Loop Summarization Using Abstract Transformers

Authors:
Daniel Kroening;Natasha Sharygina;Stefano Tonetta;Aliaksei Tsitovich;Christoph M. Wintersteiger
Affiliations:
Computing Laboratory, Oxford University, UK;University of Lugano, Switzerland and School of Computer Science, Carnegie Mellon University, USA;Fondazione Bruno Kessler, Trento, Italy;University of Lugano, Switzerland;Computer Systems Institute, ETH Zurich, Switzerland
Venue:
ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
Year:
2008

Citing 19
Cited 11

Fast Algorithms for Solving Path Problems

Journal of the ACM (JACM)
Model checking

Model checking
Finding bugs with a constraint solver

Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis
Automatic discovery of linear restraints among variables of a program

POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks

POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Comparing the Galois Connection and Widening/Narrowing Approaches to Abstract Interpretation

PLILP '92 Proceedings of the 4th International Symposium on Programming Language Implementation and Logic Programming
Construction of Abstract State Graphs with PVS

CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
CSSV: towards a realistic tool for statically detecting all buffer overflows in C

PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Predicate Abstraction of ANSI-C Programs Using SAT

Formal Methods in System Design
Testing static analysis tools using exploitable buffer overflows from open source code

Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
An overview of the saturn project

PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A buffer overflow benchmark for software model checkers

Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Computing Predicate Abstractions by Integrating BDDs and SMT Solvers

FMCAD '07 Proceedings of the Formal Methods in Computer Aided Design
Calysto: scalable and precise extended static checking

Proceedings of the 30th international conference on Software engineering
Low-level library analysis and summarization

CAV'07 Proceedings of the 19th international conference on Computer aided verification
SMT techniques for fast predicate abstraction

CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Predicate abstraction via symbolic decision procedures

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Approximating predicate images for bit-vector logic

TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems

Detection of Security Vulnerabilities Using Guided Model Checking

ICLP '08 Proceedings of the 24th International Conference on Logic Programming
Abstract Model Checking without Computing the Abstraction

FM '09 Proceedings of the 2nd World Congress on Formal Methods
Symbolic object code analysis

SPIN'10 Proceedings of the 17th international SPIN conference on Model checking software
Loop summarization and termination analysis

TACAS'11/ETAPS'11 Proceedings of the 17th international conference on Tools and algorithms for the construction and analysis of systems: part of the joint European conferences on theory and practice of software
Software verification using k-induction

SAS'11 Proceedings of the 18th international conference on Static analysis
A lightweight approach for loop summarization

ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Termination analysis with compositional transition invariants

CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Invariant functions and invariant relations: An alternative to invariant assertions

Journal of Symbolic Computation
Loop leaping with closures

SAS'12 Proceedings of the 19th international conference on Static Analysis
Abstract interpretation of microcontroller code: Intervals meet congruences

Science of Computer Programming
Under-Approximating loops in c programs for fast counterexample detection

CAV'13 Proceedings of the 25th international conference on Computer Aided Verification

Quantified Score

Hi-index	0.00

Visualization

Abstract

Existing program analysis tools that implement abstraction rely on saturating procedures to compute over-approximations of fixpoints. As an alternative, we propose a new algorithm to compute an over-approximation of the set of reachable states of a program by replacing loops in the control flow graph by their abstract transformer. Our technique is able to generate diagnostic information in case of property violations, which we call leaping counterexamples. We have implemented this technique and report experimental results on a set of large ANSI-C programs using abstract domains that focus on properties related to string-buffers.