Abstract

An approach to the static verification of the program source code for correct memory usage is considered. The method is based on the use of symbolic graphs for representing the program memory. An extension of symbolic memory graphs that makes it possible to use predicates over symbolic values to improve the precision of analysis is proposed. These predicates cut off the unreachable paths thus reducing the number of false positives and detect new bugs due to adding new checks of symbolic values. The method is implemented on the basis of the CPAchecker tool. The practical usefulness demonstrated on drivers of the Linux kernel.

中文翻译：

---

符号内存图的谓词扩展，用于内存安全正确性分析

摘要

考虑一种对程序源代码进行静态验证以正确使用内存的方法。该方法基于使用符号图表示程序存储器。提出了符号存储图的扩展，该扩展使得可以使用对符号值的谓词来提高分析的精度。这些谓词切断了无法到达的路径，从而减少了误报的数量，并由于添加了新的符号值检查而检测到新的错误。该方法是基于CPAchecker工具实现的。在Linux内核的驱动程序上展示了实用性。