Abstract
Numerical software are susceptible to floating-point bugs and exceptions, which may lead to severe threats like denial of service attacks. Static analysis techniques such as symbolic execution are effective in detecting general bugs which often cause memory error or program crash. Unfortunately, these methods do not deal well with numerical code as they do not support floating-point constraints and math functions symbolically. In this paper, we propose a new analysis framework YUSE, which can detect floating-point bugs by constructing constraints and exploring paths which contain floating-point expressions. Specifically, we introduce interval computation and interval constraint propagation in non-relational numerical abstract domains, and symbolically model math functions, to accurately detect floating-point bugs and exceptions. Moreover, we leverage two-phase constraint solving to enhance YUSE’s performance. Experimental results show that YUSE outperforms two state-of-the-art tools, Frama-c and Fpse-study, in terms of effectiveness and efficiency, with 1.4× and 7.1× faster than Frama-c and Fpse-study, respectively. Moreover, YUSE found 20 new bugs in real-world software, 12 of which were assigned CVE IDs and 8 of which were confirmed by developers.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
