Path-Sensitive Data Flow Analysis Simplified
نویسندگان
چکیده
Path-sensitive data flow analysis pairs classical data flow analysis with an analysis of feasibility of paths to improve precision. In this paper we propose a framework for path-sensitive backward data flow analysis that is enhanced with an abstraction of the predicate domain. The abstraction is based on a three-valued logic. It follows the strategy that path predicates are simplified if possible (without calling an external predicate solver) and every predicate that could not be reduced to a simple predicate is abstracted to the unknown value, for which the feasibility is undecided. The implementation of the framework scales well and delivers promising results.
منابع مشابه
Towards a Flow- and Path-Sensitive Information Flow Analysis: Technical Report
This paper investigates a flowand path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an information flow analysis with fixed labels can be both flowand path-sensitive. The novel analysis has two major components: 1) a general-purpose program transform...
متن کاملEfficient Protection of Path-Sensitive Control Security
Control-Flow Integrity (CFI), as a means to prevent control-flow hijacking attacks, enforces that each instruction transfers control to an address in a set of valid targets. The security guarantee of CFI thus depends on the definition of valid targets, which conventionally are defined as the result of a static analysis. Unfortunately, previous research has demonstrated that such a definition, a...
متن کاملInferring origin–destination trip matrices with a decoupled GLS path flow estimator
Recently, path flow estimators (PFE) have been used for the estimation of origin–destination (O–D) matrices. This paper develops a formulation that incorporates a decoupled path flow estimator in a generalized least squares (GLS) framework. The approach seeks to solve a GLS problem that minimizes the sum of errors in traffic counts and O–D matrices based on an equilibrium assignment mapping der...
متن کاملA Path-Sensitive Control Flow Graph
Control Flow Graph (CFG) is a compact representation of all executable paths of a program and it is central to most program analyses. Unfortunately, the direct use of a CFG has two major sources of imprecision: (a) the existence of infeasible paths, and (b) the merging of states along incoming edges of a control-flow merge. Addressing these two problems is the path-sensitivity issue, and it is ...
متن کاملFrequency Domain Model Simplification of Cumulative Mass Fraction in CMSMPR Crystallizer
In this contribution, linearized dynamic model of Cumulative Mass Fraction (CMF) of Potassium Nitrate-Water Seeded Continues Mixed Suspension Mixed Product Removal (CMSMPR) crystallizer is approximated by a simplified model in frequency domain. Frequency domain model simplification is performed heuristically using the frequency response of the derived linearized models data. However, the CM...
متن کامل