A DSL for Resource Checking Using Finite State Automaton-Driven Symbolic Execution

Endre Fülöp 1  and Norbert Pataki 2
  • 1 Department of Programming Language and Compilers, Eötvös Loránd University
  • 2 ELTE Eötvös Loránd University, , Faculty of Informatics, 3in Research Group, Budapest, Hungary


Static analysis is an essential way to find code smells and bugs. It checks the source code without execution and no test cases are required, therefore its cost is lower than testing. Moreover, static analysis can help in software engineering comprehensively, since static analysis can be used for the validation of code conventions, for measuring software complexity and for executing code refactorings as well. Symbolic execution is a static analysis method where the variables (e.g. input data) are interpreted with symbolic values. Clang Static Analyzer is a powerful symbolic execution engine based on the Clang compiler infrastructure that can be used with C, C++ and Objective-C. Validation of resources’ usage (e.g. files, memory) requires finite state automata (FSA) for modeling the state of resource (e.g. locked or acquired resource). In this paper, we argue for an approach in which automata are in-use during symbolic execution. The generic automaton can be customized for different resources. We present our domain-specific language to define automata in terms of syntactic and semantic rules. We have developed a tool for this approach which parses the automaton and generates Clang Static Analyzer checker that can be used in the symbolic execution engine. We show an example automaton in our domain-specific language and the usage of generated checker.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Johnson B., Song Y., Murphy-Hill E., Bowdidge R., Why don’t software developers use static analysis tools to find bugs?, In: D. Notkin, B. H. C. Cheng, K. Pohl (Ed.), Proceedings of the 2013 International Conference on Software Engineering (18–26 May 2013, San Francisco, California, USA), IEEE Computer Society, 2013, 672–681

  • [2] King, C., Symbolic execution and program testing, Commun. ACM, 1976, 19, 385–394

  • [3] Nagappan N., Ball T., Static analysis tools as early indicators of pre-release defect density, In: G. Roman, W. G. Griswold, Ba. Nuseibeh (Ed.), Proceedings of the 27th International Conference on Software Engineering (15–21 May 2005, St. Louis, Missouri, USA), ACM, 2005, 580–586

  • [4] Meyers S., Effective C++, 3rd ed., Addison-Wesley, 2005

  • [5] Nethercote N., Seward J., Valgrind: A framework for heavyweight dynamic binary instrumentation, In: J. Ferrante, K. S. McKinley (Ed.), Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation (10–13 June 2007, San Diego, California, USA), ACM, 2007, 89–100

  • [6] Novitzká V., Mihályi D., Slodicak V., Finite automata in the mathematical theory of programming, In: E. Kovács, P. Olajos, T. Tómács (Ed.), Proceedings of the 7th International Conference on Applied Informatics vol. 2 (28–31 January 2007, Eger, Hungary), 2007, 91–98

  • [7] Arroyo M., Chiotta F., Bavera F., An user configurable clang static analyzer taint checker, In: C. Cubillos, H. Astudillo (Ed.), Proceedings of the 2016 35th International Conference of the Chilean Computer Science Society (10–14 October 2016, Valparaiso, Chile), IEEE, 2016, 1–12

  • [8] Fülöp E., Pataki N., Symbolic Execution with Finite State Automata, In: W. Steingartner,Ŝ. Koreĉky, A. Szakál (Ed.), Proceedings of the 2019 IEEE 15th International Scientific Conference on Informatics (20–22 November 2019, Poprad, Slovakia), IEEE, 116–120

  • [9] Babati B., Horváth G., Májer V., Pataki N., Static analysis toolset with Clang, In: G. Kusper, G. Kovásznai, R. Kunkli, S. Király, T. Tómács (Ed.), Proceedings of the 10th International Conference on Applied Informatics (30 January–1 February, 2017, Eger, Hungary), 2017, 23–29

  • [10] Horváth G., Pataki N., Source language representation of function summaries in static analysis, In: Proceedings of the 11th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems (17–22 July 2016, Rome, Italy), ACM, 2016, 6(1)–6(9)

  • [11] Szabó Cs., Kotul M., Petruš R., A closer look at software refactoring using symbolic execution, In: E. Kovács, G. Kusper, R. Kunkli, T. Tómács (Ed.), Proceedings of the 9th International Conference on Applied Informatics vol. 2 (29 January–1 February 2014, Eger, Hungary), 2014, 309–316

  • [12] Dewhurst S. C., C++ gotchas avoiding common problems in coding and design, Pearson Education, 2003

  • [13] Stroustrup B., The C++ programming language, 4th ed., Addison-Wesley, 2013

  • [14] Papp D., Pataki N., Bypassing memory leak in modern C++ realm, Annales Mathematicae et Informaticae, 2018, 48, 43–50

  • [15] Slabý J., Strejček J., Trtík M., Checking properties described by state machines: On synergy of instrumentation, slicing, and symbolic execution, In: M. Stoelinga, R. Pinger (Ed.), Formal Methods for Industrial Critical Systems (27–18 August 2012, Paris, France), 2012, 207–221

  • [16] Zhang Y., Chen Z., Wang J., Dong W., Liu Z., Regular property guided dynamic symbolic execution, In: A. Bertolino, G. Canfora, S. G. Elbaum (Ed.), Proceedings of the 37th IEEE International Conference on Software Engineering (Vol. 1) (16–24 May 2015, Florence, Italy), 2015, 643–653

  • [17] Starynkevitch B., MELT – a Translated Domain Specific Language Embedded in the GCC Compiler, In: O. Danvy, C. Shan (Ed.), Proceedings DSL 2011: IFIP Working Conference on Domain-Specific Languages (6–8 September 2011, Bordeaux, France) Electronic Proceedings in Theoretical Computer Science, 2011, 66, 118–142

  • [18] Sulír M., Bačíková M., Chodarev S., Porubän J., Visual augmentation of source code editors: A systematic mapping study, Journal of Visual Languages & Computing, 2018, 49, 46–59

  • [19] Mészáros M., Cserép M., Fekete A., Delivering comprehension features into source code editors through LSP, In: K. Skala (Ed.), Proceedings of the 42nd internal convention MIPRO 2019 (20–24 May 2019, Opatija, Croatia), 1581–1586

  • [20] Porkoláb Z., Sinkovics Á., Domain-specific language integration with compile-time parser generator library, In: E. Visser, J. Järvi (Ed.), Proceedings of the Ninth International Conference on Generative Programming and Component Engineering (10–13 October 2010, Eindhoven, The Netherlands), ACM SIGPLAN Notices, 2010, 46(2), 137–146


Journal + Issues