Abstract slicing: a new approach to program slicing based on abstract interpretation and model checking

This paper proposes a new approach to program slicing based on abstract interpretation and model checking. First, the notion of abstract slicing is introduced. Abstract slicing extends static slicing with predicates and constraints by using as the program model an abstract state graph, which is obtained by applying predicate abstraction to a program, rather than a flow graph. This leads to a program slice that is more precise and smaller than its static counterpart. Second, a method for performing abstract slicing is developed. It is shown that abstract slicing can be reduced to a least fixpoint computation over formulas in the branching time temporal logic CTL. This enables one to use symbolic model checkers for CTL as an efficient computation engine for abstract slicing. A prototype implementation and experimental results are reported demonstrating the feasibility of the approach.

[1]  Karl J. Ottenstein,et al.  The program dependence graph in a software development environment , 1984, SDE 1.

[2]  Gregor Snelting,et al.  Validation of measurement software as an application of slicing and constraint solving , 1998, Inf. Softw. Technol..

[3]  Janusz W. Laski,et al.  Dynamic Program Slicing , 1988, Inf. Process. Lett..

[4]  Lori A. Clarke,et al.  A Formal Model of Program Dependences and Its Implications for Software Testing, Debugging, and Maintenance , 1990, IEEE Trans. Software Eng..

[5]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[6]  Dieter Hogrefe,et al.  The CCITT-Specification and Description Language SDL , 1989, Comput. Networks.

[7]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[8]  Sriram K. Rajamani,et al.  Automatically validating temporal safety properties of interfaces , 2001, SPIN '01.

[9]  Aniello Cimitile,et al.  Conditioned program slicing , 1998, Inf. Softw. Technol..

[10]  Leon Moonen,et al.  Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation , 2006 .

[11]  Daniel Jackson,et al.  Finding bugs with a constraint solver , 2000, ISSTA '00.

[12]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[13]  David W. Binkley,et al.  Interprocedural slicing using dependence graphs , 1990, TOPL.

[14]  E. Allen Emerson,et al.  Temporal and Modal Logic , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[15]  G. A. Venkatesh,et al.  The semantic approach to program slicing , 1991, PLDI '91.

[16]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[17]  James C. Corbett,et al.  A Formal Study of Slicing for Multi-threaded Programs with JVM Concurrency Primitives , 1999, SAS.

[18]  David W. Binkley,et al.  Program slicing , 2008, 2008 Frontiers of Software Maintenance.

[19]  Mark Harman,et al.  Backward conditioning: a new program specialisation technique and its application to program comprehension , 2001, Proceedings 9th International Workshop on Program Comprehension. IWPC 2001.

[20]  Daniel Jackson,et al.  A new model of program dependences for reverse engineering , 1994, SIGSOFT '94.

[21]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[22]  Joseph Robert Horgan,et al.  Dynamic program slicing , 1990, PLDI '90.

[23]  G. Davies,et al.  [Neuropsychological rehabilitation for post-COVID-19 syndrome: Results of a clinical program and six-month follow up.] , 2022, Neurologia.

[24]  Dexter Kozen,et al.  RESULTS ON THE PROPOSITIONAL’p-CALCULUS , 2001 .

[25]  John Howard,et al.  Hybrid slicing: integrating dynamic information with static analysis , 1997, TSEM.

[26]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[27]  Andrea De Lucia,et al.  Program slicing: methods and applications , 2001, Proceedings First IEEE International Workshop on Source Code Analysis and Manipulation.

[28]  Robert J. Hall Automatic extraction of executable program subsets by simultaneous dynamic program slicing , 2004, Automated Software Engineering.

[29]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[30]  Thomas W. Reps,et al.  Precise interprocedural chopping , 1995, SIGSOFT FSE.

[31]  David A. Schmidt,et al.  Program Analysis as Model Checking of Abstract Interpretations , 1998, SAS.

[32]  Mark Harman,et al.  Pre/post conditioned slicing , 2001, Proceedings IEEE International Conference on Software Maintenance. ICSM 2001.

[33]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[34]  Sarfraz Khurshid,et al.  Generalized Symbolic Execution for Model Checking and Testing , 2003, TACAS.

[35]  Marius Bozga,et al.  Using Static Analysis to Improve Automatic Test Generation , 2000, TACAS.

[36]  David A. Schmidt Data flow analysis is model checking of abstract interpretations , 1998, POPL '98.

[37]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..