Counterexample guided path reduction for static program analysis

Authors:
Ansgar Fehnker;Ralf Huuck;Sean Seefried
Affiliations:
National ICT Australia Ltd. (NICTA) Locked Bag 6016, University of New South Wales, Sydney NSW, Australia;National ICT Australia Ltd. (NICTA) Locked Bag 6016, University of New South Wales, Sydney NSW, Australia;National ICT Australia Ltd. (NICTA) Locked Bag 6016, University of New South Wales, Sydney NSW, Australia
Venue:
Concurrency, Compositionality, and Correctness
Year:
2010

Citing 11
Cited 4

Data flow analysis is model checking of abstract interpretations

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model Checking Software at Compile Time

TASE '07 Proceedings of the First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering
Precise fixpoint computation through strategy iteration

ESOP'07 Proceedings of the 16th European conference on Programming
Software verification with BLAST

SPIN'03 Proceedings of the 10th international conference on Model checking software
Using counterexamples for improving the precision of reachability computation with polyhedra

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Orion: high-precision methods for static error analysis of c and c++ programs

FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Counterexamples with loops for predicate abstraction

CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
SATABS: SAT-Based predicate abstraction for ANSI-C

TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Refining abstractions of hybrid systems using counterexample fragments

HSCC'05 Proceedings of the 8th international conference on Hybrid Systems: computation and control
A practical and complete approach to predicate refinement

TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Counterexample driven refinement for abstract interpretation

TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems

Model checking dataflow for malicious input

WESS '11 Proceedings of the Workshop on Embedded Systems Security
High Performance Static Analysis for Industry

Electronic Notes in Theoretical Computer Science (ENTCS)
SMT-based false positive elimination in static program analysis

ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
Model checking driven static analysis for the real world: designing and tuning large scale bug detection

Innovations in Systems and Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work we introduce counterexample guided path reduction based on interval constraint solving for static program analysis. The aim of this technique is to reduce the number of false positives by reducing the number of feasible paths in the abstraction iteratively. Given a counterexample, a set of observers is computed which exclude infeasible paths in the next iteration. This approach combines ideas from counterexample guided abstraction refinement for software verification with static analysis techniques that employ interval constraint solving. The advantage is that the analysis becomes less conservative than static analysis, while it benefits from the fact that interval constraint solving deals naturally with loops. We demonstrate that the proposed approach is effective in reducing the number of false positives, and compare it to other static checkers for C/C++ program analysis.