Skip to main content
SpringerLink
Log in

A Decision Procedure for String Logic with Quadratic Equations, Regular Expressions and Length Constraints

  • Conference paper
  • First Online:
Programming Languages and Systems (APLAS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11275))

Included in the following conference series:

Abstract

In this work, we consider the satisfiability problem in a logic that combines word equations over string variables denoting words of unbounded lengths, regular languages to which words belong and Presburger constraints on the length of words. We present a novel decision procedure over two decidable fragments that include quadratic word equations (i.e., each string variable occurs at most twice). The proposed procedure reduces the problem to solving the satisfiability in the Presburger arithmetic. The procedure combines two main components: (i) an algorithm to derive a complete set of all solutions of conjunctions of word equations and regular expressions; and (ii) two methods to precisely compute relational constraints over string lengths implied by the set of all solutions. We have implemented a prototype tool and evaluated it over a set of satisfiability problems in the logic. The experimental results show that the tool is effective and efficient.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. CVC4-1.5. http://cvc4.cs.stanford.edu/web/. Accessed 14 Jun 2018

  2. Norn. http://user.it.uu.se/jarst116/norn/. Accessed 14 June 2018

  3. S3P. http://www.comp.nus.edu.sg/trinhmt/S3/S3P-bin-090817.zip. Accessed 20 Jan 2018

  4. TRAU. https://github.com/diepbp/fat. Accessed 10 June 2018

  5. Z3str3. https://sites.google.com/site/z3strsolver/getting-started. Accessed 14 June 2018

  6. Abdulla, P.A., et al.: Flatten and conquer: a framework for efficient analysis of string constraints. In: PLDI (2017)

    Google Scholar 

  7. Abdulla, P.A., et al.: String constraints for verification. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 150–166. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08867-9_10

    Chapter  Google Scholar 

  8. Abdulla, P.A., et al.: Norn: an SMT solver for string constraints. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 462–469. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21690-4_29

    Chapter  Google Scholar 

  9. Berzish, M., Ganesh, V., Zheng, Y.: ZSstrS: a string solver with theory-aware heuristics. In: 2017 Formal Methods in Computer Aided Design (FMCAD), pp. 55–59, October 2017

    Google Scholar 

  10. Brotherston, J.: Cyclic proofs for first-order logic with inductive definitions. In: Beckert, B. (ed.) TABLEAUX 2005. LNCS (LNAI), vol. 3702, pp. 78–92. Springer, Heidelberg (2005). https://doi.org/10.1007/11554554_8

    Chapter  MATH  Google Scholar 

  11. Büchi, J.R., Senger, S.: Definability in the existential theory of concatenation and undecidable extensions of this theory. In: Mac Lane, S., Siefkes, D. (eds.) The Collected Works of J. Richard Büchi, pp. 671–683. Springer, New York (1990). https://doi.org/10.1007/978-1-4613-8928-6_37

    Chapter  Google Scholar 

  12. Chen, T., Chen, Y., Hague, M., Lin, A.W., Wu, Z.: What is decidable about string constraints with the replaceall function. In: POPL (2018)

    Google Scholar 

  13. Ciobanu, L., Diekert, V., Elder, M.: Solution sets for equations over free groups are EDT0L languages. In: Halldórsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) ICALP 2015. LNCS, vol. 9135, pp. 134–145. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47666-6_11

    Chapter  MATH  Google Scholar 

  14. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  15. Diekert, V.: Makanin’s Algorithm. Cambridge University Press, Cambridge (2002)

    Google Scholar 

  16. Diekert, V.: More than 1700 years of word equations. In: Maletti, A. (ed.) CAI 2015. LNCS, vol. 9270, pp. 22–28. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23021-4_2

    Chapter  Google Scholar 

  17. Diekert, V., Robson, J.M.: Quadratic word equations. In: Karhumäki, J., Maurer, H., Pąun, G., Rozenberg, G. (eds.) Jewels are Forever, pp. 314–326. Springer, Heidelberg (1999). https://doi.org/10.1007/978-3-642-60207-8_28

    Chapter  Google Scholar 

  18. Esparza, J.: Petri nets, commutative context-free grammars, and basic parallel processes. In: Reichel, H. (ed.) FCT 1995. LNCS, vol. 965, pp. 221–232. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60249-6_54

    Chapter  Google Scholar 

  19. Esparza, J., Ganty, P., Kiefer, S., Luttenberger, M.: Parikh’s theorem: a simple and direct automaton construction. Inf. Process. Lett. 111(12), 614–619 (2011)

    Article  MathSciNet  Google Scholar 

  20. Ferté, J., Marin, N., Sénizergues, G.: Word-mappings of level 2. Theory Comput. Syst. 54(1), 111–148 (2014)

    Article  MathSciNet  Google Scholar 

  21. Fischer, M.J., Rabin, M.O.: Super-exponential complexity of presburger arithmetic. Technical report, Cambridge, MA, USA (1974)

    Google Scholar 

  22. Ganesh, V., Minnes, M., Solar-Lezama, A., Rinard, M.: Word equations with length constraints: what’s decidable? In: Biere, A., Nahir, A., Vos, T. (eds.) HVC 2012. LNCS, vol. 7857, pp. 209–226. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39611-3_21

    Chapter  Google Scholar 

  23. Holik, L., Janku, P., Lin, A.W., Ruemmer, P., Vojnar, T.: String constraints with concatenation and transducers solved efficiently. In: POPL (2018)

    Google Scholar 

  24. Hooimeijer, P., Weimer, W.: A decision procedure for subset constraints over regular languages. In: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2009, pp. 188–198. ACM, New York (2009)

    Google Scholar 

  25. Hooimeijer, P., Weimer, W.: Solving string constraints lazily. In: Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, ASE 2010, pp. 377–386 (2010)

    Google Scholar 

  26. Hopcroft, J.E., Motwani, R., Ullman, J.D.: Introduction to Automata Theory, Languages, and Computation 3rd edn. Addison-Wesley Longman Publishing Co., Inc. (2006)

    Google Scholar 

  27. Jaffar, J.: Minimal and complete word unification. J. ACM 37(1), 47–85 (1990)

    Article  MathSciNet  Google Scholar 

  28. Jez, A.: Recompression: a simple and powerful technique for word equations. J. ACM 63(1), 4:1–4:51 (2016)

    Article  MathSciNet  Google Scholar 

  29. Khmelevskii, I.: Equations in free semigroups, issue 107 of Proceedings of the Steklov Institute of Mathematics (1971). English Translation in Proceedings of American Mathematical Society (1976)

    Google Scholar 

  30. Le, Q.L., Sun, J., Chin, W.-N.: Satisfiability modulo heap-based programs. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9779, pp. 382–404. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41528-4_21

    Chapter  Google Scholar 

  31. Le, Q.L., Sun, J., Qin, S.: Frame inference for inductive entailment proofs in separation logic. In: Beyer, D., Huisman, M. (eds.) TACAS 2018. LNCS, vol. 10805, pp. 41–60. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89960-2_3

    Chapter  Google Scholar 

  32. Le, Q.L., Tatsuta, M., Sun, J., Chin, W.-N.: A decidable fragment in separation logic with inductive predicates and arithmetic. In: Majumdar, R., Kunčak, V. (eds.) CAV 2017. LNCS, vol. 10427, pp. 495–517. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63390-9_26

    Chapter  Google Scholar 

  33. Liang, T., Reynolds, A., Tinelli, C., Barrett, C., Deters, M.: A DPLL(T) theory solver for a theory of strings and regular expressions. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 646–662. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08867-9_43

    Chapter  Google Scholar 

  34. Liang, T., Reynolds, A., Tsiskaridze, N., Tinelli, C., Barrett, C., Deters, M.: An efficient smt solver for string constraints. Form. Methods Syst. Des. 48(3), 206–234 (2016)

    Article  Google Scholar 

  35. Liang, T., Tsiskaridze, N., Reynolds, A., Tinelli, C., Barrett, C.: A decision procedure for regular membership and length constraints over unbounded strings. In: Lutz, C., Ranise, S. (eds.) FroCoS 2015. LNCS (LNAI), vol. 9322, pp. 135–150. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24246-0_9

    Chapter  Google Scholar 

  36. Lin, A.W., Barceló, P.: String solving with word equations and transducers: towards a logic for analysing mutation XSS. In: POPL, pp. 123–136. ACM (2016)

    Google Scholar 

  37. Makanin, G.: The problem of solvability of equations in a free semigroup. Math. USSR-Sbornik 32(2), 129–198 (1977)

    Article  MathSciNet  Google Scholar 

  38. Parikh, R.J.: On context-free languages. J. ACM 13(4), 570–581 (1966)

    Article  Google Scholar 

  39. Plandowski, W.: Satisfiability of word equations with constants is in PSPACE. J. ACM 51(3), 483–496 (2004)

    Article  MathSciNet  Google Scholar 

  40. Plandowski, W.: An efficient algorithm for solving word equations. In: STOC, pp. 467–476. ACM, New York (2006)

    Google Scholar 

  41. Rozenberg, G., Salomaa, A.: Handbook of Formal Lanuages: Volume 1 Word, Language, Grammar. Springer, Heidelberg (1997). https://doi.org/10.1007/978-3-642-59136-5

    MATH  Google Scholar 

  42. Rozenberg, G., Vermeir, D.: On ETOL systems of finite index. Inf. Control 38(1), 103–133 (1978)

    Article  MathSciNet  Google Scholar 

  43. Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for javascript. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP 2010, pp. 513–528, Washington, DC, USA. IEEE Computer Society (2010)

    Google Scholar 

  44. Schulz, K.U.: Makanin’s algorithm for word equations-two improvements and a generalization. In: Schulz, K.U. (ed.) IWWERT 1990. LNCS, vol. 572, pp. 85–150. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-55124-7_4

    Chapter  Google Scholar 

  45. Seidl, H., Schwentick, T., Muscholl, A., Habermehl, P.: Counting in trees for free. In: Díaz, J., Karhumäki, J., Lepistö, A., Sannella, D. (eds.) ICALP 2004. LNCS, vol. 3142, pp. 1136–1149. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27836-8_94

    Chapter  Google Scholar 

  46. Tatsuta, M., Le, Q.L., Chin, W.-N.: Decision procedure for separation logic with inductive definitions and Presburger arithmetic. In: Igarashi, A. (ed.) APLAS 2016. LNCS, vol. 10017, pp. 423–443. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47958-3_22

    Chapter  MATH  Google Scholar 

  47. Trinh, M.T., Chu, D.H., Jaffar, J.: S3: asymbolic string solver for vulnerability detection in web applications. In: CCS, pp. 1232–1243. ACM, New York (2014)

    Google Scholar 

  48. Trinh, M.-T., Chu, D.-H., Jaffar, J.: Progressive reasoning over recursively-defined strings. In: CAV (2016)

    Google Scholar 

  49. Verma, K.N., Seidl, H., Schwentick, T.: On the complexity of equational horn clauses. In: Nieuwenhuis, R. (ed.) CADE 2005. LNCS (LNAI), vol. 3632, pp. 337–352. Springer, Heidelberg (2005). https://doi.org/10.1007/11532231_25

    Chapter  Google Scholar 

  50. Zheng, Y., et al.: Z3str2: an efficient solver for strings, regular expressions, and length constraints. Form. Methods Syst. Des. 50(2–3), 249–288 (2017)

    Article  Google Scholar 

  51. Zheng, Y., Ganesh, V., Subramanian, S., Tripp, O., Dolby, J., Zhang, X.: Effective search-space pruning for solvers of string equations, regular expressions and length constraints. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 235–254. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21690-4_14

    Chapter  Google Scholar 

  52. Zheng, Y., Zhang, X., Ganesh, V.: Z3-str: a z3-based string solver for web application analysis. In: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2013, pp. 114–124. ACM, New York (2013)

    Google Scholar 

Download references

Acknowledgments

Anthony W. Lin and Vijay Ganesh for the helpful discussions. Cesare Tinelli and Andrew Reynolds for useful comments and testing on the benchmarks over CVC4. We thank Bui Phi Diep for his generous help on Trau experiments. We are grateful for the constructive feedback from the anonymous reviewers.

Author information

Authors and Affiliations

  1. Teesside University, Middlesbrough, UK

    Quang Loc Le & Mengda He

Authors
  1. Quang Loc Le
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mengda He
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Quang Loc Le .

Editor information

Editors and Affiliations

  1. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Sukyoung Ryu

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Le, Q.L., He, M. (2018). A Decision Procedure for String Logic with Quadratic Equations, Regular Expressions and Length Constraints. In: Ryu, S. (eds) Programming Languages and Systems. APLAS 2018. Lecture Notes in Computer Science(), vol 11275. Springer, Cham. https://doi.org/10.1007/978-3-030-02768-1_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02768-1_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02767-4

  • Online ISBN: 978-3-030-02768-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation