• DocumentCode
    1952745
  • Title

    Driving a sound static software analyzer with branch-and-bound

  • Author

    Mattsen, Sven ; Cuoq, Pascal ; Schupp, Sibylle

  • Author_Institution
    Inst. for Software Syst. (STS), Hamburg Univ. of Technol. (TUHH), Hamburg, Germany
  • fYear
    2013
  • fDate
    22-23 Sept. 2013
  • Firstpage
    63
  • Lastpage
    68
  • Abstract
    During the last decade, static analyzers of source code have improved greatly. Today, precise analyzers that propagate values for the program´s variables, for instance with interval arithmetic, are used in the industry. The simultaneous propagation of sets of values, while computationally efficient, is a source of approximations, and ultimately of false positives. When the loss of precision is detrimental to the user´s goals, a user needs to provide some kind of manual guidance. Frama-C, a framework for the static analysis of C programs, provides a sound value analyzer. This analyzer can optionally be guided by skillfully placed user annotations. This article describes SPALTER, a Frama-C plug-in that uses a variation of the Skelboe-Moore algorithm from the field of interval arithmetic to guide Frama-C´s value analyzer towards a high-level objective set by the user. SPALTER reproduces the results of a case study that used Frama-C´s value analysis and required extensive manual guidance. In difference, our approach with SPALTER required no guidance, except preparation of the analyzed program by slicing.
  • Keywords
    C language; approximation theory; program diagnostics; tree searching; C programs; Frama-C plug-in; SPALTER; Skelboe-Moore algorithm; approximations; branch-and-bound algorithm; interval arithmetic; program slicing; simultaneous propagation; sound static software analyzer; sound value analyzer; static analysis; Abstracts; Algorithm design and analysis; Approximation algorithms; Approximation methods; Conferences; Manuals; Vectors;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Source Code Analysis and Manipulation (SCAM), 2013 IEEE 13th International Working Conference on
  • Conference_Location
    Eindhoven
  • Type

    conf

  • DOI
    10.1109/SCAM.2013.6648185
  • Filename
    6648185