Precise range analysis on large industry code

Authors:
Shrawan Kumar;Bharti Chimdyalwar;Ulka Shrotri
Affiliations:
Tata Consultancy Services, India;Tata Consultancy Services, India;Tata Consultancy Services, India
Venue:
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Year:
2013

Citing 11
Cited 0

Unification-based pointer analysis with directional assignments

PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A New Numerical Abstract Domain Based on Difference-Bound Matrices

PADO '01 Proceedings of the Second Symposium on Programs as Data Objects
Varieties of Static Analyzers: A Comparison with ASTREE

TASE '07 Proceedings of the First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering
A Comparative Study of Industrial Static Analysis Tools

Electronic Notes in Theoretical Computer Science (ENTCS)
Why does Astrée scale up?

Formal Methods in System Design
Static program analysis of large embedded code base: an experience

Proceedings of the 4th India Software Engineering Conference
Survey of array out of bound access checkers for C code

Proceedings of the 5th India Software Engineering Conference
Trace partitioning in abstract interpretation based static analyzers

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
The ASTREÉ analyzer

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Counterexample driven refinement for abstract interpretation

TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Abstract interpretation is widely used to perform static code analysis with non-relational (interval) as well as relational (difference-bound matrices, polyhedral) domains. Analysis using non-relational domains is highly scalable but delivers imprecise results, whereas, use of relational domains produces precise results but does not scale up. We have developed a tool that implements K-limited path sensitive interval domain analysis to get precise results without losing on scalability. The tool was able to successfully analyse 10 million lines of embedded code for different properties such as division by zero, array index out of bound (AIOB), overflow-underflow and so on. This paper presents details of the tool and results of our experiments for detecting AIOB property. A comparison with the existing tools in the market demonstrates that our tool is more precise and scales better.