numerical static analysis with soot
play

Numerical static analysis with Soot Gianluca Amato Universit` a G. - PowerPoint PPT Presentation

May 23, 2023 •227 likes •859 views

Numerical static analysis with Soot Gianluca Amato Universit` a G. dAnnunzio di ChietiPescara ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis SOAP 2013 (joint work with Francesca Scozzari and

  1. Numerical static analysis with Soot Gianluca Amato Universit` a “G. d’Annunzio” di Chieti–Pescara ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis SOAP 2013 (joint work with Francesca Scozzari and Simone Di Nardo Di Maio) Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 1 / 26

  2. Jandom JVM-based Analyzer for Numerical DOMains forward intra-procedural analyses numerical properties different target languages a simple C -style imperative language linear transition systems Baf , Jimple (sort of. . . ) written in Scala (JVM-based comes from here) NEW features inter-procedural summary-based analysis pair sharing analyses Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 2 / 26

  3. Jandom JVM-based Analyzer for Numerical DOMains forward intra-procedural analyses numerical properties different target languages a simple C -style imperative language linear transition systems Baf , Jimple (sort of. . . ) written in Scala (JVM-based comes from here) NEW features inter-procedural summary-based analysis pair sharing analyses Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 2 / 26

  4. Jandom JVM-based Analyzer for Numerical DOMains forward intra-procedural analyses numerical properties different target languages a simple C -style imperative language linear transition systems Baf , Jimple (sort of. . . ) written in Scala (JVM-based comes from here) NEW features inter-procedural summary-based analysis pair sharing analyses HELP! looking for new acronym Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 2 / 26

  5. Jandom architecture Interpretation Interprocedural analyzer Flow graph analyzer Basic block analyzer ASM Jimple Baf Abstract environment Basic domains native PPL APRON Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 3 / 26

  6. Jandom architecture Interpretation Interprocedural analyzer Flow graph analyzer Basic block analyzer ASM Jimple Baf Abstract environment Basic domains native PPL APRON Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 3 / 26

  7. Basic domains Basic domains describe general properties of program executions and are not tied to a specific target language. several families of basic domains numerical domains sharing domains each family has its own API all basic domains support: lattice operations widening (upper bound which guarantees termination) similar to a FlowSet in Soot but immutable type safe no collection-style methods such as add , iterator , etc. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 4 / 26

  8. Basic domains Basic domains describe general properties of program executions and are not tied to a specific target language. several families of basic domains numerical domains sharing domains each family has its own API all basic domains support: lattice operations widening (upper bound which guarantees termination) similar to a FlowSet in Soot but immutable type safe no collection-style methods such as add , iterator , etc. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 4 / 26

  9. Basic domains Basic domains describe general properties of program executions and are not tied to a specific target language. several families of basic domains numerical domains sharing domains each family has its own API all basic domains support: lattice operations widening (upper bound which guarantees termination) similar to a FlowSet in Soot but immutable type safe no collection-style methods such as add , iterator , etc. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 4 / 26

  10. Basic domains Basic domains describe general properties of program executions and are not tied to a specific target language. several families of basic domains numerical domains sharing domains each family has its own API all basic domains support: lattice operations widening (upper bound which guarantees termination) similar to a FlowSet in Soot but immutable type safe no collection-style methods such as add , iterator , etc. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 4 / 26

  11. Basic domains Basic domains describe general properties of program executions and are not tied to a specific target language. several families of basic domains numerical domains sharing domains each family has its own API all basic domains support: lattice operations widening (upper bound which guarantees termination) similar to a FlowSet in Soot but immutable type safe no collection-style methods such as add , iterator , etc. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 4 / 26

  12. Numerical domains Represent the values of numerical variables. Example (Nested loop) for (x = 0; x < 10; x++) for (y = x; y < 10; y++) // do something here Example (Invariant inside the nested loop) y  0 ≤ x ≤ 9    y ≥ 9   y − x ≤ 0  x Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 5 / 26

  13. Numerical domains Represent the values of numerical variables. Example (Nested loop) for (x = 0; x < 10; x++) for (y = x; y < 10; y++) // do something here Example (Invariant inside the nested loop) y  0 ≤ x ≤ 9    y ≥ 9   y − x ≤ 0  x Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 5 / 26

  14. Numerical domains Represent the values of numerical variables. Example (Nested loop) for (x = 0; x < 10; x++) for (y = x; y < 10; y++) // do something here Example (Invariant inside the nested loop) y  0 ≤ x ≤ 9    y ≥ 9   y − x ≤ 0  x Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 5 / 26

  15. Numerical domains API The API for numerical domains is well understood: linear assignment x = 3*x + 2*y non-deterministic assignment x = ? intersection with half-planes if (x <= y - z) then projection over a lower dimensional space istore 3 embedding onto a higher dimension space iload 3 and other. . . Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 6 / 26

  16. Implementations of numerical domains Three different sources for numerical domains: 1 Jandom native implementations interval and parallelotope domains JVM not well suited to the purpose, see W. Kahan and Joseph D. Darcy How Java’s Floating-Point Hurts Everyone Everywhere 2 Parma Polyehdra Library (PPL) based domains many domains: polyehdra, octagons, congruences, etc. . . need wrappers to expose a common interface 3 in the future. . . add support for the APRON library Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 7 / 26

  17. Implementations of numerical domains Three different sources for numerical domains: 1 Jandom native implementations interval and parallelotope domains JVM not well suited to the purpose, see W. Kahan and Joseph D. Darcy How Java’s Floating-Point Hurts Everyone Everywhere 2 Parma Polyehdra Library (PPL) based domains many domains: polyehdra, octagons, congruences, etc. . . need wrappers to expose a common interface 3 in the future. . . add support for the APRON library Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 7 / 26

  18. Implementations of numerical domains Three different sources for numerical domains: 1 Jandom native implementations interval and parallelotope domains JVM not well suited to the purpose, see W. Kahan and Joseph D. Darcy How Java’s Floating-Point Hurts Everyone Everywhere 2 Parma Polyehdra Library (PPL) based domains many domains: polyehdra, octagons, congruences, etc. . . need wrappers to expose a common interface 3 in the future. . . add support for the APRON library Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 7 / 26

  19. Implementations of numerical domains Three different sources for numerical domains: 1 Jandom native implementations interval and parallelotope domains JVM not well suited to the purpose, see W. Kahan and Joseph D. Darcy How Java’s Floating-Point Hurts Everyone Everywhere 2 Parma Polyehdra Library (PPL) based domains many domains: polyehdra, octagons, congruences, etc. . . need wrappers to expose a common interface 3 in the future. . . add support for the APRON library Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 7 / 26

  20. Jandom architecture Interpretation Interprocedural analyzer Flow graph analyzer Basic block analyzer ASM Jimple Baf Abstract environment Basic domains native PPL APRON Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 8 / 26

  21. Abstract environments An abstract environment is the glue between the basic domains and the language we want to analyze maps operations in the language into operations on the domains locals this abstract environment x 0 i 0 = 10 x 1 s 1 = 20 x 1 ≤ 100 x 2 x 3 + x 4 ≤ 1 x 4 ≤ 2 stack x 3 x 4 0 numerical domain 1 JVM Gianluca Amato (Chieti–Pescara) Numerical static analysis with Soot SOAP 2013 9 / 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Numerical Static Analysis of Embedded Software with Interrupts Liqian Chen National University of

Numerical Static Analysis of Embedded Software with Interrupts Liqian Chen National University of

The 2016 Workshop on Static Analysis of Concurrent Software, Edinburgh, Scotland Numerical Static Analysis of Embedded Software with Interrupts Liqian Chen National University of Defense Technology, Changsha, China 11/09/2016 (Joint work with

604 views • 39 slides
Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and

Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and

Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and Karim Tekkal (Digiteo) Laboratory for the Modelling and Analysis of Interacting Systems, CEA LIST RAIM09: 3es Rencontres Arithm etique de

204 views • 19 slides
Making Numerical Program Analysis Fast Gagandeep Singh Markus Pschel Martin Vechev Department

Making Numerical Program Analysis Fast Gagandeep Singh Markus Pschel Martin Vechev Department

Making Numerical Program Analysis Fast Gagandeep Singh Markus Pschel Martin Vechev Department of Computer Science ETH Zrich Static Program Analysis Static Program Analysis public static void verify() { int[] ptr = new int[8]; int start

637 views • 45 slides
The Soot framework for Java program analysis: a retrospective Patrick Lam, Eric Bodden, Ond

The Soot framework for Java program analysis: a retrospective Patrick Lam, Eric Bodden, Ond

The Soot framework for Java program analysis: a retrospective Patrick Lam, Eric Bodden, Ond rej Lhot ak, and Laurie Hendren October 2011 This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License . Soot a

867 views • 38 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
Soot .class .jimple .java commandline args Soot Polyglot Jimpilfy Jimple Parser

Soot .class .jimple .java commandline args Soot Polyglot Jimpilfy Jimple Parser

Soot .class .jimple .java commandline args Soot Polyglot Jimpilfy Jimple Parser Frontend Jimple Analysis and Transformations Jimple, with Flow Analysis Information Add tags Jimple with Tags Generate Jimple Files Generate

217 views • 18 slides
Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ? Basic analysis ! Example : Flow analysis ! Increasing precision ! Context -, flow -, and path sensitivity Scaling it up !

527 views • 27 slides
Numerical Differentiation &amp; Integration Numerical Differentiation I Numerical Analysis (9th

Numerical Differentiation &amp; Integration Numerical Differentiation I Numerical Analysis (9th

Numerical Differentiation &amp; Integration Numerical Differentiation I Numerical Analysis (9th Edition) R L Burden &amp; J D Faires Beamer Presentation Slides prepared by John Carroll Dublin City University c 2011 Brooks/Cole, Cengage

774 views • 64 slides
Numerical Differentiation &amp; Integration Numerical Differentiation II Numerical Analysis (9th

Numerical Differentiation &amp; Integration Numerical Differentiation II Numerical Analysis (9th

Numerical Differentiation &amp; Integration Numerical Differentiation II Numerical Analysis (9th Edition) R L Burden &amp; J D Faires Beamer Presentation Slides prepared by John Carroll Dublin City University c 2011 Brooks/Cole, Cengage

825 views • 43 slides
1 Analysis Information Where Do Facts Hold? How much information depends on the client

1 Analysis Information Where Do Facts Hold? How much information depends on the client

711? CS711 Advanced Programming Languages Topics in Program Analysis Radu Rugina Fall 2005 CS711 Overview 2 Program Analysis Static vs. Dynamic Static analysis: inspect programs at compile-time Static analysis: Work done at

282 views • 4 slides
A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical problem and how to ignore it An example static analysis What is static analysis used for? Commercial successes Free static analysis tools you should

488 views • 37 slides
Numerical Differentiation &amp; Integration Composite Numerical Integration I Numerical Analysis

Numerical Differentiation &amp; Integration Composite Numerical Integration I Numerical Analysis

Numerical Differentiation &amp; Integration Composite Numerical Integration I Numerical Analysis (9th Edition) R L Burden &amp; J D Faires Beamer Presentation Slides prepared by John Carroll Dublin City University c 2011 Brooks/Cole,

1.14k views • 93 slides
Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan,

Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan,

Princeton University Zachary Kincaid Static Analysis Symposium August 31, 2018 Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan, Thomas Reps. Todays agenda: A recipe for building abstract

1.16k views • 78 slides
Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Interesting Questions Interesting Questions Is every statement reachable? Does every non- void method return a value? Compilation 2007 Compilation 2007 Will local variables definitely be assigned before Static Analysis Static

169 views • 13 slides
Static and dynamic verification Software inspections Concerned with analysis of the static

Static and dynamic verification Software inspections Concerned with analysis of the static

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis Software

430 views • 12 slides
Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

I NTELLI D ROID A Targeted Input Generator for the Dynamic Analysis of Android Malware Michelle Y. Wong and David Lie University of Toronto Department of Electrical and Computer Engineering NDSS Symposium 2016 ! ! ! B ACKGROUND Static vs.

1.02k views • 32 slides
JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class

JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class

Smalltalk on the JVM By James Ladd object@redline.st http://redline.st @redline_st - ESUG 2011 JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class Sequence of bytes in class format Class is not an

632 views • 42 slides
An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 ,

An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 ,

The 45th International Conference on Very Large Data Bases (VLDB 2019) An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 , Wensheng Dou 1 , Wei Wang 1 , Jun Wei 1 1 Institute of Software, Chinese

456 views • 45 slides
IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios

IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios

IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios Papagiannis, Polyvios Pratikakis, and Angelos Bilas October 25, 2019 Institute of Computer Science (ICS) Foundation of Research and T echnology

445 views • 11 slides
Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect

Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect

Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect 24 Hour Fitness Who are we? 24 Hour Fitness is a leading fitness industry pioneer with more than 400 clubs across the United States. 24 Hour Fitness

355 views • 23 slides
Link-Time Enforcement of Confined Types for JVM Bytecode Philip W. L. Fong pwlfong@cs.uregina.ca

Link-Time Enforcement of Confined Types for JVM Bytecode Philip W. L. Fong pwlfong@cs.uregina.ca

Link-Time Enforcement of Confined Types for JVM Bytecode Philip W. L. Fong pwlfong@cs.uregina.ca Department of Computer Science University of Regina Regina, Saskatchewan, Canada Overview Motivation Confined Types A Bytecode-level

348 views • 34 slides
JavaGuest - A Research Java Virtual Machine on Xen Mick Jordan, Sun Labs Grzegorz Milos,

JavaGuest - A Research Java Virtual Machine on Xen Mick Jordan, Sun Labs Grzegorz Milos,

JavaGuest - A Research Java Virtual Machine on Xen Mick Jordan, Sun Labs Grzegorz Milos, Cambridge University Computer Lab SUN LABS PROJECT: SUN LABS PROJECT: Context Java 6 provides a complete platform for server- side

457 views • 10 slides
Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values,

Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values,

Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values, terms, ... Typing and operational semantics JVM Compiler Definition Proof Techniques Compilation and Bytecode Verification

643 views • 18 slides
JOP: A Java Optimized Processor for Embedded Real-Time Systems Martin Schberl University of

JOP: A Java Optimized Processor for Embedded Real-Time Systems Martin Schberl University of

JOP: A Java Optimized Processor for Embedded Real-Time Systems Martin Schberl University of Technology Vienna, Austria Overview Motivation Related work JOP architecture WCET Analysis Results Conclusions, future work

476 views • 34 slides

More recommend