Abstract
Abstract Static analysis is an essential way to find code smells and bugs. It checks the source code without execution and no test cases are required, therefore its cost is lower than testing. Moreover, static analysis can help in software engineering comprehensively, since static analysis can be used for the validation of code conventions, for measuring software complexity and for executing code refactorings as well. Symbolic execution is a static analysis method where the variables (e.g. input data) are interpreted with symbolic values. Clang Static Analyzer is a powerful symbolic execution engine based on the Clang compiler infrastructure that can be used with C, C++ and Objective-C. Validation of resources’ usage (e.g. files, memory) requires finite state automata (FSA) for modeling the state of resource (e.g. locked or acquired resource). In this paper, we argue for an approach in which automata are in-use during symbolic execution. The generic automaton can be customized for different resources. We present our domain-specific language to define automata in terms of syntactic and semantic rules. We have developed a tool for this approach which parses the automaton and generates Clang Static Analyzer checker that can be used in the symbolic execution engine. We show an example automaton in our domain-specific language and the usage of generated checker.
Highlights
Compilers play an essential role in the early detection of software problems regarding many aspects of the sourceStatic analysis is a widely-used method which is by definition the act of uncovering properties and reasoning about software without observing its runtime behaviour, restricting the scope of tools to those which operate on the source representation, the code written in a single or multiple programming languages
Clang Static Analyzer is a powerful symbolic execution engine based on the Clang compiler infrastructure that can be used with C, C++ and Objective-C
We have developed a tool for this approach which parses the automaton and generates Clang Static Analyzer checker that can be used in the symbolic execution engine
Summary
Static analysis is a widely-used method which is by definition the act of uncovering properties and reasoning about software without observing its runtime behaviour, restricting the scope of tools to those which operate on the source representation, the code written in a single or multiple programming languages. Validation of resource management is an important process because resource problems (e.g. memory leak) may occur in C and C++ programs. Their validation is not part of the usual compilation process [4]. We argue for a generic, resource-oriented static analysis approach. One can define a special resource-oriented checker with our domain-specific language (DSL) and our tool generates a static analysis method to detect the problems regarding the proposed resource.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
