U. V. Tsiazhkorob, V. N. Ignatyev, A. A. Belevancev, “Detection of uses of disposed resources in C# source code using static analysis”, Proceedings of ISP RAS, 2022, Volume 34, Issue 6,Pages <nobr>41

Detection of uses of disposed resources in C# source code using static analysis

U. V. Tsiazhkorob^ab, V. N. Ignatyev^ac, A. A. Belevancev^ca

^a Ivannikov Institute for System Programming of the RAS
^b Moscow Institute of Physics and Technology
^c Lomonosov Moscow State University

Abstract: The paper is devoted to the scalable approach for the detection of uses of disposed resources in C# source code, that is based on static symbolic execution. The resulting detector is implemented as a part of an industrial SharpChecker, that performs a scalable inter-procedural path-, and context-sensitive analysis. The evaluation of the developed detector shows 70% true positive ratio allowing it to include to the standard set of detectors and provide functionality to users. The paper describes a detection algorithm that takes into account the limitations imposed by the existing infrastructure of SharpChecker, its evaluation on the set of open-source programs containing 6 mln LOC and some examples of found errors in real projects.

Keywords: static analysis, symbolic execution, use-after-free, bug detection, disposed resource

DOI: 10.15514/ISPRAS-2022-34(6)-3