A sound abstract memory model for static analysis of C programs

Abstract

Abstract memory model plays an important role in the static analysis of programs. This paper proposes a region-based symbolic three-valued logic (RSTVL) to guarantee the soundness of static analysis, which utilises abstract regions to simulate blocks of the concrete memory. RSTVL applies symbolic expressions to express the value of memory objects, and the interval domain to describe the value of each symbol of symbolic expressions. Various operations for memory objects can be mapped to operations about regions. As a sound abstract memory model, RSTVL can describe the shape information of data structure in memory and the storage state of memory objects for C programs, and a variety of associative addressable expressions, including the point-to relations, hierarchical and valued logic relations. We have built a prototype tool DTSC_RSTVL that detects code level defects in C programs. Five popular C programs are analysed, the results indicate that the analysis is sufficiently sound to detect code level defects with zero false negative rate.