Abstract
The problem of improving precision of static analysis and verification techniques for C is hard due to simplification assumptions these techniques make about the code model. We present a novel approach to improving precision by executing the code model in a controlled environment that captures program errors and contract violations in a memory and time efficient way. We implemented this approach as an executor module Tassadar as a part of bounded model checker Borealis. We tested Tassadar on two test sets, showing that its impact on performance of Borealis is minimal. The article is published in the authors’ wording.
Highlights
Static analysis and verification of programs written in an unsafe language like C is hard
We present a novel approach to improving precision by executing the code model in a controlled environment that captures program errors and contract violations in a memory and time efficient way
We evaluated our approach and Tassadar on two test case sets bundled with Borealis which are based on NECLA [11] and SV-COMP [4] test case packs, which test both defect detection and contract violation detection properties of the checker
Summary
Static analysis and verification of programs written in an unsafe language like C is hard. Most of the problems researchers face in these areas are either NP-hard or undecidable due to inherent properties of a Turing-complete language and the presence of unsafe memory operations. Another difficulty comes from the fact that the analysis that can be used in an interprocedural environment must be aware of both internal and external functions to provide a good approximation of program behaviour. The goal of this work is to provide a safe and fast way to reduce the number of false positives in results produced by static code analysis of C. We provide a way to reduce false positives in these cases in the form of a concrete code execution environment that borrows some ideas from symbolic execution and is safe, robust and resource-efficient
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
