Nimrod Partush scite author profile

Abstract. We address the problem of computing semantic differences between a program and a patched version of the program. Our goal is to obtain a precise characterization of the difference between program versions, or establish their equivalence when no difference exists. We focus on computing semantic differences in numerical programs where the values of variables have no a-priori bounds, and use abstract interpretation to compute an over-approximation of program differences. Computing differences and establishing equivalence under abstraction requires abstracting relationships between variables in the two programs. Towards that end, we first construct a correlating program in which these relationships can be tracked, and then use a correlating abstract domain to compute a sound approximation of these relationships. To better establish equivalence between correlated variables and precisely capture differences, our domain has to represent non-convex information using a partially-disjunctive abstract domain. To balance precision and cost of this representation, our domain over-approximates numerical information while preserving equivalence between correlated variables by dynamically partitioning the disjunctive state according to equivalence criteria. We have implemented our approach in a tool called DIZY, and applied it to a number of real-world examples, including programs from the GNU core utilities, Mozilla Firefox and the Linux Kernel. Our evaluation shows that DIZY often manages to establish equivalence, describes precise approximation of semantic differences when difference exists, and reports only a few false differences.

show abstract

Similarity of binaries through re-optimization

David

Partush

Yahav

2017

View full text Add to dashboard Cite

Binary Similarity Detection Using Machine Learning

Shalev

Partush²

2018

View full text Add to dashboard Cite

Refining interprocedural change-impact analysis using equivalence relations

Gyori

Lahiri

Partush

2017

View full text Add to dashboard Cite

Change-impact analysis (CIA) is the task of determining the set of program elements impacted by a program change. Precise CIA has great potential to avoid expensive testing and code reviews for (parts of) changes that are refactorings (semantics-preserving). Existing CIA is imprecise because it is coarse-grained, deals with only few refactoring patterns, or is unaware of the change semantics.We formalize the notion of change impact in terms of the trace semantics of two program versions. We show how to leverage equivalence relations to make dataflow-based CIA aware of the change semantics, thereby improving precision in the presence of semantics-preserving changes. We propose an anytime algorithm that allows applying costly equivalence relation inference incrementally to refine the set of impacted statements. We have implemented a prototype in SYMDIFF, and evaluated it on 322 real-world changes from open-source projects and benchmark programs used by prior research. The evaluation results show an average 35% improvement in the size of the set of impacted statements compared to standard dataflow-based techniques. + static unsigned char line_delim = '\n'; 2 int print_product_info(int name , int version) { 3 int locale , printed = 0; 4 -print_header('\n' ); 5 + print_header(line_delim ); // spurious arg impact 6 locale = locale_ok(); // spurious impact 7 if (name) { 8 printed = print_name(locale); 9 } 10 if (version && printed) { 11 printed = print_major_version(locale)); 12 -printed = print_minor_version(locale ,'\n' );

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Nimrod Partush

Statistical similarity of binaries

Abstract Semantic Differencing for Numerical Programs

Similarity of binaries through re-optimization

Binary Similarity Detection Using Machine Learning

Refining interprocedural change-impact analysis using equivalence relations

Contact Info

Product

Resources

About