Using Relational Verification for Program Slicing

Program slicing is the process of removing statements from a program such that defined aspects of its behavior are retained. For producing precise slices, i.e., slices that are minimal in size, the program’s semantics must be considered. Existing approaches that go beyond a syntactical analysis and do take the semantics into account are not fully automatic and require auxiliary specifications from the user. In this paper, we adapt relational verification to check whether a slice candidate obtained by removing some instructions from a program is indeed a valid slice. Based on this, we propose a framework for precise and automatic program slicing. As part of this framework, we present three strategies for the generation of slice candidates, and we show how dynamic slicing approaches – that interweave generating and checking slice candidates – can be used for this purpose. The framework can easily be extended with other strategies for generating slice candidates. We discuss the strengths and weaknesses of slicing approaches that use our framework.

[1]  David W. Binkley,et al.  Program slicing , 2008, 2008 Frontiers of Software Maintenance.

[2]  Gregor Snelting,et al.  Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs , 2009, International Journal of Information Security.

[3]  Alberto Pettorossi,et al.  Relational Verification Through Horn Clause Transformation , 2016, SAS.

[4]  Aniello Cimitile,et al.  Conditioned program slicing , 1998, Inf. Softw. Technol..

[5]  Agostino Cortesi,et al.  Abstract program slicing on dependence condition graphs , 2013, Sci. Comput. Program..

[6]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[7]  Vladimir Klebanov,et al.  Relational Program Reasoning Using Compiler IR Combining Static Verification and Dynamic Analysis , 2017 .

[8]  Mark Harman,et al.  A survey of empirical results on program slicing , 2004, Adv. Comput..

[9]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[10]  Joseph Robert Horgan,et al.  Dynamic program slicing , 1990, PLDI '90.

[11]  Vladimir Klebanov,et al.  Automating regression verification of pointer programs by predicate abstraction , 2018, Formal Methods Syst. Des..

[12]  Pedro Rangel Henriques,et al.  Assertion-based slicing and slice graphs , 2010, 2010 8th IEEE International Conference on Software Engineering and Formal Methods.

[13]  Matthew B. Dwyer,et al.  A new foundation for control dependence and slicing for modern program structures , 2005, TOPL.

[14]  Adrián Riesco,et al.  Slicing from formal semantics: Chisel—a tool for generic program slicing , 2018, International Journal on Software Tools for Technology Transfer.

[15]  Tiziana Margaria,et al.  Tools and algorithms for the construction and analysis of systems: a special issue for TACAS 2017 , 2001, International Journal on Software Tools for Technology Transfer.

[16]  Bernhard Beckert,et al.  SemSlice: Exploiting Relational Verification for Automatic Program Slicing , 2017, IFM.

[17]  Jorge A. Navas,et al.  TRACER: A Symbolic Execution Tool for Verification , 2012, CAV.

[18]  Vladimir Klebanov,et al.  Automating regression verification , 2014, Software Engineering & Management.

[19]  Johnson M. Hart,et al.  Program Slicing Using Weakest Preconditions , 1996, FME.

[20]  Adrián Riesco,et al.  A Generic Program Slicing Technique Based on Language Definitions , 2012, WADT.

[21]  Pedro Rangel Henriques,et al.  GamaSlicer: an online laboratory for program verification and analysis , 2010, LDTA.

[22]  Martin P. Ward Properties of Slicing Definitions , 2009, 2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation.

[23]  Frank Tip,et al.  Parametric program slicing , 1995, POPL '95.

[24]  Thomas W. Reps,et al.  On the adequacy of program dependence graphs for representing programs , 1988, POPL '88.

[25]  Bogdan Korel,et al.  Dynamic program slicing methods , 1998, Inf. Softw. Technol..

[26]  Lori A. Clarke,et al.  A Formal Model of Program Dependences and Its Implications for Software Testing, Debugging, and Maintenance , 1990, IEEE Trans. Software Eng..

[27]  Nikolai Kosmatov,et al.  Cut Branches Before Looking for Bugs: Sound Verification on Relaxed Slices , 2016, FASE.

[28]  Jorge A. Navas,et al.  Path-Sensitive Backward Slicing , 2012, SAS.

[29]  Yong Rae Kwon,et al.  Program slicing based on specification , 2001, SAC.

[30]  Joe D. Warren,et al.  The program dependence graph and its use in optimization , 1987, TOPL.

[31]  Nikolai Kosmatov,et al.  Frama-C: A software analysis perspective , 2015, Formal Aspects of Computing.

[32]  Thomas A. Alspaugh,et al.  An architectural pattern for non-functional dependability requirements , 2005, ACM SIGSOFT Softw. Eng. Notes.

[33]  Viktor Kuncak,et al.  Disjunctive Interpolants for Horn-Clause Verification , 2013, CAV.

[34]  Gerda Janssens,et al.  Equivalence checking of static affine programs using widening to handle recurrences , 2008, TOPL.

[35]  Gregor Snelting,et al.  Efficient path conditions in dependence graphs for software safety analysis , 2006, TSEM.

[36]  Baowen Xu,et al.  A brief survey of program slicing , 2005, SOEN.

[37]  Andrea De Lucia,et al.  Program slicing: methods and applications , 2001, Proceedings First IEEE International Workshop on Source Code Analysis and Manipulation.

[38]  Bernhard Beckert,et al.  Using Dependence Graphs to Assist Verification and Testing of Information-Flow Properties , 2018, TAP@STAF.

[39]  Mark Harman,et al.  A trajectory-based strict semantics for program slicing , 2010, Theor. Comput. Sci..

[40]  Robert J. Hall Automatic extraction of executable program subsets by simultaneous dynamic program slicing , 2004, Automated Software Engineering.

[41]  Bernhard Beckert,et al.  Computing Specification-Sensitive Abstractions for Program Verification , 2016, SETTA.