TY - GEN
T1 - Program analysis using symbolic ranges
AU - Sankaranarayanan, Sriram
AU - Ivančić, Franjo
AU - Gupta, Aarti
PY - 2007
Y1 - 2007
N2 - Interval analysis seeks static lower and upper bounds on the values of program variables. These bounds are useful, especially for inferring invariants to prove buffer overflow checks. In practice, however, intervals by themselves are often inadequate as invariants due to the lack of relational information among program variables. In this paper, we present a technique for deriving symbolic bounds on variable values. We study a restricted class of polyhedra whose constraints are stratified with respect to some variable ordering provided by the user, or chosen heuristically. We define a notion of normalization for such constraints and demonstrate polynomial time domain operations on the resulting domain of symbolic range constraints. The abstract domain is intended to complement widely used domains such as intervals and octagons for use in buffer overflow analysis. Finally, we study the impact of our analysis on commercial software using an overflow analyzer for the C language.
AB - Interval analysis seeks static lower and upper bounds on the values of program variables. These bounds are useful, especially for inferring invariants to prove buffer overflow checks. In practice, however, intervals by themselves are often inadequate as invariants due to the lack of relational information among program variables. In this paper, we present a technique for deriving symbolic bounds on variable values. We study a restricted class of polyhedra whose constraints are stratified with respect to some variable ordering provided by the user, or chosen heuristically. We define a notion of normalization for such constraints and demonstrate polynomial time domain operations on the resulting domain of symbolic range constraints. The abstract domain is intended to complement widely used domains such as intervals and octagons for use in buffer overflow analysis. Finally, we study the impact of our analysis on commercial software using an overflow analyzer for the C language.
UR - http://www.scopus.com/inward/record.url?scp=38149024879&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38149024879&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-74061-2_23
DO - 10.1007/978-3-540-74061-2_23
M3 - Conference contribution
AN - SCOPUS:38149024879
SN - 9783540740605
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 366
EP - 383
BT - Static Analysis - 14th International Symposium, SAS 2007, Proceedings
PB - Springer Verlag
T2 - 14th International Static Analysis Symposium, SAS 2007
Y2 - 22 August 2007 through 24 August 2007
ER -