Title :
Driving a sound static software analyzer with branch-and-bound
Author :
Mattsen, Sven ; Cuoq, Pascal ; Schupp, Sibylle
Author_Institution :
Inst. for Software Syst. (STS), Hamburg Univ. of Technol. (TUHH), Hamburg, Germany
Abstract :
During the last decade, static analyzers of source code have improved greatly. Today, precise analyzers that propagate values for the program´s variables, for instance with interval arithmetic, are used in the industry. The simultaneous propagation of sets of values, while computationally efficient, is a source of approximations, and ultimately of false positives. When the loss of precision is detrimental to the user´s goals, a user needs to provide some kind of manual guidance. Frama-C, a framework for the static analysis of C programs, provides a sound value analyzer. This analyzer can optionally be guided by skillfully placed user annotations. This article describes SPALTER, a Frama-C plug-in that uses a variation of the Skelboe-Moore algorithm from the field of interval arithmetic to guide Frama-C´s value analyzer towards a high-level objective set by the user. SPALTER reproduces the results of a case study that used Frama-C´s value analysis and required extensive manual guidance. In difference, our approach with SPALTER required no guidance, except preparation of the analyzed program by slicing.
Keywords :
C language; approximation theory; program diagnostics; tree searching; C programs; Frama-C plug-in; SPALTER; Skelboe-Moore algorithm; approximations; branch-and-bound algorithm; interval arithmetic; program slicing; simultaneous propagation; sound static software analyzer; sound value analyzer; static analysis; Abstracts; Algorithm design and analysis; Approximation algorithms; Approximation methods; Conferences; Manuals; Vectors;
Conference_Titel :
Source Code Analysis and Manipulation (SCAM), 2013 IEEE 13th International Working Conference on
Conference_Location :
Eindhoven
DOI :
10.1109/SCAM.2013.6648185
