Static analysis has long prevailed as a promising approach to detect program bugs at an early development process to increase software quality. However, such tools face great challenges to balance the false-positive rate and the false-negative rate in practical use. In this paper, we present VBSAC, a value-based static analyzer for C aiming to improve the precision and recall. In our tool, we employ a pluggable value-based analysis strategy. A memory skeleton recorder is designed to maintain the memory objects as a baseline. While traversing the control flow graph, diverse value-based plug-ins analyze the specific abstract domains and share program information to strengthen the computation. Simultaneously, checkers consume the corresponding analysis results to detect bugs. We also provide a user-friendly web interface to help users audit the bug detection results. Evaluation on two widely-used benchmarks shows that we perform better to state-of-the-art bug detection tools by finding 221-339 more bugs and improving F-Score 9.88%-40.32%.
Wed 17 JulDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
16:00 - 17:30 | |||
16:00 10mTalk | Go-Clone: Graph-Embedding Based Clone Detector for Golang Tool Demonstration Cong Wang Tsinghua University, Jian Gao School of Software, Tsinghua University, Yu Jiang , Zhenchang Xing Australia National University, Huafeng Zhang , Weiliang Ying , Ming Gu Tsinghua University, Jiaguang Sun | ||
16:10 10mTalk | VFQL: Combinational Static Analysis as Query Language Tool Demonstration | ||
16:20 10mTalk | VBSAC: A Value-Based Static Analyzer for C Tool Demonstration Li Chi Tsinghua University, Min Zhou Tsinghua University, Zuxing Gu School of Software, Tsinghua University, Guang Chen , Yuexing Wang , Jiecheng Wu Tsinghua University, Ming Gu Tsinghua University | ||
16:30 10mTalk | SAFEVM: A Safety Verifier for Ethereum Smart Contracts Tool Demonstration | ||
16:40 10mTalk | CoCoTest: Collaborative Crowdsourced Testing for Android Applications Tool Demonstration | ||
16:50 10mTalk | Androlic: An Extensible Flow, Context, Object, Field, and Path-Sensitive Static Analysis Framework for Android Tool Demonstration Linjie Pan Institute of Software, Chinese Academy of Sciences, Baoquan Cui , Jiwei Yan Institute of Software, Chinese Academy of Sciences, Xutong Ma , Jun Yan Institute of Software, Chinese Academy of Sciences, Jian Zhang Beihang University | ||
17:00 10mTalk | JQF: Coverage-guided Property-based Testing in Java Tool Demonstration Rohan Padhye University of California, Berkeley, Caroline Lemieux University of California, Berkeley, Koushik Sen University of California, Berkeley | ||
17:10 10mTalk | Ukwikora: Continuous inspection for Keyword-Driven Testing Tool Demonstration Renaud Rwemalika , Marinos Kintis , Mike Papadakis University of Luxembourg, Yves Le Traon University of Luxembourg, Pierre Lorrach | ||
17:20 10mTalk | CTRAS: A Tool for Aggregating and Summarizing Crowdsourced Test Reports Tool Demonstration Yuying Li State Key Laboratory for Novel Software Technology, Nanjing University, Rui Hao Nanjing University, China, Yang Feng University of California, Irvine, James Jones University of California, Irvine, Xiaofang Zhang , Zhenyu Chen Nanjing University | ||