Pluggable abstract domains for analyzing embedded software

Many abstract value domains such as intervals, bitwise, constants, and value-sets have been developed to support dataflow analysis. Different domains offer alternative tradeoffs between analysis speed and precision. Furthermore, some domains are a better match for certain kinds of code than others. This paper presents the design and implementation of cXprop, an analysis and transformation tool for C that implements "conditional X propagation," a generalization of the well-known conditional constant propagation algorithm where X is an abstract value domain supplied by the user. cXprop is interprocedural, context-insensitive, and achieves reasonable precision on pointer-rich codes. We have applied cXprop to sensor network programs running on TinyOS, in order to reduce code size through interprocedural dead code elimination, and to find limited-bitwidth global variables. Our analysis of global variables is supported by a novel concurrency model for interrupt-driven software. cXprop reduces TinyOS application code size by an average of 9.2% and predicts an average data size reduction of 8.2% through RAM compression.

[1]  Antoine Mid The Octagon Abstract Domain , 2001 .

[2]  Herbert Wiklicky,et al.  Measuring the Precision of Abstract Interpretations , 2000, LOPSTR.

[3]  Chenyang Lu,et al.  Mobile agent middleware for sensor networks: an application case study , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[4]  Wei Hong,et al.  TASK: sensor network in a box , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[5]  Andreas Zeller,et al.  Simplifying and Isolating Failure-Inducing Input , 2002, IEEE Trans. Software Eng..

[6]  George C. Necula,et al.  CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.

[7]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[8]  Philippe Granger,et al.  Improving the Results of Static Analyses Programs by Local Decreasing Iteration , 1992, FSTTCS.

[9]  Lori A. Clarke,et al.  Flow analysis for verifying properties of concurrent software systems , 2004, TSEM.

[10]  Martin C. Rinard,et al.  Analysis of Multithreaded Programs , 2001, SAS.

[11]  Antoine Miné,et al.  The octagon abstract domain , 2001, High. Order Symb. Comput..

[12]  Laurie J. Hendren,et al.  Generalized Constant Propagation: A Study in C , 1996, CC.

[13]  Jens Palsberg,et al.  Avrora: scalable sensor network simulation with precise timing , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[14]  Gyula Simon,et al.  Countersniper system for urban warfare , 2005, TOSN.

[15]  Jong-Deok Choi,et al.  On the Efficient Engineering of Ambitious Program Analysis , 1994, IEEE Trans. Software Eng..

[16]  John L. Henning SPEC CPU2000: Measuring CPU Performance in the New Millennium , 2000, Computer.

[17]  Lori A. Clarke,et al.  A flexible architecture for building data flow analyzers , 1995, Proceedings of IEEE 18th International Conference on Software Engineering.

[18]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[19]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[20]  Mark Stephenson,et al.  Bidwidth analysis with application to silicon compilation , 2000, PLDI '00.

[21]  John Regehr,et al.  Deriving abstract transfer functions for analyzing embedded software , 2006 .

[22]  Mark N. Wegman,et al.  Efficiently computing static single assignment form and the control dependence graph , 1991, TOPL.

[23]  Florian Martin,et al.  PAG – an efficient program analyzer generator , 1998, International Journal on Software Tools for Technology Transfer.