Uncovering Hidden Dependencies: Constructing Intelligible Path Witnesses using Dataflow Analyses

Authors

DOI:

https://doi.org/10.14232/actacyb.299805

Keywords:

static analysis, symbolic execution, control dependency analysis, reaching definitions analysis, Clang Static Analyzer, report generation, code comprehension

Abstract

The lack of sound, concise and comprehensive error reports emitted by a static analysis tool can cause increased fixing cost, bottleneck at the availability of experts and even may undermine the trust in static analysis as a method. This paper presents novel techniques to improve the quality of bug reports for static analysis tools that employ symbolic execution. With the combination of data and control dependency analysis, we can identify the relevance of particular code snippets that were previously missing from the report. We demonstrated the benefits of our approach by implementing an improved bug report generator algorithm for the Clang Static Analyzer. After being tested by the open source community our solution became enabled by default in the tool.

Downloads

Download data is not yet available.

Author Biographies

Gábor Horváth, Department of Programming Languages and Compilers, Faculty of Informatics, Eötvös Loránd University, Budapest, Hungary

PhD at Eötvös Loránd University, Faculty of Informatics, Department of Programming Languages and Compilers

Zoltán Porkoláb, Department of Programming Languages and Compilers, Faculty of Informatics, Eötvös Loránd University, Budapest, Hungary

Associate Professor of the Department of Programming Languages and Compilers at the Faculty of Informatics, Eötvös Loránd University (ELTE), Budapest, Hungary.

Downloads

Published

2024-03-04

How to Cite

Umann, K., Horváth, G., & Porkoláb, Z. (2024). Uncovering Hidden Dependencies: Constructing Intelligible Path Witnesses using Dataflow Analyses. Acta Cybernetica, 26(3), 713–747. https://doi.org/10.14232/actacyb.299805

Issue

Section

Special Issue of the 13th Conference of PhD Students in Computer Science