{"title":"使用静态代码分析和逻辑推理检测C/ c++程序的不正确指针解引用","authors":"Tatiana Vert, Tatiana Krikun, M. Glukhikh","doi":"10.1109/TMPA.2013.12","DOIUrl":null,"url":null,"abstract":"This article considers a method for an increase of static code analysis precision. The method extends classic code analysis algorithm with dependency analysis. For this purpose, during abstract interpretation information about statically known values should be extracted as well as dependencies between unknown values. Dependencies can be represented with first-order logic predicates. Such a method allows using of external logical inference tools to prove truth or falsehood of branch conditions and of error occurrence conditions. The main focus is oriented to pointer analysis logic and incorrect dereference detection rules. A prototype is implemented and results of efficiency evaluation are provided. The prototype uses Microsoft Z3 Solver as a logical inference tool. A significant precision increase is shown, ways for performance boosting are suggested.","PeriodicalId":147297,"journal":{"name":"2013 Tools & Methods of Program Analysis","volume":"202 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Detection of incorrect pointer dereferences for C/C++ programs using static code analysis and logical inference\",\"authors\":\"Tatiana Vert, Tatiana Krikun, M. Glukhikh\",\"doi\":\"10.1109/TMPA.2013.12\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This article considers a method for an increase of static code analysis precision. The method extends classic code analysis algorithm with dependency analysis. For this purpose, during abstract interpretation information about statically known values should be extracted as well as dependencies between unknown values. Dependencies can be represented with first-order logic predicates. Such a method allows using of external logical inference tools to prove truth or falsehood of branch conditions and of error occurrence conditions. The main focus is oriented to pointer analysis logic and incorrect dereference detection rules. A prototype is implemented and results of efficiency evaluation are provided. The prototype uses Microsoft Z3 Solver as a logical inference tool. A significant precision increase is shown, ways for performance boosting are suggested.\",\"PeriodicalId\":147297,\"journal\":{\"name\":\"2013 Tools & Methods of Program Analysis\",\"volume\":\"202 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-10-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Tools & Methods of Program Analysis\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TMPA.2013.12\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Tools & Methods of Program Analysis","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TMPA.2013.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detection of incorrect pointer dereferences for C/C++ programs using static code analysis and logical inference
This article considers a method for an increase of static code analysis precision. The method extends classic code analysis algorithm with dependency analysis. For this purpose, during abstract interpretation information about statically known values should be extracted as well as dependencies between unknown values. Dependencies can be represented with first-order logic predicates. Such a method allows using of external logical inference tools to prove truth or falsehood of branch conditions and of error occurrence conditions. The main focus is oriented to pointer analysis logic and incorrect dereference detection rules. A prototype is implemented and results of efficiency evaluation are provided. The prototype uses Microsoft Z3 Solver as a logical inference tool. A significant precision increase is shown, ways for performance boosting are suggested.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
