Trace Partitioning in Abstract Interpretation Based Static Analyzers

نویسندگان

Laurent Mauborgne

Xavier Rival

چکیده

When designing a tractable static analysis, one usually needs to approximate the trace semantics. This paper proposes a systematic way of regaining some knowledge about the traces by performing the abstraction over a partition of the set of traces instead of the set itself. This systematic refinement is not only theoretical but tractable: we give automatic procedures to build pertinent partitions of the traces and show the efficiency on an implementation integrated in the Astrée static analyzer, a tool capable of dealing with industrial-size software.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Static Analysis by Abstract Interpretation of Sequential and Multithreaded Programs

In the realm of embedded critical systems, it is crucial to guarantee the correctness of programs before they are deployed. Static analyzers can help by detecting at compile-time potentially erroneous program behaviors: they perform sound over-approximations to achieve an efficient analysis while not missing any potential behavior. We discuss the systematic design of such analyzers using abstra...

متن کامل

Tutorial on Static Inference of Numeric Invariants by Abstract Interpretation

Born in the late 70s, Abstract Interpretation has proven an effective method to construct static analyzers. It has led to successful program analysis tools routinely used in avionic, automotive, and space industries to help ensuring the correctness of mission-critical software. This tutorial presents Abstract Interpretation and its use to create static analyzers that infer numeric invariants on...

متن کامل

Automatic Coq Proofs Generation from Static Analyzers by Lightweight Instrumentation

This paper deals with program verification and more precisely with the question of how to provide verifiable evidence that a program verifies certain semantics properties. Program processing tools such as compiler or static analyzers are complex pieces of software which may contain errors. The idea of using analyzers as guessing algorithms and proving the discovered properties by independent me...

متن کامل

On the Relative Completeness of Bytecode Analysis Versus Source Code Analysis

We discuss the challenges faced by bytecode analyzers designed for code verification compared to similar analyzers for source code. While a bytecode-level analysis brings many simplifications, e.g., fewer cases, independence from source syntax, name resolution, etc., it also introduces precision loss that must be recovered either via preprocessing, more precise abstract domains, more precise tr...

متن کامل

Localizing Widening and Narrowing

We show two strategies which may be easily applied to standard abstract interpretation-based static analyzers. They consist in 1) restricting the scope of widening, and 2) intertwining the computation of ascending and descending chains. Using these optimizations it is possible to improve the precision of the analysis, without any change to the abstract domains.

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2005

Trace Partitioning in Abstract Interpretation Based Static Analyzers

نویسندگان

چکیده

منابع مشابه

Static Analysis by Abstract Interpretation of Sequential and Multithreaded Programs

Tutorial on Static Inference of Numeric Invariants by Abstract Interpretation

Automatic Coq Proofs Generation from Static Analyzers by Lightweight Instrumentation

On the Relative Completeness of Bytecode Analysis Versus Source Code Analysis

Localizing Widening and Narrowing

عنوان ژورنال:

اشتراک گذاری