Abstract
This article considers some known abstract domains for affine-relation analysis (ARA), along with several variants, and studies how they relate to each other. The various domains represent sets of points that satisfy affine relations over variables that hold machine integers and are based on an extension of linear algebra to modules over a ring (in particular, arithmetic performed modulo 2w, for some machine-integer width w).
We show that the abstract domains of Müller-Olm/Seidl (MOS) and King/Søndergaard (KS) are, in general, incomparable. However, we give sound interconversion methods. In other words, we give an algorithm to convert a KS element vKS to an overapproximating MOS element vMOS—that is, γ (vKS) ⊆ γ (vMOS—as well as an algorithm to convert an MOS element wMOS to an overapproximating KS element wKS—that is, γ (wMOS) ⊆ γ (wKS).
The article provides insight on the range of options that one has for performing ARA in a program analyzer:
—We describe how to perform a greedy, operator-by-operator abstraction method to obtain KS abstract transformers.
—We also describe a more global approach to obtaining KS abstract transformers that considers the semantics of an entire instruction, basic block, or other loop-free program fragment.
The latter method can yield best abstract transformers, and hence can be more precise than the former method. However, the latter method is more expensive.
We also explain how to use the KS domain for interprocedural program analysis using a bit-precise concrete semantics, but without bit blasting.
- R. Bagnara, K. Dobson, P. M. Hill, M. Mundell, and E. Zaffanella. 2006. Grids: A domain for analyzing the distribution of numerical values. In Proceedings of the 16th International Conference on Logic-Based Program Synthesis and Transformation. 219--235. Google Scholar
Digital Library
- R. Bagnara, P. M. Hill, and E. Zaffanella. 2008. The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems. Science of Computer Programming 72, 1--2, 3--21. Google Scholar
Digital Library
- A. Bouajjani, J. Esparza, and T. Touili. 2003. A generic approach to the static analysis of concurrent programs with procedures. In Proceedings of the 30th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’03). 62--73. Google Scholar
Digital Library
- R. M. Burstall. 1969. Proving properties of programs by structural induction. Computer Journal 12, 1, 41--48.Google Scholar
Cross Ref
- P. Clauss. 1996. Counting solutions to linear and nonlinear constraints through Ehrhart polynomials: Applications to analyze and transform scientific programs. In Proceedings of the 10th International Conference on Supercomputing. 278--285. Google Scholar
Digital Library
- P. Cousot and R. Cousot. 1979. Systematic design of program analysis frameworks. In Proceedings of the 6th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL’79). 269--282. Google Scholar
Digital Library
- P. Cousot and N. Halbwachs. 1978. Automatic discovery of linear restraints among variables of a program. In Proceedings of the 5th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL’78). 84--96. Google Scholar
Digital Library
- B. Dutertre and L. de Moura. 2006. The Yices SMT Solver. Retrieved September 2, 2014, from http://yices.csl.sri.com.Google Scholar
- M. Elder, J. Lim, T. Sharma, T. Andersen, and T. Reps. 2011. Abstract domains of affine relations. In Proceedings of the 18th International Conference on Static Analysis (SAS’11). 198--215. Google Scholar
Digital Library
- T. Fahringer. 1998. Efficient symbolic analysis for parallelizing compilers and performance estimators. Journal of Supercomputing 12, 3, 227--252. Google Scholar
Digital Library
- M. Fredrikson and S. Jha. 2013. Personal communication.Google Scholar
- P. Granger. 1989. Static analysis of arithmetical congruences. International Journal of Computer Mathematics 30, 3--4, 165--190.Google Scholar
Cross Ref
- S. Gulwani and G. C. Necula. 2003. Discovering affine equalities using random interpretation. In Proceedings of the 30th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’03). 74--84. Google Scholar
Digital Library
- S. Gulwani and G. C. Necula. 2005. Precise interprocedural analysis using random interpretation. In Proceedings of the 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’05). 324--337. Google Scholar
Digital Library
- J. A. Howell. 1986. Spans in the module (ℤm)s. Linear and Multilinear Algebra 19, 1, 67--77.Google Scholar
Cross Ref
- B. Jeannet. Polka. 2007. Retrieved September 2, 2014, from http://pop-art.inrialpes.fr/∼bjeannet/newpolka/polka.pdf.Google Scholar
- N. D. Jones and A. Mycroft. 1986. Data flow analysis of applicative programs using minimal function graphs. In Proceedings of the 13th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL’86). 296--306. Google Scholar
Digital Library
- M. Karr. 1976. Affine relationship among variables of a program. Acta Informatica 6, 133--151. Google Scholar
Digital Library
- N. Kidd, A. Lal, and T. Reps. 2007. WALi: The Weighted Automata Library. Retrieved September 2, 2014, from www.cs.wisc.edu/wpis/wpds/download.php.Google Scholar
- A. King and H. Søndergaard. 2008. Inferring congruence equations using SAT. In Proceedings of the 20th International Conference on Computer Aided Verification (CAV’08). 281--293. Google Scholar
Digital Library
- A. King and H. Søndergaard. 2010. Automatic abstraction for congruences. In Proceedings of the 11th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI’10). 197--213. Google Scholar
Digital Library
- J. Knoop and B. Steffen. 1992. The interprocedural coincidence theorem. In Proceedings of the 4th International Conference on Compiler Construction (CC’92). 125--140. Google Scholar
Digital Library
- A. Lal and T. Reps. 2006. Improving pushdown system model checking. In Proceedings of the 18th International Conference on Computer Aided Verification (CAV’06). 343--357. Google Scholar
Digital Library
- A. Lal, T. Reps, and G. Balakrishnan. 2005. Extended weighted pushdown systems. In Proceedings of the 17th International Conference on Computer Aided Verification (CAV’05). 434--448. Google Scholar
Digital Library
- J. Lim and T. Reps. 2008. A system for generating static analyzers for machine instructions. In Proceedings of the Joint European Conferences on Theory and Practice of Software 17th International Conference on Compiler Construction (CC’08/ETAPS’08). 36--52. Google Scholar
Digital Library
- J. Lim and T. Reps. 2013. TSL: A system for generating abstract interpreters and its application to machine-code analysis. Transactions on Programming Languages and Systems 35, 1, 4. Google Scholar
Digital Library
- K. Malmkjær. 1993. Abstract Interpretation of Partial-Evaluation Algorithms. Ph.D. Dissertation. Department of Computer and Information Sciences, Kansas State University, Manhattan, KS.Google Scholar
- C. D. Meyer. 2000. Matrix Analysis and Applied Linear Algebra. SIAM, Philadelphia, PA. Google Scholar
Digital Library
- M. Müller-Olm and H. Seidl. 2004. Precise interprocedural analysis through linear algebra. In Proceedings of the 31st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’04). 330--341. Google Scholar
Digital Library
- M. Müller-Olm and H. Seidl. 2005a. Analysis of modular arithmetic. In Programming Languages and Systems. Lecture Notes in Computer Science, Vol. 3444. Springer, 46--60. Google Scholar
Digital Library
- M. Müller-Olm and H. Seidl. 2005b. A generic framework for interprocedural analysis of numerical properties. In Proceedings of the 12th International Conference on Static Analysis (SAS’05). 235--250. Google Scholar
Digital Library
- M. Müller-Olm and H. Seidl. 2005c. Personal communication.Google Scholar
- M. Müller-Olm and H. Seidl. 2007. Analysis of modular arithmetic. Transactions on Programming Languages and Systems 29, 5, Article No. 29. Google Scholar
Digital Library
- A. Mycroft and N. D. Jones. 1985. A relational framework for abstract interpretation. In Proceedings of a Workshop on Programs as Data Objects. 156--171. Google Scholar
Digital Library
- F. Nielson. 1989. Two-level semantics and abstract interpretation. Theoretical Computer Science 69, 117--242. Google Scholar
Digital Library
- W. Pugh. 1994. Counting solutions to Presburger formulas: How and why. In Proceedings of the ACM SIGPLAN 1994 Conference on Programming Language Design and Implementation (PLDI’94). 121--134. Google Scholar
Digital Library
- T. Reps, M. Sagiv, and G. Yorsh. 2004. Symbolic implementation of the best transformer. In Verification, Model Checking, and Abstract Interpretation. Lecture Notes in Computer Science, Vol. 2937. 252--266.Google Scholar
Cross Ref
- T. Reps, S. Schwoon, S. Jha, and D. Melski. 2005. Weighted pushdown systems and their application to interprocedural dataflow analysis. Science of Computer Programming 58, 1--2, 206--263. Google Scholar
Digital Library
- D. A. Schmidt. 1986. Denotational Semantics. Allyn & Bacon, Boston, MA.Google Scholar
- M. Sharir and A. Pnueli. 1981. Two approaches to interprocedural data flow analysis. In Program Flow Analysis: Theory and Applications. Prentice Hall, 189--233.Google Scholar
- A. Storjohann. 2000. Algorithms for Matrix Canonical Forms. Ph.D. Dissertation. ETH Zurich, Zurich, Switzerland.Google Scholar
- N. Tawbi. 1994. Estimation of nested loop execution time by integer arithmetic in convex polyhedra. In Proceedings of the 8th International Symposium on Parallel Processing. 217--221. Google Scholar
Digital Library
- A. Thakur, M. Elder, and T. Reps. 2012. Bilateral algorithms for symbolic abstraction. In Proceedings of the 19th International Conference on Static Analysis (SAS’12). 111--128. Google Scholar
Digital Library
- A. Thakur and T. Reps. 2012. A method for symbolic computation of abstract operations. In Proceedings of the 24th International Conference on Computer Aided Verification (CAV’12). 174--192. Google Scholar
Digital Library
- H. S. Warren, Jr. 2003. Hacker’s Delight. Addison-Wesley.Google Scholar
Index Terms
Abstract Domains of Affine Relations
Recommendations
Logical optimality of groundness analysis
In the context of the abstract interpretation theory, we study the relations among various abstract domains for groundness analysis of the logic programs. We reconstruct the well-known domain as a logical domain in a fully automatic way and we prove ...
Making abstract domains condensing
In this article, we show that reversible analyses of logic languages by abstract interpretation can be performed without loss of precision by systematically refining abstract domains. This is obtained by adding to the abstract domain the minimal amount ...
Complementation in abstract interpretation
Reduced product of abstract domains is a rather well-known operation for domain composition in abstract interpretation. In this article, we study its inverse operation, introducing a notion of domain complementation in abstract interpretation. ...






Comments