Past-Sensitive Pointer Analysis for Symbolic Execution (Video, ESEC/FSE 2020)

preview_player
Показать описание
"Past-Sensitive Pointer Analysis for Symbolic Execution (Video, ESEC/FSE 2020)
David Trabish, Timotej Kapus, Noam Rinetzky, and Cristian Cadar
(Tel Aviv University, Israel; Imperial College London, UK; Tel Aviv University, Israel; Imperial College London, UK)

Abstract: We propose a novel fine-grained integration of pointer analysis with
dynamic analysis, including dynamic symbolic execution. This is
achieved via past-sensitive pointer analysis, an on-demand
pointer analysis instantiated with an abstraction of the dynamic
state on which it is invoked.
We evaluate our technique in three application scenarios: chopped
symbolic execution, symbolic pointer resolution, and
write integrity testing.
Our preliminary results show that the approach can have a significant
impact in these scenarios, by effectively improving the precision of
standard pointer analysis with only a modest performance overhead.

Submitted to the conference by David Trabish on 2020-10-29

Video Tags: Symbolic Execution, Pointer Analysis, fse20main-p237-p, DOI: 10.1145/3368089.3409698, DOI: 10.1145/3410246, Artifacts Available, Artifacts Evaluated — Reusable, Artifacts Evaluated — Functional

  1. ACM SIGSOFT
  2. symbolic execution
  3. pointer analysis
  4. fse20main-p237-p
Рекомендации по теме
Past-Sensitive Pointer Analysis 0:15:16

Past-Sensitive Pointer Analysis for Symbolic Execution (Video, ESEC/FSE 2020)

Past-Sensitive Pointer Analysis 0:01:26

Past-Sensitive Pointer Analysis for Symbolic Execution (Teaser, ESEC/FSE 2020)

Finding Bugs Using 0:52:04

Finding Bugs Using Path-Sensitive Static Analysis - Gabor Horvath - CppCon 2021

Precision-Guided Context Sensitivity 0:26:25

Precision-Guided Context Sensitivity for Pointer Analysis

Module 11: Dynamic 0:56:16

Module 11: Dynamic Symbolic Execution

Module 6: Pointer 1:37:33

Module 6: Pointer Analysis

Chapter 6: Pointer 0:50:10

Chapter 6: Pointer Analysis

A model of 1:16:34

A model of context-sensitive pointer analysis

Automating Function Selection 0:12:08

Automating Function Selection for Patch Testing via Chopped Symbolic Execution

IQ TEST 0:00:29

IQ TEST

CMPT886 'Dynamic Analysis 1:08:08

CMPT886 'Dynamic Analysis using LLVM'

A Bounded Symbolic-Size 0:12:41

A Bounded Symbolic-Size Model for Symbolic Execution

Learning Graph-Based Heuristics 0:14:38

Learning Graph-Based Heuristics for Pointer Analysis without Handcrafting Application-Specific Featu

Refinement in object-sensitivity 0:24:50

Refinement in object-sensitivity points-to analysis via slicing

[COVID]Symbolic value-flow static 0:33:16

[COVID]Symbolic value-flow static analysis:deep,precise,complete modeling of Ethereum smartcontracts

Clang Static Analysis 0:53:53

Clang Static Analysis - Gabor Horvath - Meeting C++ 2016

Java Ranger: Statically 0:16:30

Java Ranger: Statically Summarizing Regions for Efficient Symbolic Executi... (Video, ESEC/FSE 2020)

Academic keynote: How 0:42:51

Academic keynote: How to Win SV-COMP with Symbolic Execution

Lecture 'Call Graph 0:26:32

Lecture 'Call Graph Analysis (Part 4, Spark)' of 'Program Analysis'

[PEPM'22] Partially Evaluating 0:29:15

[PEPM'22] Partially Evaluating Symbolic Interpreters for All

CaSym: Cache Aware 0:16:47

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation

2016 LLVM Developers' 0:28:04

2016 LLVM Developers' Meeting: A. Sidorin 'Summary-based inter-unit analysis for ...'

Module 8: Type 1:19:58

Module 8: Type Systems

Chapter 8: Type 0:59:38

Chapter 8: Type Systems