Context and motivation Relaxed slicing Related work and conclusion
Cut Branches Before Looking for Bugs: Sound Verification on Relaxed Slices Nikolai Kosmatov Joint work with Jean-Christophe Léchenet, Pascale Le Gall presented at ETAPS/FASE 2016
Journées DigiCosme, le 12 avril 2016.
J.-C. Léchenet,N. Kosmatov, P. Le Gall
Sound Verification on Relaxed slices
1 / 24
Context and motivation Relaxed slicing Related work and conclusion
Static backward slicing Background Motivation
Context: Frama-C toolset
Frama-C: an extensible platform for analysis of C code Developed by CEA LIST and Inria Offers plugins for value analysis, proof, testing, slicing... Supports ACSL annotation language Facilitates combinations of individual analyzers http://frama-c.com/
J.-C. Léchenet,N. Kosmatov, P. Le Gall
Sound Verification on Relaxed slices
2 / 24
Context and motivation Relaxed slicing Related work and conclusion
Static backward slicing Background Motivation
SANTE: Combined analysis for runtime error detection Program p Value analysis Program p, Alarms Program slicing Slice p 0 , Alarms
Value analysis detects alarms Slicing reduces the program (w.r.t. one or several alarms) Testing (PathCrawler) is used to generate tests on a reduced program to diagnose alarms (after adding error branches to trigger errors) Diagnostic
Test generation Diagnostic
J.-C. Léchenet,N. Kosmatov, P. Le Gall
bug if a counter-example found if not, and all paths were explored, the alarm is safe otherwise, unknown
Sound Verification on Relaxed slices
3 / 24
Context and motivation Relaxed slicing Related work and conclusion
Static backward slicing Background Motivation
Definition
Static backward slicing (introduced by Weiser in 1981) simplifies a given program p but preserves the behavior w.r.t. a point of interest C (slicing criterion, typically a statement) removes irrelevant statements that do not impact C produces a simplified program q (slice)
J.-C. Léchenet,N. Kosmatov, P. Le Gall
Sound Verification on Relaxed slices
4 / 24
Context and motivation Relaxed slicing Related work and conclusion
Static backward slicing Background Motivation
Example: a program and a slice Check if a is divisible by b. 1 : q = 0; 2 : r = a; 3 : while (b
The considered language and its semantics are defined in Sec. 3. Sec. ..... variables appearing in its branches (or loop body) do not belong to refplq. We ..... Weiser [34] introduced the basics of intraprocedural and interprocedural static slicing.
assignment of variable v, and H otherwise), and let refplq be the set of variables .... T â xpl1,Ï1q ... plk,Ïkq ... y to L, denoted ProjLpTq, is defined element-wise:.
23 nov. 2009 - insulation displacement connector's (IDC) blades. 8. Verify that the punchdown tool has seated the wire completely and correctly in the IDC.
Wind tunnel data prior to the mid-1930s presented airfoil data this way, usually for a wing with an aspect ratio of 6. ..... All VG dimensions are with regard to.
to tip losses. Wind tunnel data prior to the mid-1930s ..... when flying slowly at high power ... AIAA-96-2418-CP, âAerodynamics of the Gurney Flap,â Jeffrey and.
Oct 13, 2006 - field; Dr. Robert Smith, Tucson; Herbert Tiepelt, Immenstaad; Dr. ... Weihrauch, New York; DI Heinz Wiesbauer, Wien; Dr. Herbert Zettel, ...
In section 2, we present the research progress in perceptive psychology and the handwriting recognition systems inspire on this results. In section 3, we describe ...
20 sept. 2013 - changes to the Safety of Life at Sea (SOLAS) convention that will require verification of container weights before loaded containers are placed ...
20 sept. 2013 - (DSC) Sub-committee of the International Maritime Organization (IMO) for today ... crews, and other cargo on board, workers in the port facilities ...
1 Introduction ... [3] formalize a Denning-style static analysis as a type system for a ... system with respect to TINI, while typing a larger subset of secure programs in comparison ...... 2012) http://frama-c.com/download/frama-c-value-analysis.pdf
INSERTING BLADE. 1. Align slot in center of punchdown blade with the pin located on the inside of the punchdown tool's barrel and insert blade (Fig. 1). 2.
The relative Engel law which is discussed here is related to Social. Interactions (related ... involves no restriction on the specification of the relative income effect.
to mere behaviour) in terms of causal connections among events is .... epistemology and the philosophy of mind. Enç's naturalistic ... human action and its causes. References ... sound, music, mise-en-scene, character, narrative, genre.
We all feel that there is an important difference between waking up and get- ting up. The latter is an action, the former isn't. But what exactly is the difference?
Dec 8, 2004 - been employed: the Apiezon wax for an academic study and the ... These two preliminary studies have clearly shown the feasibility of the ...
When talking about the location of places, we use cardinal directions. Below are the 4 common cardinal directions that are used. (North). (East). (West). (South) ...
offer a framework for studying the determinants of agency, the ability to ..... from the table) connected to a closed-circuit television system filmed the ... Answer NO in any other case, that is if you doubt that it was your ..... Iowa, Iowa City, I
responsibility to a few more people this autumn. In the mean time, I have been doing perhaps. 90% of the preaching, which, added to my weekly preaching in ...
Step 30 In CUCM Administration, choose Device > Trunk and click Add New. Step 31 ...... You will generate LSCs using CAPF and install them in the IP phone.
The safety property to be verified is the non collision between platoon vehicles. The ... safety property, generally by assessing that some logic formula F is an.
