Skip to main content
SpringerLink
Log in

Word Equations with Length Constraints: What’s Decidable?

  • Conference paper
Hardware and Software: Verification and Testing (HVC 2012)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7857))

Included in the following conference series:

Abstract

We prove several decidability and undecidability results for the satisfiability and validity problems for languages that can express solutions to word equations with length constraints. The atomic formulas over this language are equality over string terms (word equations), linear inequality over the length function (length constraints), and membership in regular sets. These questions are important in logic, program analysis, and formal verification. Variants of these questions have been studied for many decades by mathematicians. More recently, practical satisfiability procedures (aka SMT solvers) for these formulas have become increasingly important in the context of security analysis for string-manipulating programs such as web applications.

We prove three main theorems. First, we give a new proof of undecidability for the validity problem for the set of sentences written as a ∀ ∃ quantifier alternation applied to positive word equations. A corollary of this undecidability result is that this set is undecidable even with sentences with at most two occurrences of a string variable. Second, we consider Boolean combinations of quantifier-free formulas constructed out of word equations and length constraints. We show that if word equations can be converted to a solved form, a form relevant in practice, then the satisfiability problem for Boolean combinations of word equations and length constraints is decidable. Third, we show that the satisfiability problem for quantifier-free formulas over word equations in regular solved form, length constraints, and the membership predicate over regular expressions is also decidable.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Blumensath, A.: Automatic structures. Diploma thesis, RWTH-Aachen (1999)

    Google Scholar 

  2. Cadar, C., Ganesh, V., Pawlowski, P., Dill, D., Engler, D.: EXE: automatically generating inputs of death. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S. (eds.) ACM Conference on Computer and Communications Security, pp. 322–335. ACM (2006)

    Google Scholar 

  3. Charatonik, W., Pacholski, L.: Word equations with two variables. In: Abdulrab, H., Pécuchet, J.-P. (eds.) IWWERT 1991. LNCS, vol. 677, pp. 43–56. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  4. Dabrowski, R., Plandowski, W.: On word equations in one variable. Algorithmica 60(4), 819–828 (2011)

    Article  MathSciNet  Google Scholar 

  5. Durnev, V.: Undecidability of the positive ∀ ∃ 3-theory of a free semigroup. Siberian Mathematical Journal 36(5), 1067–1080 (1995)

    Article  MathSciNet  Google Scholar 

  6. Ebbinghaus, H.-D., Flum, J., Thomas, W.: Mathematical Logic. Undergraduate Texts in Mathematics. Springer (1994)

    Google Scholar 

  7. Emmi, M., Majumdar, R., Sen, K.: Dynamic test input generation for database applications. In: Rosenblum, D., Elbaum, S. (eds.) ISSTA, pp. 151–162. ACM (2007)

    Google Scholar 

  8. Ganesh, V., Kieżun, A., Artzi, S., Guo, P.J., Hooimeijer, P., Ernst, M.: HAMPI: A string solver for testing, analysis and vulnerability detection. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 1–19. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Godefroid, P., Klarlund, N., Sen, K.: DART: directed automated random testing. In: Sarkar, V., Hall, M. (eds.) PLDI, pp. 213–223. ACM (2005)

    Google Scholar 

  10. Hopcroft, J., Motwani, R., Ullman, J.: Introduction to automata theory, languages, and computation. Pearson/Addison Wesley (2007)

    Google Scholar 

  11. Ilie, L., Plandowski, W.: Two-variable word equations. ITA 34(6), 467–501 (2000)

    MathSciNet  MATH  Google Scholar 

  12. Karhumäki, J., Mignosi, F., Plandowski, W.: The expressibility of languages and relations by word equations. J. ACM 47(3), 483–505 (2000)

    Article  MathSciNet  Google Scholar 

  13. Kiezun, A., Ganesh, V., Guo, P., Hooimeijer, P., Ernst, M.: HAMPI: a solver for string constraints. In: Rothermel, G., Dillon, L. (eds.) ISSTA, pp. 105–116. ACM (2009)

    Google Scholar 

  14. Majumdar, R.: Private correspondence. SWS, MPI, Kaiserslautern, Germany (2010)

    Google Scholar 

  15. Makanin, G.: The problem of solvability of equations in a free semigroup. Math. Sbornik 103, 147–236 (1977); English transl. in Math USSR Sbornik 32 (1977)

    Google Scholar 

  16. Marchenkov, S.S.: Unsolvability of positive ∀ ∃-theory of free semi-group. Sibirsky Mathmatichesky Jurnal 23(1), 196–198 (1982)

    MathSciNet  MATH  Google Scholar 

  17. Matiyasevich, Y.: Word equations, Fibonacci numbers, and Hilbert’s tenth problem (2006) (unpublished), http://logic.pdmi.ras.ru/?yumat/Journal/jcontord.htm

  18. Matiyasevich, Y.: Computation paradigms in light of Hilbert’s Tenth Problem. In: Cooper, S., Löwe, B., Sorbi, A. (eds.) New Computational Paradigms, pp. 59–85. Springer, New York (2008)

    Chapter  Google Scholar 

  19. Möller, O.: ∃ BV [n] solvability. SRI International, Menlo Park, CA, USA (October 1996) (unpublished manuscript)

    Google Scholar 

  20. Plandowski, W.: Satisfiability of word equations with constants is in PSPACE. In: FOCS, pp. 495–500. IEEE Computer Society (1999)

    Google Scholar 

  21. Plandowski, W.: An efficient algorithm for solving word equations. In: Kleinberg, J. (ed.) STOC, pp. 467–476. ACM (2006)

    Google Scholar 

  22. Presburger, M.: Über de vollständigkeit eines gewissen systems der arithmetik ganzer zahlen, in welchen, die addition als einzige operation hervortritt. In: Comptes Rendus du Premier Congrès des Mathématicienes des Pays Slaves, Warsaw, pp. 92–101, 395 (1927)

    Google Scholar 

  23. Quine, W.V.: Concatenation as a basis for arithmetic. The Journal of Symbolic Logic 11(4), 105–114 (1946)

    Article  MathSciNet  MATH  Google Scholar 

  24. Robson, J.M., Diekert, V.: On quadratic word equations. In: Meinel, C., Tison, S. (eds.) STACS 1999. LNCS, vol. 1563, pp. 217–226. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  25. Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for JavaScript. In: IEEE Symposium on Security and Privacy, pp. 513–528. IEEE Computer Society (2010)

    Google Scholar 

  26. Schulz, K.U.: Makanin’s algorithm for word equations-two improvements and a generalization. In: Schulz, K.U. (ed.) IWWERT 1990. LNCS, vol. 572, pp. 85–150. Springer, Heidelberg (1992)

    Chapter  Google Scholar 

  27. Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: Ferrante, J., McKinley, K. (eds.) PLDI, pp. 32–41. ACM (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Massachusetts Institute of Technology, USA

    Vijay Ganesh, Armando Solar-Lezama & Martin Rinard

  2. University of California, San Diego, USA

    Mia Minnes

Authors
  1. Vijay Ganesh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mia Minnes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Armando Solar-Lezama
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Martin Rinard
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Formal Models and Verification, Johannes Kepler University, Linz, Austria

    Armin Biere

  2. IBM Research Laboratory, 31905, Haifa, Israel

    Amir Nahir

  3. Universidad Politecnica de Valencia, 46022, Valencia, Spain

    Tanja Vos

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ganesh, V., Minnes, M., Solar-Lezama, A., Rinard, M. (2013). Word Equations with Length Constraints: What’s Decidable?. In: Biere, A., Nahir, A., Vos, T. (eds) Hardware and Software: Verification and Testing. HVC 2012. Lecture Notes in Computer Science, vol 7857. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39611-3_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39611-3_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39610-6

  • Online ISBN: 978-3-642-39611-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation