skip to main content
research-article

How to combine widening and narrowing for non-monotonic systems of equations

Published:16 June 2013Publication History
Skip Abstract Section

Abstract

Non-trivial analysis problems require complete lattices with infinite ascending and descending chains. In order to compute reasonably precise post-fixpoints of the resulting systems of equations, Cousot and Cousot have suggested accelerated fixpoint iteration by means of widening and narrowing.

The strict separation into phases, however, may unnecessarily give up precision that cannot be recovered later. While widening is also applicable if equations are non-monotonic, this is no longer the case for narrowing. A narrowing iteration to improve a given post-fixpoint, additionally, must assume that all right-hand sides are monotonic. The latter assumption, though, is not met in presence of widening. It is also not met by equation systems corresponding to context-sensitive interprocedural analysis, possibly combining context-sensitive analysis of local information with flow-insensitive analysis of globals.

As a remedy, we present a novel operator that combines a given widening operator with a given narrowing operator. We present adapted versions of round-robin as well as of worklist iteration, local, and side-effecting solving algorithms for the combined operator and prove that the resulting solvers always return sound results and are guaranteed to terminate for monotonic systems whenever only finitely many unknowns (constraint variables) are encountered.

References

  1. K. Apinis, H. Seidl, and V. Vojdani. Side-Effecting Constraint Systems: A Swiss Army Knife for Program Analysis. In APLAS, pages 157--172. LNCS 7705, Springer, 2012.Google ScholarGoogle ScholarCross RefCross Ref
  2. Bruno Blanchet, Patrick Cousot, Radhia Cousot, Jérome Feret, Laurent Mauborgne, Antoine Miné, David Monniaux, and Xavier Rival. A static analyzer for large safety-critical software. In ACM SIGPLAN Notices, volume 38, pages 196--207. ACM, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. François Bourdoncle. Interprocedural abstract interpretation of block structured languages with nested procedures, aliasing and recursivity. In Programming Language Implementation and Logic Programming, 2nd International Workshop PLILP'90, volume 456 of Lecture Notes in Computer Science, pages 307--323. Springer-Verlag, 1990. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. François Bourdoncle. Efficient chaotic iteration strategies with widenings. In Proceedings of the International Conference on Formal Methods in Programming and their Applications, pages 128--141. Springer-Verlag, 1993.Google ScholarGoogle ScholarCross RefCross Ref
  5. Agostino Cortesi and Matteo Zanioli. Widening and narrowing operators for abstract interpretation. Computer Languages, Systems & Structures, 37(1):24--42, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. P. Cousot and R. Cousot. Static determination of dynamic properties of programs. In B. Robinet, editor, Second International Symposium on Programming, Paris, France, page 106--130. Dunod, Paris, 1976.Google ScholarGoogle Scholar
  7. P. Cousot and R. Cousot. Abstract Interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In 4th ACM Symp. on Principles of Programming Languages (POPL'77), pages 238--252. ACM Press, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. P. Cousot and R. Cousot. Static Determination of Dynamic Properties of Recursive Procedures. In IFIP Conf. on Formal Description of Programming Concepts, pages 237--277. North-Holland, 1977.Google ScholarGoogle Scholar
  9. P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. Combination of abstractions in the ASTRÉE static analyzer. In M. Okada and I. Satoh, editors, Eleventh Annual Asian Computing Science Conference (ASIAN'06), pages 272--300, Tokyo, Japan, LNCS 4435, 2007. Springer, Berlin. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Patrick Cousot. Semantic foundations of program analysis. In S.S. Muchnick and N.D. Jones, editors, Program Flow Analysis: Theory and Applications, chapter 10, page 303--342. Prentice-Hall, Inc., Englewood Cliffs, New Jersey, U.S.A., 1981.Google ScholarGoogle Scholar
  11. Patrick Cousot and Radhia Cousot. Comparing the galois connection and widening/narrowing approaches to abstract interpretation. In Maurice Bruynooghe and Martin Wirsing, editors, PLILP, volume 631 of LNCS, pages 269--295. Springer, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Christian Fecht and Helmut Seidl. A Faster Solver for General Systems of Equations. Science of Computer Programming, 35(2):137--161, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Denis Gopan and Thomas Reps. Lookahead widening. In Thomas Ball and Robert Jones, editors, Computer Aided Verification, volume 4144 of LNCS, pages 452--466. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Denis Gopan and Thomas Reps. Guided static analysis. In Hanne Nielson and Gilberto Filé, editors, Proc. of the 14th International Static Analysis Symposium (SAS), volume 4634 of LNCS, pages 349--365. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Bhargav Gulavani, Supratik Chakraborty, Aditya Nori, and Sriram Rajamani. Automatically refining abstract interpretations. In C. Ramakrishnan and Jakob Rehof, editors, Tools and Algorithms for the Construction and Analysis of Systems (TACAS'08), volume 4963 of LNCS, pages 443--458. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Sumit Gulwani, Sagar Jain, and Eric Koskinen. Control-flow refinement and progress invariants for bound analysis. In Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation (PLDI'09), page 375--385, June 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Jan Gustafsson, Adam Betts, Andreas Ermedahl, and Björn Lisper. The Mälardalen WCET benchmarks -- past, present and future. In Björn Lisper, editor, WCET2010, pages 137--147, Brussels, Belgium, July 2010. OCG.Google ScholarGoogle Scholar
  18. Nicolas Halbwachs and Julien Henry. When the decreasing sequence fails. In Antoine Miné and David Schmidt, editors, SAS, volume 7460 of LNCS, pages 198--213. Springer, 2012. ISBN 978-3-642-33124-4. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Julien Henry, David Monniaux, and Matthieu Moy. Succinct representations for abstract interpretation. In Antoine Miné and David Schmidt, editors, Static Analysis Symposium (SAS'12), volume 7460 of LNCS, pages 283--299. Springer Berlin / Heidelberg, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Martin Hofmann, Aleksandr Karbyshev, and Helmut Seidl. What is a pure functional? In ICALP (2), pages 199--210. LNCS 6199, Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Martin Hofmann, Aleksandr Karbyshev, and Helmut Seidl. Verifying a local generic solver in Coq. In SAS'10, pages 340--355. LNCS 6337, Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. B. Le Charlier and P. Van Hentenryck. A Universal Top-Down Fixpoint Algorithm. Technical Report 92--22, Institute of Computer Science, University of Namur, Belgium, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. David Monniaux and Julien Le Guen. Stratified static analysis based on variable dependencies. In The Third International Workshop on Numerical and Symbolic Abstract Domains, 2011.Google ScholarGoogle Scholar
  24. George C. Necula, Scott McPeak, S. P. Rahul, and Westley Weimer. CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In CC'02, volume 2304 of LNCS, pages 213--228. Springer, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Helmut Seidl, Varmo Vene, and Markus Müller-Olm. Global invariants for analyzing multithreaded applications. Proc. of the Estonian Academy of Sciences: Phys., Math., 52(4):413--436, 2003.Google ScholarGoogle Scholar
  26. Rahul Sharma, Isil Dillig, Thomas Dillig, and Alex Aiken. Simplifying loop invariant generation using splitter predicates. In Ganesh Gopalakrishnan and Shaz Qadeer, editors, Computer Aided Verification (CAV'11), volume 6806 of LNCS, pages 703--719. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Axel Simon and Andy King. Widening polyhedra with landmarks. In Naoki Kobayashi, editor, APLAS, volume 4279 of LNCS, pages 166-- 182. Springer, 2006. ISBN 3-540-48937-1. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. B. Vergauwen, J.Wauman, and J. Lewi. Efficient fixpoint computation. In SAS'94, volume 864 of LNCS, pages 314--328. Springer, 1994.Google ScholarGoogle Scholar
  29. Vesal Vojdani and Varmo Vene. Goblint: Path-sensitive data race analysis. Annales Univ. Sci. Budapest., Sect. Comp., 30:141--155, 2009.Google ScholarGoogle Scholar

Index Terms

  1. How to combine widening and narrowing for non-monotonic systems of equations

                  Recommendations

                  Comments

                  Login options

                  Check if you have access through your login credentials or your institution to get full access on this article.

                  Sign in

                  Full Access

                  • Published in

                    cover image ACM SIGPLAN Notices
                    ACM SIGPLAN Notices  Volume 48, Issue 6
                    PLDI '13
                    June 2013
                    515 pages
                    ISSN:0362-1340
                    EISSN:1558-1160
                    DOI:10.1145/2499370
                    Issue’s Table of Contents
                    • cover image ACM Conferences
                      PLDI '13: Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation
                      June 2013
                      546 pages
                      ISBN:9781450320146
                      DOI:10.1145/2491956

                    Copyright © 2013 ACM

                    Publisher

                    Association for Computing Machinery

                    New York, NY, United States

                    Publication History

                    • Published: 16 June 2013

                    Check for updates

                    Qualifiers

                    • research-article

                  PDF Format

                  View or Download as a PDF file.

                  PDF

                  eReader

                  View online with eReader.

                  eReader
                  About Cookies On This Site

                  We use cookies to ensure that we give you the best experience on our website.

                  Learn more

                  Got it!