On abstraction refinement for program analyses in Datalog

Zhang, Xin; Mangal, Ravi; Grigore, Radu; Naik, Mayur; Yang, Hongseok

doi:10.1145/2666356.2594327

Cited by 29 publications

(21 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Abstraction re nement has been widely studied in concurrent program veri cation. Most of these work employs predicate abstraction to address the data space explosion problem [11,12,[21][22][23]42]. In predicate abstraction, it uses a nite number of predicates to abstract the program.…”

Section: Related Workmentioning

confidence: 99%

On Scheduling Constraint Abstraction for Multi-Threaded Program Verification

Yin

Dong

Liu

et al. 2020

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Bounded model checking is among the most e cient techniques for the automatic veri cation of concurrent programs. However, encoding all possible interleavings o en requires a huge and complex formula, which signi cantly limits the salability. is paper proposes a novel and e cient abstraction re nement method for multi-threaded program veri cation. Observing that the huge formula is usually dominated by the exact encoding of the scheduling constraint, this paper proposes a scheduling constraint based abstraction re nement method, which avoids the huge and complex encoding of BMC. In addition, to obtain an e ective re nement, we have devised two graph-based algorithms over event order graph for counterexample validation and re nement generation, which can always obtain a small yet e ective re nement constraint. Enhanced by two constraint-based algorithms for counterexample validation and re nement generation, we have proved that our method is sound and complete w.r.t. the given loop unwinding depth. Experimental results on SV-COMP 2017 benchmarks indicate that our method is promising and signi cantly outperforms the existing state-of-the-art tools.CCS Concepts: •So ware and its engineering → So ware veri cation and validation;

show abstract

Section: Related Workmentioning

confidence: 99%

On Scheduling Constraint Abstraction for Multi-Threaded Program Verification

Yin

Dong

Liu

et al. 2020

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

show abstract

“…Furthermore, we rely on a Datalog based declarative analysis framework [20,45,71,72,76] to implement and refine the type inference rules, which can infer H D(t2, t3) as SID instead of UKD. We also leverage domain-specific optimizations, such as precomputing certain Datalog facts and using compiler's backend information, to reduce cost and improve accuracy.…”

Section: Identifying the Hd Leaksmentioning

confidence: 99%

Mitigating power side channels during compilation

Wang

Sung

Wang

2019

Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of

View full text Add to dashboard Cite

The code generation modules inside modern compilers such as GCC and LLVM, which use a limited number of CPU registers to store a large number of program variables, may introduce sidechannel leaks even in software equipped with state-of-the-art countermeasures. We propose a program analysis and transformation based method to eliminate this side channel. Our method has a type-based technique for detecting leaks, which leverages Datalogbased declarative analysis and domain-specific optimizations to achieve high efficiency and accuracy. It also has a mitigation technique for the compiler's backend, more specifically the register allocation modules, to ensure that potentially leaky intermediate computation results are always stored in different CPU registers or spilled to memory with isolation. We have implemented and evaluated our method in LLVM for the x86 instruction set architecture. Our experiments on cryptographic software show that the method is effective in removing the side channel while being efficient, i.e., our mitigated code is more compact and runs faster than code mitigated using state-of-the-art techniques.

show abstract

“…There is a large literature on static points-to analysis [5,15,28,38,45], including formulations based on set-constraints and context-free language reachability [22,23,33,42]. Recent work has focused on improving context-sensitivity [25,40,41,44,47]. Using specifications in conjunction with these analyses can improve precision, scalability, and even soundness.…”

Section: Related Workmentioning

confidence: 99%

Active learning of points-to specifications

Bastani

Sharma

Aiken

et al. 2018

Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation

View full text Add to dashboard Cite

When analyzing programs, large libraries pose significant challenges to static points-to analysis. A popular solution is to have a human analyst provide points-to specifications that summarize relevant behaviors of library code, which can substantially improve precision and handle missing code such as native code. We propose Atlas, a tool that automatically infers points-to specifications. Atlas synthesizes unit tests that exercise the library code, and then infers points-to specifications based on observations from these executions. Atlas automatically infers specifications for the Java standard library, and produces better results for a client static information flow analysis on a benchmark of 46 Android apps compared to using existing handwritten specifications.

show abstract

On abstraction refinement for program analyses in Datalog

Cited by 29 publications

References 27 publications

On Scheduling Constraint Abstraction for Multi-Threaded Program Verification

On Scheduling Constraint Abstraction for Multi-Threaded Program Verification

Mitigating power side channels during compilation

Active learning of points-to specifications

Contact Info

Product

Resources

About