Abstract
Program slicing can be used to reduce a given initial program to a smaller one (a slice) that preserves the behavior of the initial program with respect to a chosen criterion. Verification and validation (V&V) of software can become easier on slices, but require particular care in the presence of errors or non-termination in order to avoid unsound results or a poor level of code reduction in slices with respect to the initial program. This article proposes a theoretical foundation for conducting V&V activities on a slice instead of the initial program. We introduce the notion of relaxed slicing that is still capable of producing small slices, even in the presence of errors or non-termination, and establish an appropriate soundness property. It allows us to give a precise interpretation of verification results (absence or presence of errors) obtained for a slice in terms of the initial program. The implementation of these results in the Coq proof assistant is presented and some of its difficult points are discussed.
Similar content being viewed by others
References
Agrawal H, DeMillo RA, Spafford EH (1993) Debugging with dynamic slicing and backtracking. Softw Pract Exper 23(6): 589–616
Allen M, Horwitz S (2003) Slicing Java programs that throw and catch exceptions. In: PEPM 2003, pp 44–54
Amtoft T (2008) Slicing for modern program structures: a theory for eliminating irrelevant loops. Inf Process Lett 106(2): 45–51
Barraclough RW, Binkley D, Danicic S, Harman M, Hierons RM, Kiss A, Laurence M, Ouarbya L (2010) A trajectory-based strict semantics for program slicing. Theor Comp Sci 411(11–13): 1372–1386
Bertot Y, Castéran P (2004) Interactive theorem proving and program development. Springer, Berlin
Barros JB, da Cruz DC, Henriques PR, Pinto JS (2012) Assertion-based slicing and slice graphs. Formal Asp Comput 24(2): 217–248
Binkley D, Danicic S, Gyimóthy T, Harman M, Kiss Á, Korel B (2006) Theoretical foundations of dynamic program slicing. Theor Comput Sci 360(1–3): 23–41
Ball T, Horwitz S (1993) Slicing programs with arbitrary control-flow. In: AADEBUG 1993
Binkley D, Harman M (2004) A survey of empirical results on program slicing. Adv Comput 62: 105–178
Blazy S, Maroneze A, Pichardie D (2015) Verified validation of program slicing. In: CPP 2015, pp 109–117
Chebaro O, Cuoq P, Kosmatov N, Marre B, Pacalet A, Williams N, Yakobowski B (2014) Behind the scenes in SANTE: a combination of static and dynamic analyses. Autom Softw Eng 21(1): 107–143
Cartwright R, Felleisen M (1989) The semantics of program dependence. In: PLDI 1989
Chebaro O, Kosmatov N, Giorgetti A, Julliand J (2011) The SANTE tool: value analysis, program slicing and test generation for C program debugging. In: TAP 2011
Chebaro O, Kosmatov N, Giorgetti A, Julliand J (2012) Program slicing enhances a verification technique combining static and dynamic analysis. In: SAC 2012
Danicic S, Barraclough RW, Harman M, Howroyd J, Kiss Á, Laurence MR (2011) A unifying theory of control dependence and its application to arbitrary program structures. Theor Comput Sci 412(49): 6809–6842
Giacobazzi Roberto, Mastroeni Isabella. (2003) Non-standard semantics for program slicing. Higher-Order and Symbolic Computation, 16(4): 297–339
Ge X, Taneja K, Xie T, Tillmann N (2011) DyTa: dynamic symbolic execution guided with static verification results. In: The 33rd international conference on software engineering (ICSE 2011), pp 992–994. ACM
Harman M, Danicic S (1995) Using program slicing to simplify testing. Softw Test Verif Reliab 5(3): 143–162
Hierons RM, Harman M, Danicic S (1999) Using program slicing to assist in the detection of equivalent mutants. Softw Test Verif Reliab 9(4): 233–262
Horwitz S, Reps T, Binkley D (1988) Interprocedural slicing using dependence graphs. In: PLDI 1988
Harman M, Simpson D, Danicic S (1996) Slicing programs in the presence of errors. Formal Asp Comput 8(4): 490–497
Kirchner F, Kosmatov N, Prevosto V, Signoles J, Yakobowski B (2015) Frama-C: A software analysis perspective. Formal Asp Comput 27(3): 573–609
Kiss B, Kosmatov N, Pariente D, Puccetti A (2015) Combining static and dynamic analyses for vulnerability detection: illustration on Heartbleed. In: HVC 2015
Léchenet Jean-Christophe (2016) Formalization of relaxed slicing. http://perso.ecp.fr/~lechenetjc/slicing/.
Leroy X (2009) Formal verification of a realistic compiler. Commun ACM 52(7): 107–115
Léchenet J-C, Kosmatov N, Gall PL (2016) Cut branches before looking for bugs: Sound verification on relaxed slices. In: FASE’16 (Part of ETAPS’16), pp 179–196
Nestra H (2009) Transfinite semantics in the form of greatest fixpoint. J Log Algebr Progr 78(7): 573–592
Podgurski A, Clarke LA (1990) A formal model of program dependences and its implications for software testing, debugging, and maintenance. IEEE Trans Softw Eng 16(9): 965–979
Pierce BC, Casinghino C, Gaboardi M, Greenberg M, Hriţcu C, Sjöberg V, Yorgey B (2015) Software foundations 3.2, 2015. http://www.cis.upenn.edu/~bcpierce/sf/sf-3.2/index.html.
Ranganath VP, Amtoft T, Banerjee A, Hatcliff J, Dwyer MB (2007) A new foundation for control dependence and slicing for modern program structures. ACM Trans Progr Lang Syst 29(5): 27
Reps TW, Yang W (1988) The semantics of program slicing. Technical report, University of Wisconsin
Reps TW, Yang W (1989) The semantics of program slicing and program integration. In: TAPSOFT 1989
Silva J (2012) A vocabulary of program slicing-based techniques. ACM Comput Surv 44(3): 12
Tip F (1995) A survey of program slicing techniques. J Prog Lang 3(3)
Wasserrab D (2011) From formal semantics to verified slicing: a modular framework with applications in language based security. Ph.D. thesis, Karlsruhe Institute of Technology
Weiser M (1981) Program slicing. In: ICSE 1981
Weiser M (1982) Programmers use slices when debugging. Commun ACM 25(7): 446–452
Weiser M (1984) Program slicing. IEEE Trans Softw Eng 10(4): 352–357
Xu B, Qian J, Zhang X, Wu Z, Chen L (2005) A brief survey of program slicing. ACM SIGSOFT Softw Eng Notes 30(2): 1–36
Author information
Authors and Affiliations
Corresponding author
Additional information
Perdita Stevens, Andrzej Wasowski, and Ewen Denney
Rights and permissions
About this article
Cite this article
Léchenet, JC., Kosmatov, N. & Le Gall, P. Cut branches before looking for bugs: certifiably sound verification on relaxed slices. Form Asp Comp 30, 107–131 (2018). https://doi.org/10.1007/s00165-017-0439-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00165-017-0439-x