C# static analysis framework
The paper describes static analysis techniques that are used for defect detection in C# programs. The goal of proposed analysis approaches is to catch more defects within an acceptable amount of time. Although the paper contains a description of full analysis cycle, it mainly focuses on special aspe...
Uloženo v:
| Vydáno v: | Trudy Instituta sistemnogo programmirovaniâ Ročník 28; číslo 1; s. 21 - 40 |
|---|---|
| Hlavní autoři: | , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
Russian Academy of Sciences, Ivannikov Institute for System Programming
01.10.2018
|
| Témata: | |
| ISSN: | 2079-8156, 2220-6426 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | The paper describes static analysis techniques that are used for defect detection in C# programs. The goal of proposed analysis approaches is to catch more defects within an acceptable amount of time. Although the paper contains a description of full analysis cycle, it mainly focuses on special aspects that distinguish C# analysis approaches from well-known Java and C++ techniques. The paper illustrates methods that allow taking into account C# specialties of all analysis stages: call graph and control flow graph construction, data flow analysis, context- and path-sensitive interprocedural analysis. We propose an adaptation of symbolic execution methods inspired by Bounded Model Checking and Saturn Software Analysis Project. The paper also explains the organization of memory model, which is suitable for both a precise intraprocedural analysis and a creation of compact function-bound conditions used for interprocedural analysis. Special attention is paid to optimization of condition size and simplicity during a path sensitive-analysis. The conditions produced by a path-sensitive analysis are supposed to be solved by modern SMT solvers like Microsoft Z3 Prover. Different approaches to external functions modeling are covered. All proposed approaches are implemented in the SharpChecker static analysis tool and, as evaluated on several open source C# projects of varying size (1K - 1.35M lines of code), display good results and scalability. |
|---|---|
| AbstractList | The paper describes static analysis techniques that are used for defect detection in C# programs. The goal of proposed analysis approaches is to catch more defects within an acceptable amount of time. Although the paper contains a description of full analysis cycle, it mainly focuses on special aspects that distinguish C# analysis approaches from well-known Java and C++ techniques. The paper illustrates methods that allow taking into account C# specialties of all analysis stages: call graph and control flow graph construction, data flow analysis, context- and path-sensitive interprocedural analysis. We propose an adaptation of symbolic execution methods inspired by Bounded Model Checking and Saturn Software Analysis Project. The paper also explains the organization of memory model, which is suitable for both a precise intraprocedural analysis and a creation of compact function-bound conditions used for interprocedural analysis. Special attention is paid to optimization of condition size and simplicity during a path sensitive-analysis. The conditions produced by a path-sensitive analysis are supposed to be solved by modern SMT solvers like Microsoft Z3 Prover. Different approaches to external functions modeling are covered. All proposed approaches are implemented in the SharpChecker static analysis tool and, as evaluated on several open source C# projects of varying size (1K - 1.35M lines of code), display good results and scalability. |
| Author | Ignatyev, V. Borzilov, A. Koshelev, V. |
| Author_xml | – sequence: 1 givenname: V. surname: Koshelev fullname: Koshelev, V. – sequence: 2 givenname: V. surname: Ignatyev fullname: Ignatyev, V. – sequence: 3 givenname: A. surname: Borzilov fullname: Borzilov, A. |
| BookMark | eNo90E1LAzEQBuAgFay1_6CHghc9RGdm87XHUvwoFBSr55BkE9nadiUpiP_etRVPM_MeHob3nA123S4yNkG4QSlR3C5Wzy-zFSdAxclc4TWnEzYkIuBKkBr0O-iaG5TqjI1LWQMASdAV4JBN5pfTsnf7Nkzdzm2-S1umKbtt_OryxwU7TW5T4vhvjtjb_d3r_JEvnx4W89mSh94kHoUKCHX0tQAK0uiAVCWhVRO1p2CUSqBRap3IBBkdRKCIwjuM4I1U1Ygtjm7TubX9zO3W5W_budYegi6_W5f7FzfRKlTBu5BkI0AIML63nDdR1k1_VrK3xNEKuSslx_TvIdhDYfZYmP0tzJKxaC1VP3YSXdU |
| ContentType | Journal Article |
| DBID | AAYXX CITATION DOA |
| DOI | 10.15514/ISPRAS-2016-28(1)-2 |
| DatabaseName | CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2220-6426 |
| EndPage | 40 |
| ExternalDocumentID | oai_doaj_org_article_616cbacf5d404408be02ab8e59d44035 10_15514_ISPRAS_2016_28_1__2 |
| GroupedDBID | 642 AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ OK1 |
| ID | FETCH-LOGICAL-c1562-e46c109eb9402c587c123f476de7b2c866f071577f28c5ea0e02e14ba1e0b8563 |
| IEDL.DBID | DOA |
| ISSN | 2079-8156 |
| IngestDate | Mon Nov 03 22:08:02 EST 2025 Sat Nov 29 05:34:01 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c1562-e46c109eb9402c587c123f476de7b2c866f071577f28c5ea0e02e14ba1e0b8563 |
| OpenAccessLink | https://doaj.org/article/616cbacf5d404408be02ab8e59d44035 |
| PageCount | 20 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_616cbacf5d404408be02ab8e59d44035 crossref_primary_10_15514_ISPRAS_2016_28_1__2 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-10-01 |
| PublicationDateYYYYMMDD | 2018-10-01 |
| PublicationDate_xml | – month: 10 year: 2018 text: 2018-10-01 day: 01 |
| PublicationDecade | 2010 |
| PublicationTitle | Trudy Instituta sistemnogo programmirovaniâ |
| PublicationYear | 2018 |
| Publisher | Russian Academy of Sciences, Ivannikov Institute for System Programming |
| Publisher_xml | – name: Russian Academy of Sciences, Ivannikov Institute for System Programming |
| SSID | ssj0002507301 |
| Score | 2.0417507 |
| Snippet | The paper describes static analysis techniques that are used for defect detection in C# programs. The goal of proposed analysis approaches is to catch more... |
| SourceID | doaj crossref |
| SourceType | Open Website Index Database |
| StartPage | 21 |
| SubjectTerms | roslyn использование нулевого указателя поиск дефектов резюме функции статический анализ чувствительность к контексту чувствительность к путям |
| Title | C# static analysis framework |
| URI | https://doaj.org/article/616cbacf5d404408be02ab8e59d44035 |
| Volume | 28 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2220-6426 dateEnd: 20201231 omitProxy: false ssIdentifier: ssj0002507301 issn: 2079-8156 databaseCode: DOA dateStart: 20100101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1NS8NAEF2kePDit1itEtCDHpZmN_uVYy0WBSnFKvS2zG52oZcqtfr73UlSqScv3pIQwuTNJDOz7LxHyLWD4LzTJdWgORWVKChA1DSPUDDACHH1oPCTHo_NbFZONqS-cE9YQw_cANdXTHkHPspK1OrILuQcnAmyrNJpUbOXpqpno5nCf3BK7Bi6qCyXa1znkqqdm8MKof84nTwPpilCmKLc3LBbyn_lpQ36_jrPjPbJblsgZoPGsAOyFRaHZG8tvpC13-IR6Q2vMpwGmvsMWmKRLK53Wh2T19H9y_CBtlIH1CfTOA1CeZaXwZWpn_PSaJ8yShRaVUE77o1SMdUCUuvIjZcB8oRCYMIBC7kzUhUnpLN4W4RTkkUptC69cUU6kqnAKyuIsULCT4AQTJfQ9Yva94bRwmIngMDYBhiLwFhuLLOWd8kdovFzL_JR1xeSl2zrJfuXl87-4yHnZCcZ1rDRsh7prJaf4YJs-6_V_GN5WQfAN-jzsEg |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=C%23+static+analysis+framework&rft.jtitle=Trudy+Instituta+sistemnogo+programmirovani%C3%A2&rft.au=V.+.+Koshelev&rft.au=V.+.+Ignatyev&rft.au=A.+.+Borzilov&rft.date=2018-10-01&rft.pub=Russian+Academy+of+Sciences%2C+Ivannikov+Institute+for+System+Programming&rft.issn=2079-8156&rft.eissn=2220-6426&rft.volume=28&rft.issue=1&rft.spage=21&rft.epage=40&rft_id=info:doi/10.15514%2FISPRAS-2016-28%281%29-2&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_616cbacf5d404408be02ab8e59d44035 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2079-8156&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2079-8156&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2079-8156&client=summon |