The University of Southampton
University of Southampton Institutional Repository

SMT-based refutation of spurious bug reports in the clang static analyzer

SMT-based refutation of spurious bug reports in the clang static analyzer
SMT-based refutation of spurious bug reports in the clang static analyzer
We describe and evaluate a bug refutation extension for the Clang Static Analyzer (CSA) that addresses the limitations of the existing built-in constraint solver. In particular, we complement CSA's current heuristics for removing spurious bug reports. We encode the path constraints produced by CSA as Satisfiability Modulo Theories (SMT) problems, use SMT solvers to precisely check them for satisfiability, and remove bug reports whose associated path constraints are unsatisfiable. Our refutation extension refutes spurious bug reports in 8 out of 12 widely used open-source applications; on average, it refutes ca. 7% of all bug reports, and never refutes any true bug report. It incurs only negligible performance overheads, and on average adds 1.2% to the runtime of the full Clang/LLVM toolchain. A demonstration is available at https://www.youtube.com/watch?v=ylW5iRYNsGA
11-14
IEEE Press
Gadelha, Mikhail R.
e4fe9e2a-ea00-4542-856b-3c083e7e003a
Steffinlongo, Enrico
3d79c5bb-e1e1-4071-8a9d-580736505063
Cordeiro, Lucas
fc7cb054-f39e-4013-9faa-a471bd006596
Fischer, Bernd
0c9575e6-d099-47f1-b3a2-2dbc93c53d18
Nicole, Denis
0aca6dd1-833f-4544-b7a4-58fb91c7395a
Gadelha, Mikhail R.
e4fe9e2a-ea00-4542-856b-3c083e7e003a
Steffinlongo, Enrico
3d79c5bb-e1e1-4071-8a9d-580736505063
Cordeiro, Lucas
fc7cb054-f39e-4013-9faa-a471bd006596
Fischer, Bernd
0c9575e6-d099-47f1-b3a2-2dbc93c53d18
Nicole, Denis
0aca6dd1-833f-4544-b7a4-58fb91c7395a

Gadelha, Mikhail R., Steffinlongo, Enrico, Cordeiro, Lucas, Fischer, Bernd and Nicole, Denis (2019) SMT-based refutation of spurious bug reports in the clang static analyzer. In ICSE '19 Proceedings of the 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings. IEEE Press. pp. 11-14 . (doi:10.1109/ICSE-Companion.2019.00026).

Record type: Conference or Workshop Item (Paper)

Abstract

We describe and evaluate a bug refutation extension for the Clang Static Analyzer (CSA) that addresses the limitations of the existing built-in constraint solver. In particular, we complement CSA's current heuristics for removing spurious bug reports. We encode the path constraints produced by CSA as Satisfiability Modulo Theories (SMT) problems, use SMT solvers to precisely check them for satisfiability, and remove bug reports whose associated path constraints are unsatisfiable. Our refutation extension refutes spurious bug reports in 8 out of 12 widely used open-source applications; on average, it refutes ca. 7% of all bug reports, and never refutes any true bug report. It incurs only negligible performance overheads, and on average adds 1.2% to the runtime of the full Clang/LLVM toolchain. A demonstration is available at https://www.youtube.com/watch?v=ylW5iRYNsGA

Text
SMT-based refutation of spurious bug reports in the clang static analyzer
Restricted to Repository staff only
Request a copy

More information

Accepted/In Press date: 29 October 2018
Published date: May 2019
Additional Information: arXiv is AM
Venue - Dates: 41st International Conference on Software Engineering, Montreal, Canada, 2019-05-25 - 2019-05-31

Identifiers

Local EPrints ID: 433144
URI: https://eprints.soton.ac.uk/id/eprint/433144
PURE UUID: 608d4a3a-e5d7-47d9-a05b-06e3e7f7581e

Catalogue record

Date deposited: 09 Aug 2019 16:30
Last modified: 18 Nov 2019 17:32

Export record

Altmetrics

Contributors

Author: Mikhail R. Gadelha
Author: Enrico Steffinlongo
Author: Lucas Cordeiro
Author: Bernd Fischer
Author: Denis Nicole

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×