time the program 105 make a reference 115 to data in the area 110, a check (125) on whether the reference data are still initialized data or not is made. When the program 105 is normal, the data are set in the area 110 and then arithmetic, etc., is performed by referring to the data, so the reference data become different from the initialized data and the result of the check 125 indicates a discrepancy. If the program 105 has abnormality and refers to the area 110 without setting the data in the area 110, the initialized data are referred to, so the result of the check 125 coincides. In this case, an unspecific value reference is therefore judged and after the error is reported, the processing of the program 105 is stopped.

Description

DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to a computer system, and more particularly to an indefinite value reference detection method for a program suitable for detecting a defect in an indefinite value reference in a work area used by a program. .

[Conventional technology]

As an example of a conventional program undefined value reference detection method, in the stack initialization method, as described in the following literature, there is a known method in which the memory is cleared to zero as initialization only when new memory is allocated as the stack area. , Prentice/Hall International The Design of the Unix Operating System, Maurice Gerbach (1986), pp. 298-3.
Page 03 (Prentice/Hall International
tional, THE DESIGN OF THE
UNIX 0PERATING SYSTEM, Mau
riceJ, Bach (1986) PP298-303
) (UNIX is an abbreviation for the operating system of Bell Laboratories, USA).

[Problem to be solved by the invention]

In the conventional program indeterminate value reference detection method, the user's stack area is initialized only when new memory is allocated due to stack expansion. However, the stack area is repeatedly allocated and released for each subroutine, so if you only initialize it when memory is allocated, the stack area of the first subroutine to be processed will be initialized, but the second Since the remaining subroutine used in the previous subroutine is allocated as a stack area for subroutines after the th subroutine, if there is a part in the subroutine that refers to an undefined value on the stack, the problem will not surface due to the operation result of the previous subroutine. or As a result, there were many cases where problems could not be detected during the testing stage and were only discovered after actual operation began, resulting in major system failures.

SUMMARY OF THE INVENTION An object of the present invention is to provide an indefinite value reference detection method for a program that can quickly and reliably detect defects due to indefinite value references at the testing stage.

[Means to solve the problem]

In order to achieve the above object, an indefinite value reference detection method for a program according to the present invention is implemented by a CPU or an OS of a computing system.
A check mechanism is provided in the program, the work area used in the program is secured in memory and initialized in advance with a specific pattern, and each time the work area is referenced, the reference data and initialized data are compared by the check mechanism, and each The program is configured to treat the program as an undefined value reference when the data match.

The checking mechanism may be configured to report an error when an undefined value is referenced, and then stop the program processing.

In addition, a check mechanism is installed in the CPU or OS of the computing system, and the stack area used by the program is initialized with a specific pattern when it is secured in main memory, and when the used stack area is released, so that the stack area is always stacked. This configuration maintains the area in an initialized state.

[Effect]

According to the program indefinite value reference detection method of the present invention, before using the stack area in any subroutine of the user program, the stack area is always initialized with a specific pattern, and the stack area is referenced. By adding a mechanism to check the data pattern when processing data, if a subroutine accidentally refers to the stack area without setting data and processes it, a program error will occur and the problem of referencing an unspecified value will be eliminated. Ru. Therefore, without changing the user program, it is possible to designate whether or not initialization and checking should be performed through external settings, making it easy to use the system only in the testing stage without using it online.

〔Example〕

An embodiment of the present invention will be described with reference to FIGS. 1 and 2.

As shown in FIGS. 1 and 2, when the program 105 operates, a work area 110 is allocated on the logical space (memory) 100. This work area 110 is initialized in advance with a specific pattern, and the program 105
Each time the reference data in the work area 110 is referenced 115, it is checked (125) whether the reference data remains initialized data, that is, whether reference data that has never been set is referenced. be.

If the program 105 is normal, the work area 110
Since data is referenced and calculations are performed after data is set in , reference data is different from initialized data, and the comparison result of check 125 is (reference data) ≠ (initialized data)
becomes.

However, if there is a problem with the program 105 and the data is referenced without setting it in the work area, the initialized data will be referenced, and the comparison result of check]-25 will be (reference data) = (initialized data). Become.

Therefore, if (reference data)≠(initialization data), the processing of the program 105 is continued as normal processing. If (reference data) = (initialization data), it is regarded as an undefined value reference, and after reporting an error, the program 105
stop processing.

This makes it possible to reliably detect the problem of referencing an indefinite value. A detailed implementation method of the present invention will be described below.

First, a method for initializing the stack in a computer system having a stack as a program work area will be described.

First, the stack mechanism will be explained with reference to FIG.

When the program 200 calls subroutine A (
205) - Subroutine A 220 reserves a stack area to be used by its own subroutine in main memory 300 (2
21). When the stack area is secured, a pointer indicating the upper limit of the stack area, called a stack pointer (hereinafter abbreviated as SP), moves by the secured area (240), as shown in (2) in FIG.

The subroutine A220 uses the secured stack area as a work area (222), and releases the stack area shell at the end of processing (223).

When the stack area is released, as shown in (2), the SP is returned to the state before it was secured (250), but the data itself (remains) of the stack area that was being used remains as is.

Subsequently, the program 200 calls subroutine B (210), and subroutine B 230 secures a stack area for use in its own subroutine (231). Once the stack area is secured, the SP simply moves by the secured area (260) as shown in (2), and the area used in subroutine A is allocated to the stack area itself.

The subroutine B230 sets data in the secured stack area (232), performs calculations based on that data (233), and processes it. However, if there is a problem in the subroutine B230 and the stack area is If the process of setting data (232) is omitted, processing will be performed based on the residual data used in subroutine A, and this problem may or may not surface depending on the value of the reference data.

To solve such stack mechanical problems, it is effective to always initialize the stack area with a specific pattern when a subroutine uses the stack area.

Next, the initialization timing of this stack will be explained with reference to FIGS. 5 and 6.

In securing the stack area, 5P3 as shown in ■
01 exceeds the page boundary 302, the page is secured on the page memory 300 indicated by 5P301, but at this timing, the newly secured page and stack area (304
) with a specific pattern.

When the subroutine uses the stack area, the stack area (306) of the newly allocated page that is not in use remains initialized, but is not used. Stack area (3
04) is the leftovers that were used, that is, an unspecified pattern.

Therefore, when releasing the stack area as shown in ■,
In addition to returning 5P301 to the address before securing the stack area, it also returns the stack area (3
04) with a specific pattern.

As a result, when the next subroutine allocates the stack area 307 as shown in (2), the stack area initialized at the beginning is allocated.

Here, initializing the stack area other than the allocated stack area (all ranges on the same page) means referencing the stack area other than the allocated stack area by mistake in the subroutine (308
) is effective in detecting defects.

In this way, by initializing when a new page is allocated as a stack area and when the stack area is released, a stack area that is initialized with a specific pattern is always allocated when a subroutine allocates a stack area. It turns out.

Next, regarding the initialization process of this stack area, Part 7 @,
This will be explained with reference to FIG.

FIG. 7 shows the initialization process at the timing when a new page is secured as a stack area. After conventional main memory allocation processing 401, it is determined whether or not indefinite value reference check is specified (402) 1. If not specified,
As in conventional processing, the secured stack area is cleared to zero (404).

If specified, initialize with a specific pattern (403
).

FIG. 8 shows an initialization processing method at the timing of releasing the stack area.

Subroutine 500 begins with stack free instruction 501 and ends with stack free instruction 502.

Therefore, this stack release instruction is replaced in advance with an exception generation instruction (503). When the subroutine 50o executes an exception generation instruction instead of a stack release instruction, the OS
Link to exception handling 505.

In exception handling 505, the return address to the user's subroutine is changed to the address of the stack initialization program (506). This returns the user to the program (507). This returns you to the user program (5
07), the return to the exception generating instruction is linked to the stack initialization program 510.

The stack initialization program 510 initializes the stack area used by the subroutine (511), executes a stack release instruction (512), and returns to the subroutine (513).

In this way, the user's subroutine can unconsciously make it appear as if the subroutine had initialized the stack area used when the stack was released.

The reason why the stack area is not directly initialized in the OS exception handling 505 is that the stack area is for the user and for the OS.
This is because in a computer system where areas are separated for use and SP is allocated separately, it is necessary to execute a stack release instruction in each program.

Next, we will explain the checking mechanism for indefinite value references in Figures 9 and 1.
This will be explained with reference to Figure 0.

FIG. 9 shows an embodiment in which a check mechanism is provided in the CPU.

When a program executes an instruction and references main memory 601 and cache memory, the reference data is sent to BPU 610 through data line 603.

Therefore, we intercepted the reference data from this data line,
A comparator 605 checks a check pattern (same value as initialization data) 604 that has been set externally in advance, and also checks a check flag 606 that indicates whether or not undefined value reference is checked and the result of whether or not the reference address is a stack area. 607 and is checked by an AND circuit 608.

If all are satisfied, it is considered an indefinite value reference,
An exception is generated in the BPU 610 (609).

When this exception occurs, the system recognizes that there is an undefined value reference and reports an error.

In this embodiment, the check mechanism is implemented in hardware, but it can also be implemented in software in a computer system that can be linked to a system program every 51 instructions.

Hereinafter, a method for realizing this will be explained with reference to FIG. Each time the program 700 executes one instruction (701), it executes the indefinite value reference check process 7jO. In the indefinite value reference check process, it is first necessary to determine whether or not the check is necessary (711).
, Next, interpret the instruction word and determine whether it is an instruction word that refers to memory (712), and determine whether the reference address is a stack address (713) L. Finally, the reference data is the same as the initialization data. (714).

If all of these determinations are satisfied, it is considered an undefined value reference and an error is reported (715). If even one of the above judgments is not satisfied, the program returns to 7°O and repeatedly executes the next command (702).

〔Effect of the invention〕

According to the program indefinite value reference detection method of the present invention, it is possible to report a malfunction due to an indefinite value reference in a program as a program error, so that there is an effect that a malfunction part of a program can be quickly and reliably analyzed.

[Brief explanation of the drawing]

1 and 2 are configuration diagrams showing one embodiment of the present invention, FIGS. 3 and 4 are diagrams explaining the stack mechanism, and FIG.
Figure 6 is a diagram explaining the initialization timing of the stack area, Figure 7 is a diagram explaining the initialization process of the stack area, Figure 8 is a diagram explaining the initialization process when releasing the stack, and Figure 9 is a diagram explaining the initialization process of the stack area. 10 is a diagram explaining a check mechanism in hardware, and FIG. 10 is a diagram explaining a check mechanism in software. 100...Theoretical space (memory), 110...Work area, 120...Check mechanism.

Claims (1)

[Claims] 1. A check mechanism is provided in the CPU or OS of the computing system, and a work area used by the program is secured in memory and initialized in advance with a specific pattern,
An indefinite value reference detection of a program, characterized in that each time the work area is referenced, the reference data and the initialization data are compared by the checking mechanism, and when the respective data match, the program is regarded as an indefinite value reference. method. 2. The method for detecting an indefinite value reference in a program according to claim 1, wherein the check mechanism is caused to report an error when an indefinite value is referenced, and then halts program processing. 3. Provide a check mechanism in the CPU or OS of the computing system, initialize the stack area used by the program according to a specific pattern at the timing when it is secured in the main memory, and initialize it at the timing when the used stack area is released, An indefinite value reference detection method for a program, characterized in that the stack area is always maintained in an initialized state.