期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于抽象符号表的内存模型 被引量:1

A Memory Model Based on Abstract Symbol Tables
下载PDF
导出
摘要 符号执行技术在软件测试和程序验证中发挥着重要作用。如何抽象和处理程序中各种数据类型和语法成分是符号执行必须解决的问题。本文提出抽象符号表的概念,以及基于抽象符号表建模内存的方法。抽象符号表记录可寻址对象的名称、类型、抽象地址和符号值,是一种简单、精确的内存抽象机制。内存模型是所有使用符号执行的技术的前提,本文系统给出了一个面向符号执行的内存模型。基于抽象符号表的内存模型能够统一处理各种数据类型和语法成分,包括函数和类,能够直接处理指针别名问题,不需要额外的别名分析算法。经过一些性能优化处理,基于抽象符号表的内存模型具有较好的性能。 Symbolic execution plays an important role in the area of software testing and program verification.However,there are several difficulties facing symbolic execution,one of which is how to abstract various data types and syntax in the source codes.This paper addresses this problem by proposing a new concept of abstract symbol table and a method to model memory using abstract symbol tables.The abstract symbol table records names,types,abstract addresses and symbolic values of addressable objects,which is a simple and accurate memory abstracting mechanism.The memory model is prerequisite for any techniques involving symbolic execution,but this paper systematically presents a memory model for symbolic execution in detail.The abstract symbol table-based memory model can handle various data types and syntax uniformly including function and class,handle the aliasing problem directly,and possess good scalability because of several performance-improving techniques.
作者 代子营 毛晓光 马晓东 王瑞
机构地区 国防科学技术大学计算机学院
出处 《计算机工程与科学》 CSCD 北大核心 2011年第6期84-90,共7页 Computer Engineering & Science
基金 国家863计划资助项目(2007AA010301)
关键词 符号执行 内存模型 抽象符号表 程序分析 symbolic execution memory model abstract symbol table program analysis
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献20

  • 1King J C.Symbolic Execution and Program Testing[J].Communications of the ACM,1976,19(7):385-394.
  • 2Shannon D,Hajra S,Lee A,et al.Abstracting Symbolic Execution with String Analysis[C]∥Proc of the Testing:Academic and Industrial Conference Practice and Research Techniques,2007:13-22.
  • 3Xie T,Marinov D,Schulte W,et al.Symstra:A Framework for Generating Object-Oriented Unit Tests Using Symbolic Execution[C]∥Proc of the TACAS’05,2005:365-381.
  • 4张健.精确的程序静态分析[J].计算机学报,2008,31(9):1549-1553. 被引量:36
  • 5Saswat A,Patrice G,Nikolai T.Demand-Driven Compositional Symbolic Execution[C]∥Proc of the 14th Int’l Conf on Tools and Algorithms for the Construction and Analysis of Systems,2008:367-381.
  • 6Zhang J.Symbolic Execution of Program Paths Involving Pointer and Structure Variables[C]∥Proc of the Fourth Int’l Conf on Quality Software,2004:87-92.
  • 7Hampapuram H,Yang Y,Das M.Symbolic Path Simulation in Path-Sensitive Dataflow Analysis[C]∥Proc of the 6th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering,2005:52-58.
  • 8Xie Yichen,Chou Andy,Engler Dawson.ARCHER:Using Symbolic,Path-Sensitive Analysis to Detect Memory Access Errors[C]∥Proc of the ESEC/FSE’03,2003:327-336.
  • 9Coward P D.Symbolic Execution Systems-A Review[J].Software Engineering Journal,1988,3(6):229-239.
  • 10Boyer R S,Elspas B,Levitt K N.SELECT- A Formal System for Testing and Debugging Programs by Symbolic Execution[C]∥Proc of the Int’l Conf on Reliable Software,1975:234-245.

二级参考文献17

  • 1汪黎,杨学军,王戟,罗宇.操作系统内核程序函数执行上下文的自动检验[J].软件学报,2007,18(4):1056-1067. 被引量:5
  • 2Hoare C A R. The verifying compiler: A grand challenge for computing research. Journal of the ACM, 2003, 50(1): 63-69
  • 3Horwitz S. Precise flow-insensitive may-alias analysis is NP- hard. ACM Transactions on Programming Languages and Systems, 1997, 19(1): 1-6
  • 4Ball T, Rajamani S K. The SLAM project: Debugging system software via static analysis//Proeeedings of the 29th ACM Symposium on Principles of Programming Languages (POPL 2002). Portland, OR, USA, 2002:1-3
  • 5Lev-Ami T et al. Putting static analysis to work for verification: A case study//Proceedings of the International Symposium on Software Testing and Analysis (ISSTA 2000). Portland, OR, USA, 2000:26-38
  • 6Zhang J, Wang X. A constraint solver and its application to path feasibility analysis. International Journal of Software Engineering and Knowledge Engineering, 2001, 11(2): 139- 156
  • 7Zhang J. Symbolic execution of program paths involving pointer and structure variables//Proceedings of the QSIC. Braunschweig, Germany, 2004:87-92
  • 8King J C. Symbolic execution and testing. Communications of the ACM, 1976, 19(7): 385-394
  • 9Yates D F, Malevris N. Reducing the effects of infeasible paths in branch testing. ACM SIGSOFT Software Engineering Notes, 1989, 14(8): 48-54
  • 10Ngo M N, Tan H B K. Heuristics-based infeasible path detection for dynamic test data generation. Information & Software Technology, 2008, 50(7-8): 641-655

共引文献35

同被引文献30

  • 1Winskel G. The Formal Semantics of Programming Languages [M]. London: The MIT Press, 1993:10-50.
  • 2Tennent R D, Ghica D R. Abstract models of storage [J]. Higher-Order and Symbolic Computation, 2000, 13 ( 1 ) : 119-129.
  • 3Bertot Y, Casteran P. Interactive Theorem Proving and Program Development [M]. New York: Springer, 2004: 10- 120.
  • 4Kernighan B W, Ritchie D M. The C Programming Language[M]. New York: Prentice Hall, 1989:1-300.
  • 5Hoare C A R. An axiomatic loasis for computer programming [J]. Communications of the ACM, 1969, 12(10): 576 -580.
  • 6Burstall R M. Some techniques for proving correctness of programs which alter data structures [J]. Machine Intelligence, 1972, 7(1): 23-50.
  • 7Luckham D C, Suzuki N. Verification of array, record, and pointer operations in Pascal [J]. ACM Trans on Programming Languages and Systems, 1979, 1(19) : 226-244.
  • 8Kowaltowski T. Data structures and correctness of programs [J]. Journal of theACM, 1979, 2(1): 283-301.
  • 9Morris J M. A general axiom of assignment and linked data structure [J]. Theoretical Foundations of Programming Methodology, 1982, 91(1): 25-34.
  • 10Bii[sma A. Calculating with pointers [J]. Science of Computer Programming, 1989, 12(1): 191-205.

引证文献1

二级引证文献3

计算机工程与科学
2011年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部