ABSTRACT
K-limited path-sensitive interval domain is an abstract domain that has been proposed for precise and scalable analysis of large software systems. The domain maintains variables’ value ranges in the form of intervals along a configurable K subsets of paths at each program point, which implicitly provides co-relation among variables. When the number of paths at the join point exceeds K, the set of paths are partitioned into K subsets, arbitrarily, which results in loss of precision required to verify program properties. To address this problem, we propose selective merging of paths - identify and merge paths in such a way that the intervals computed help verifying more properties. Our selective path-sensitive approach is based on the knowledge of variables whose values influence the verification outcomes of program properties. We evaluated our approach on industrial automotive applications as well as academic benchmarks. We show benefits of selective path merging over arbitrary path selection by verifying 40% more properties.
- 2021. SV-COMP 2021 - 10th International Competition on Software Verification. http://sv-comp.sosy-lab.org/2021/Google Scholar
- Mohammad Afzal, Supratik Chakraborty, Avriti Chauhan, Bharti Chimdyalwar, Priyanka Darke, Ashutosh Gupta, Shrawan Kumar, Charles Babu, Divyesh Unadkat, and R Venkatesh. 2020. VeriAbs: Verification by Abstraction and Test Generation (Competition Contribution). In International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2020. 383–387. https://doi.org/10.1007/978-3-030-45237-7_25 Google ScholarCross Ref
- Astrée. [n.d.]. The Astrée Static Analyzer. http://www.astree.ens.fr/Google Scholar
- Julien Bertrane, Patrick Cousot, Radhia Cousot, J�r�me Feret, Laurent Mauborgne, Antoine Min�, and Xavier Rival. 2015. Static Analysis and Verification of Aerospace Software by Abstract Interpretation. Foundations and Trends in Programming Languages, 2, 2-3 (2015), https://doi.org/10.1561/2500000002 Google ScholarDigital Library
- Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala, and Rupak Majumdar. 2007. The Software Model Checker Blast: Applications to Software Engineering. International Journal on Software Tools for Technology Transfer, STTT, 9, 5-6, 505–525. https://doi.org/10.1007/s10009-007-0044-z Google ScholarCross Ref
- Gianfranco Bilardi and Keshav Pingali. 1996. A Framework for Generalized Control Dependence. In Proceedings of the ACM SIGPLAN 1996 Conference on Programming Language Design and Implementation (PLDI ’96). ACM, New York, NY, USA. 291–300. isbn:0-89791-795-2 https://doi.org/10.1145/231379.231435 Google ScholarDigital Library
- Bharti Chimdyalwar and Priyanka Darke. 2018. Statically relating program properties for efficient verification (short WIP paper). In Proceedings of the 19th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems, LCTES 2018, Philadelphia, PA, USA, June 19-20, 2018, Zheng Zhang and Christophe Dubach (Eds.). ACM, 99–103. https://doi.org/10.1145/3211332.3211341 Google ScholarDigital Library
- Patrick Cousot and Radhia Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL ’77). ACM, New York, NY, USA. 238–252. https://doi.org/10.1145/512950.512973 Google ScholarDigital Library
- P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. 2005. The Astrée Analyzer. In ESOP’05. https://doi.org/10.1007/978-3-540-31987-0_3 Google ScholarDigital Library
- Facebook. [n.d.]. Infer. https://cacm.acm.org/magazines/2019/8/238344-scaling-static-analyses-at-facebook/fulltextGoogle Scholar
- Shrawan Kumar, Amitabha Sanyal, and Uday Khedker. 2015. Value Slice: A New Slicing Concept for Scalable Property Checking. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 101–115. https://doi.org/10.1007/978-3-662-46681-0_7 Google ScholarDigital Library
- MathWorks. [n.d.]. Polyspace Embedded Software Verification. http://www.mathworks.in/products/polyspace/Google Scholar
- Kumar S., Chimdyalwar B., and Shrotri U.. 2013. Precise range analysis on large industry code. In ESEC/FSE 2013:Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering. ACM, 675–678. https://doi.org/10.1145/2491411.2494569 Google ScholarDigital Library
Index Terms
- Selective path-sensitive interval analysis (WIP paper)
Recommendations
Comprehensive path-sensitive data-flow analysis
CGO '08: Proceedings of the 6th annual IEEE/ACM international symposium on Code generation and optimizationData-flow analysis is an integral part of any aggressive optimizing compiler. We propose a framework for improving the precision of data-flow analysis in the presence of complex control-flow. We initially perform data-flow analysis to determine those ...
Selective X-Sensitive Analysis Guided by Impact Pre-Analysis
We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to improve the precision that matters for resolving given queries. The ...
Refining buffer overflow detection via demand-driven path-sensitive analysis
PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineeringAlthough static analysis is an important technique for detecting buffer overflow before software deployment, current static tools rely on considerable human effort for annotating code to help analysis, or for diagnosing warnings, many of which are false ...
Comments