{"title":"A Fixed-Point Algorithm for Automated Static Detection of Infinite Loops","authors":"A. Ibing, Alexandra Mai","doi":"10.1109/HASE.2015.16","DOIUrl":null,"url":null,"abstract":"We present an algorithm for automated detection of infinite loop bugs in programs. It relies on a Satisfiability Modulo Theories (SMT) solver backend and can be run conveniently with SMT-constrained symbolic execution. The algorithm detects infinite loop bugs for single-path, multi-path and nested loops. We prove soundness of the algorithm, i.e. There are no false positive detections of infinite loops. Part of the algorithm is a fixed-point based termination check for 'simple' loops, whose soundness is a consequence of Brouwer's fixed-point theorem. The algorithm further yields no false negative detections for context-sensitive detection of periodic loop orbits with sum of prefix iterations and periodicity of up to the analysis loop unroll depth (bounded completeness), if the SMT solver answers the fixed-point satisfiability query in time. We describe an example implementation as plug-in extension of Eclipse CDT. The implementation is validated with the infinite loop test cases from the Juliet test suite and benchmarks are provided.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"174 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HASE.2015.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 14
Abstract
We present an algorithm for automated detection of infinite loop bugs in programs. It relies on a Satisfiability Modulo Theories (SMT) solver backend and can be run conveniently with SMT-constrained symbolic execution. The algorithm detects infinite loop bugs for single-path, multi-path and nested loops. We prove soundness of the algorithm, i.e. There are no false positive detections of infinite loops. Part of the algorithm is a fixed-point based termination check for 'simple' loops, whose soundness is a consequence of Brouwer's fixed-point theorem. The algorithm further yields no false negative detections for context-sensitive detection of periodic loop orbits with sum of prefix iterations and periodicity of up to the analysis loop unroll depth (bounded completeness), if the SMT solver answers the fixed-point satisfiability query in time. We describe an example implementation as plug-in extension of Eclipse CDT. The implementation is validated with the infinite loop test cases from the Juliet test suite and benchmarks are provided.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
