Guided Static Analysis
نویسندگان
چکیده
Abstract. In static analysis, the semantics of the program is expressed as a set of equations. The equations are solved iteratively over some abstract domain. If the abstract domain is distributive and satisfies the ascending-chain condition, an iterative technique yields the most precise solution for the equations. However, if the above properties are not satisfied, the solution obtained is typically imprecise. Moreover, due to the properties of widening operators, the precision loss is sensitive to the order in which the state-space is explored. In this paper, we introduce guided static analysis, a framework for controlling the exploration of the state-space of a program. The framework guides the statespace exploration by applying standard static-analysis techniques to a sequence of modified versions of the analyzed program. As such, the framework does not require any modifications to existing analysis techniques, and thus can be easily integrated into existing static-analysis tools. We present two instantiations of the framework, which improve the precision of widening in (i) loops with multiple phases and (ii) loops in which the transformation performed on each iteration is chosen non-deterministically.
منابع مشابه
Optimizing the Static and Dynamic Scheduling problem of Automated Guided Vehicles in Container Terminals
The Minimum Cost Flow (MCF) problem is a well-known problem in the area of network optimisation. To tackle this problem, Network Simplex Algorithm (NSA) is the fastest solution method. NSA has three extensions, namely Network Simplex plus Algorithm (NSA+), Dynamic Network Simplex Algorithm (DNSA) and Dynamic Network Simplex plus Algorithm (DNSA+). The objectives of the research reported in this...
متن کاملCounterexample Guided Path Reduction for Static Program Analysis
In this work we introduce counterexample guided path reduction based on interval constraint solving for static program analysis. The aim of this technique is to reduce the number of false positives by reducing the number of feasible paths in the abstraction iteratively. Given a counterexample, a set of observers is computed which exclude infeasible paths in the next iteration. This approach com...
متن کاملGuided Testing of Concurrent Programs Using Value Schedules
Testing concurrent programs remains a difficult task due to the non-deterministic nature of concurrent execution. Many approaches have been proposed to tackle the complexity of uncovering potential concurrency bugs. Static analysis tackles the problem by analyzing a concurrent program looking for situations/patterns that might lead to possible errors during execution. In general, static analysi...
متن کاملStatically-Guided Fork-based Symbolic Execution for Vulnerability Detection
Fork-based symbolic execution would waste large amounts of computing time and resource on invulnerable paths when applied to vulnerability detection. In this paper, we propose a statically-guided fork-based symbolic execution technique for vulnerability detection to mitigate this problem. In static analysis, we collect all valid jumps along vulnerable paths, and define the priority for each pro...
متن کاملAn Efficient Extension of Network Simplex Algorithm
In this paper, an efficient extension of network simplex algorithm is presented. In static scheduling problem, where there is no change in situation, the challenge is that the large problems can be solved in a short time. In this paper, the Static Scheduling problem of Automated Guided Vehicles in container terminal is solved by Network Simplex Algorithm (NSA) and NSA+, which extended the stand...
متن کامل