Cross-Level Debugging for Static Analysers

Research output: Chapter in Book/Report/Conference proceedingConference paperResearch

49 Downloads (Pure)

Abstract

Static analyses provide the foundation for several tools that
help developers find problems before executing the program
under analysis. Common applications include warning about
unused code, deprecated API calls, or about potential security
vulnerabilities within an IDE. A static analysis distinguishes
itself from a dynamic analysis in that it is supposed to termi-
nate even if the program under analysis does not. In many
cases it is also desired for the analysis to be sound, meaning
that its answers account for all possible program behavior.
Unfortunately, analysis developers may make mistakes that
violate these properties resulting in hard-to-find bugs in the
analysis code itself. Finding these bugs can be a difficult task,
especially since analysis developers have to reason about
two separate code-bases: the analyzed code and the analysis
implementation. The former is usually where the bug man-
ifests itself, while the latter contains the faulty implemen-
tation. A recent survey has found that analysis developers
prefer to reason about the analyzed program, indicating that
debugging would be easier if debugging features such as
(conditional) breakpoints and stepping were also available
in the analyzed program. In this paper, we therefore propose
cross-level debugging for static analysis. This novel technique
moves debugging features such as stepping and breakpoints
to the base-layer (i.e., analyzed program), while still making
interactions with the meta-layer (i.e., analysis implementa-
tion) possible. To this end, we introduce novel conditional
breakpoints that express conditions, which we call meta-
predicates, about the current analysis’ state. We integrated
this debugging technique in a framework for implement-
ing modular abstract interpretation-based static analyses
called MAF. Through a detailed case study on 4 real-world
bugs taken from the repository of MAF, we demonstrate how cross-level debugging helps analysis developers in locating
and solving bugs.
Original languageEnglish
Title of host publicationProceedings of the 16th ACM SIGPLAN International Conference on Software Language Engineering (SLE ’23)
Subtitle of host publicationSPLASH 2023
EditorsJoao Saraiva, Thomas Degueule, Elizabeth Scott
Place of PublicationNew York, NY, USA
PublisherACM
Pages138-148
Number of pages11
ISBN (Electronic)9798400703966
ISBN (Print)979-8-4007-0396-6/23/10
DOIs
Publication statusPublished - 23 Oct 2023
Event16th ACM SIGPLAN International Conference on Software Language Engineering - Hotel Cascais Miragem, Cascais, Portugal
Duration: 23 Oct 202324 Oct 2023
Conference number: 16

Publication series

NameSLE 2023 - Proceedings of the 16th ACM SIGPLAN International Conference on Software Language Engineering, Co-located with: SPLASH 2023

Conference

Conference16th ACM SIGPLAN International Conference on Software Language Engineering
Abbreviated titleSLE 23
Country/TerritoryPortugal
CityCascais
Period23/10/2324/10/23

Bibliographical note

Funding Information:
This work has been partially funded by FWO (Research Foundations Flanders) under grant number 1187122N.

Publisher Copyright:
© 2023 ACM.

Keywords

  • Static Program Analysis
  • Debugging

Fingerprint

Dive into the research topics of 'Cross-Level Debugging for Static Analysers'. Together they form a unique fingerprint.

Cite this