skip to main content
research-article

Analyzing recursive programs using a fixed-point calculus

Published:15 June 2009Publication History
Skip Abstract Section

Abstract

We show that recursive programs where variables range over finite domains can be effectively and efficiently analyzed by describing the analysis algorithm using a formula in a fixed-point calculus. In contrast with programming in traditional languages, a fixed-point calculus serves as a high-level programming language to easily, correctly, and succinctly describe model-checking algorithms While there have been declarative high-level formalisms that have been proposed earlier for analysis problems (e.g., Datalog the fixed-point calculus we propose has the salient feature that it also allows algorithmic aspects to be specified.

We exhibit two classes of algorithms of symbolic (BDD-based) algorithms written using this framework-- one for checking for errors in sequential recursive Boolean programs, and the other to check for errors reachable within a bounded number of context-switches in a concurrent recursive Boolean program. Our formalization of these otherwise complex algorithms is extremely simple, and spans just a page of fixed-point formulae. Moreover, we implement these algorithms in a tool called Getafix which expresses algorithms as fixed-point formulae and evaluates them efficiently using a symbolic fixed-point solver called Mucke. The resulting model-checking tools are surprisingly efficient and are competitive in performance with mature existing tools that have been fine-tuned for these problems.

References

  1. R. Alur, M. Benedikt, K. Etessami, P. Godefroid, T. W. Reps, and M. Yannakakis. Analysis of recursive state machines. ACM Trans. Program. Lang. Syst., 27(4):786--818, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. R. Alur, M. McDougall, and Z. Yang. Exploiting behavioral hierarchy for efficient model checking. In E. Brinksma and K. G. Larsen, editors, CAV, volume 2404 of Lecture Notes in Computer Science, pages 338--342. Springer, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. T. Ball, B. Cook, V. Levin, and S. K. Rajamani. SLAM and Static Driver Verifier: Technology transfer of formal methods inside Microsoft. In E. A. Boiten, J. Derrick, and G. Smith, editors, IFM, volume 2999 of Lecture Notes in Computer Science, pages 1--20. Springer, 2004.Google ScholarGoogle Scholar
  4. T. Ball and S. K. Rajamani. Bebop: A symbolic model checker for Boolean programs. In K. Havelund, J. Penix, and W. Visser, editors, SPIN, volume 1885 of Lecture Notes in Computer Science, pages 113--130. Springer, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. T. Ball and S. K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL, pages 1--3. ACM, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. D. Beyer, T. A. Henzinger, R. Jhala, and R. Majumdar. The software model checker Blast. STTT, 9(5--6):505--525, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. A. Biere. Mucke -- efficient mu-calculus model checking. In O. Grumberg, editor, CAV, volume 1254 of Lecture Notes in Computer Science, pages 468--471. Springer, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. J. R. Buchi. Regular canonical systems. Arch. Math. Logik Grundlagenforschung, 6:91--111, 1964.Google ScholarGoogle ScholarCross RefCross Ref
  9. S. Chaudhuri. Subcubic algorithms for recursive state machines. In G. C. Necula and P. Wadler, editors, POPL, pages 159--169. ACM, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. B. Cook, A. Podelski, and A. Rybalchenko. Terminator: Beyond safety. In T. Ball and R. B. Jones, editors, CAV, volume 4144 of Lecture Notes in Computer Science, pages 415--418. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. J. Esparza and S. Schwoon. A BDD-based model checker for recursive programs. In G. Berry, H. Comon, and A. Finkel, editors, CAV, volume 2102 of Lecture Notes in Computer Science, pages 324--336. Springer, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. A. Lal and T. W. Reps. Reducing concurrent analysis under a context bound to sequential analysis. In A. Gupta and S. Malik, editors, CAV, volume 5123 of Lecture Notes in Computer Science, pages 37--51. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. M. S. Lam, J. Whaley, V. B. Livshits, M. C. Martin, D. Avots, M. Carbin, and C. Unkel. Context-sensitive program analysis as database queries. In C. Li, editor, PODS, pages 1--12. ACM, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. O. Lhoták and L. Hendren. Jedd: a bdd-based relational extension of java. In PLDI '04: Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation, pages 158--169, New York, NY, USA, 2004. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. M. Musuvathi and S. Qadeer. Iterative context bounding for systematic testing of multithreaded programs. In J. Ferrante and K. S. McKinley, editors, PLDI, pages 446--455. ACM, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. W. Pugh and C. Chambers, editors. Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation 2004, Washington, DC, USA, June 9--11, 2004. ACM, 2004. Google ScholarGoogle ScholarCross RefCross Ref
  17. S. Qadeer and J. Rehof. Context-bounded model checking of concurrent software. In N. Halbwachs and L. D. Zuck, editors, TACAS, volume 3440 of Lecture Notes in Computer Science, pages 93--107. Springer, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. S. Qadeer and D. Wu. Kiss: keep it simple and sequential. In Pugh and Chambers {16}, pages 14--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. T.W. Reps, S. Horwitz, and S. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL, pages 49--61, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. T.W. Reps, S. Schwoon, and S. Jha. Weighted pushdown systems and their application to interprocedural dataflow analysis. In R. Cousot, editor, SAS, volume 2694 of Lecture Notes in Computer Science, pages 189--213. Springer, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. S. Schwoon. Model-Checking Pushdown Systems. PhD thesis, Technische Universitat Munchen, 2002.Google ScholarGoogle Scholar
  22. M. Sharir and A. Pnueli. Two approaches to inter-procedural data-flow analysis. In Program Flow Analysis: Theory and Applications, 1981.Google ScholarGoogle Scholar
  23. D. Suwimonteerabuth, J. Esparza, and S. Schwoon. Symbolic contextbounded analysis of multithreaded java programs. In K. Havelund, R. Majumdar, and J. Palsberg, editors, SPIN, volume 5156 of Lecture Notes in Computer Science, pages 270--287. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. I. Walukiewicz. Pushdown processes: Games and model-checking. Inf. Comput., 164(2):234--263, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. J. Whaley and M. S. Lam. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In Pugh and Chambers {16}, pages 131--144. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Analyzing recursive programs using a fixed-point calculus

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            • Published in

              cover image ACM SIGPLAN Notices
              ACM SIGPLAN Notices  Volume 44, Issue 6
              PLDI '09
              June 2009
              478 pages
              ISSN:0362-1340
              EISSN:1558-1160
              DOI:10.1145/1543135
              Issue’s Table of Contents
              • cover image ACM Conferences
                PLDI '09: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation
                June 2009
                492 pages
                ISBN:9781605583921
                DOI:10.1145/1542476

              Copyright © 2009 ACM

              Publisher

              Association for Computing Machinery

              New York, NY, United States

              Publication History

              • Published: 15 June 2009

              Check for updates

              Qualifiers

              • research-article

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!