Advertisement

Formal Methods in System Design

, Volume 53, Issue 2, pp 313–338 | Cite as

Enforcing termination of interprocedural analysis

  • Stefan Schulze Frielinghaus
  • Helmut Seidl
  • Ralf Vogler
Article

Abstract

Interprocedural analysis by means of partial tabulation of summary functions may not terminate when the same procedure is analyzed for infinitely many abstract calling contexts or when the abstract domain has infinite strictly ascending chains. As a remedy, we present a novel local solver for general abstract equation systems, be they monotonic or not, and prove that this solver fails to terminate only when infinitely many variables are encountered. We clarify in which sense the computed results are sound. Moreover, we show that interprocedural analysis performed by this novel local solver, is guaranteed to terminate for all non-recursive programs—irrespective of whether the complete lattice is infinite or has infinite strictly ascending or descending chains.

Keywords

Static program analysis Local solvers Abstract interpretation Interprocedural analysis Partial tabulation 

Notes

Acknowledgements

The authors would like to thank the anonymous reviewers for their valuable comments and suggestions.

References

  1. 1.
    Alt M, Martin F (1995) Generation of efficient interprocedural analyzers with PAG. In: 2nd international symposium on static analysis (SAS), LNCS, vol 983, pp 33–50. SpringerGoogle Scholar
  2. 2.
    Amato G, Scozzari F, Seidl H, Apinis K, Vojdani V (2016) Efficiently intertwining widening and narrowing. Sci Comput Program 120:1–24CrossRefGoogle Scholar
  3. 3.
    Apinis K, Seidl H, Vojdani V (2012) Side-effecting constraint systems: a swiss army knife for program analysis. In: 10th Asian symposium on programming languages and systems (APLAS), LNCS, vol 7705, Springer. pp 157–172Google Scholar
  4. 4.
    Apinis K, Seidl H, Vojdani V (2013) How to combine widening and narrowing for non-monotonic systems of equations. In: 34th ACM SIGPLAN conference on programming language design and implementation (PLDI). ACM, pp 377–386Google Scholar
  5. 5.
    Apinis K, Seidl H, Vojdani V (2016) Enhancing top-down solving with widening and narrowing. In: Semantics, logics, and calculi—essays dedicated to Hanne Riis Nielson and Flemming Nielson on the occasion of their 60th birthdays, LNCS, vol 9560, pp 272–288. SpringerGoogle Scholar
  6. 6.
    Bagnara R, Hill PM, Ricci E, Zaffanella E (2005) Precise widening operators for convex polyhedra. Sci Comput Program 58(1–2):28–56MathSciNetCrossRefGoogle Scholar
  7. 7.
    Bourdoncle F (1993) Efficient chaotic iteration strategies with widenings. In: Bjørner D, Broy M, Pottosin IV (eds) Formal methods in programming and their applications, LNCS, vol 735. Springer, pp 128–141Google Scholar
  8. 8.
    Chen L, Miné A, Wang J, Cousot P (2010) An abstract domain to discover interval linear equalities. In: 11th international conference verification on model checking, and abstract interpretation (VMCAI), LNCS, vol 5944. Springer, pp 112–128Google Scholar
  9. 9.
    Cousot P (2015) Abstracting induction by extrapolation and interpolation. In: 16th International conference on verification, model checking, and abstract interpretation (VMCAI), LNCS, vol 8931. Springer, pp 19–42Google Scholar
  10. 10.
    Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Fourth ACM symposium on principles of programming languages (POPL). ACM, pp 238–252Google Scholar
  11. 11.
    Cousot P, Cousot R (1977) Static determination of dynamic properties of generalized type unions. In: ACM conference on language design for reliable software (LDRS), pp 77–94. ACMGoogle Scholar
  12. 12.
    Cousot P, Cousot R (1977) Static determination of dynamic properties of recursive procedures. In: IFIP conference on formal description of programming concepts. North-Holland, pp 237–277Google Scholar
  13. 13.
    Cousot P, Cousot R (1992) Abstract interpretation frameworks. J Log Comput 2(4):511–547MathSciNetCrossRefGoogle Scholar
  14. 14.
    Cousot P, Cousot R, Feret J, Mauborgne L, Miné A, Rival X (2009) Why does Astrée scale up? Form Methods Syst Des 35(3):229–264CrossRefGoogle Scholar
  15. 15.
    Fecht C, Seidl H (1996) An even faster solver for general systems of equations. In: Third international symposium on static analysis (SAS), LNCS, vol 1145. Springer, pp 189–204Google Scholar
  16. 16.
    Gonnord L, Halbwachs N (2006) Combining widening and acceleration in linear relation analysis. In: 13th international symposium on static analysis (SAS), LNCS, vol 4134. Springer, pp 144–160Google Scholar
  17. 17.
    Hermenegildo MV, Bueno F, Carro M, López-García P, Mera E, Morales JF, Puebla G (2012) An overview of Ciao and its design philosophy. Theory Pract Log Program 12(1–2):219–252MathSciNetCrossRefGoogle Scholar
  18. 18.
    Hermenegildo MV, Puebla G, Bueno F, López-García P (2005) Integrated program debugging, verification, and optimization using abstract interpretation (and the Ciao system preprocessor). Sci Comput Program 58(1–2):115–140MathSciNetCrossRefGoogle Scholar
  19. 19.
    Hofmann M, Karbyshev A, Seidl H (2010) Verifying a local generic solver in Coq. In: 17th international symposium on static analysis (SAS), LNCS, vol 6337. Springer, pp 340–355Google Scholar
  20. 20.
    Hofmann M, Karbyshev A, Seidl H (2010) What is a pure functional? In: 37th international colloquium conference on automata, languages and programming (ICALP), LNCS, vol 6199. Springer, pp 199–210Google Scholar
  21. 21.
    Karbyshev A (2013) Monadic parametricity of second-order functionals. PhD thesis, Institut für Informatik, Technische Universität München, September 2013Google Scholar
  22. 22.
    MacNeille HM (1937) Partially ordered sets. Trans Am Math Soc 42(3):416–460MathSciNetCrossRefGoogle Scholar
  23. 23.
    Muthukumar K, Hermenegildo MV (1990) Deriving a fixpoint computation algorithm for top-down abstract interpretation of logic programs. Technical report ACT-DC-153-90. Microelectronics and Computer Technology Corporation (MCC), Austin, April 1990Google Scholar
  24. 24.
    Schulze Frielinghaus S, Seidl H, Vogler R (2016) Enforcing termination of interprocedural analysis. In: Rival X (eds) 23rd international symposium Static analysis (SAS), LNCS, vol 9837. Springer, pp 447–468Google Scholar
  25. 25.
    Seidl H, Fecht C (2000) Interprocedural analyses: a comparison. J Log Program 43(2):123–156MathSciNetCrossRefGoogle Scholar
  26. 26.
    Sharir M, Pnueli A (1981) Two approaches to interprocedural data flow analysis. In: Muchnick S, Jones N (eds) Program flow analysis: theory and application. Prentice-Hall, Englewood Cliffs, pp 189–233Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2017

Authors and Affiliations

  1. 1.Fakultät für InformatikTU MünchenMunichGermany

Personalised recommendations