Weak-assert: a weakness-oriented assertion recommendation toolkit for program analysis.

Cong Wang,Yu Jiang,Xibin Zhao,Xiaoyu Song,Ming Gu,Jiaguang Sun
DOI: https://doi.org/10.1145/3183440.3183471
2018-01-01
Abstract:Assertions are helpful in program analysis, such as software testing and verification. The most challenging part of automatically recommending assertions is to design the assertion patterns and to insert assertions in proper locations. In this paper, we develop Weak-Assert1, a weakness-oriented assertion recommendation toolkit for program analysis of C code. A weakness-oriented assertion is an assertion which can help to find potential program weaknesses. Weak-Assert uses well-designed patterns to match the abstract syntax trees of source code automatically. It collects significant messages from trees and inserts assertions into proper locations of programs. These assertions can be checked by using program analysis techniques. The experiments are set up on Juliet test suite and several actual projects in Github. Experimental results show that Weak-Assert helps to find 125 program weaknesses in 26 actual projects. These weaknesses are confirmed manually to be triggered by some test cases. The address of the abstract demo video is: https://youtu.be/_RWC4GJvRWc
What problem does this paper attempt to address?