Bilateral Algorithms for Symbolic Abstraction

  • Aditya Thakur
  • Matt Elder
  • Thomas Reps
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7460)

Abstract

Given a concrete domain \(\mathcal{C}\), a concrete operation \(\tau: \mathcal{C} \to \mathcal{C}\), and an abstract domain \(\mathcal{A}\), a fundamental problem in abstract interpretation is to find the best abstract transformer\(\tau^{\#}: \mathcal{A} \to \mathcal{A}\) that over-approximates τ. This problem, as well as several other operations needed by an abstract interpreter, can be reduced to the problem of symbolic abstraction: the symbolic abstraction of a formula ϕ in logic \(\mathcal{L}\), denoted by \(\widehat{\alpha}(\varphi)\), is the best value in \(\mathcal{A}\) that over-approximates the meaning of ϕ. When the concrete semantics of τ is defined in \(\mathcal{L}\) using a formula ϕτ that specifies the relation between input and output states, the best abstract transformer τ# can be computed as \(\widehat{\alpha}(\varphi_\tau)\).

In this paper, we present a new framework for performing symbolic abstraction, discuss its properties, and present several instantiations for various logics and abstract domains. The key innovation is to use a bilateral successive-approximation algorithm, which maintains both an over-approximation and an under-approximation of the desired answer.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ball, T., Podelski, A., Rajamani, S.K.: Boolean and Cartesian Abstraction for Model Checking C Programs. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 268–283. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Barrett, E., King, A.: Range and set abstraction using SAT. ENTCS 267(1) (2010)Google Scholar
  3. 3.
    Brauer, J., King, A.: Automatic Abstraction for Intervals Using Boolean Formulae. In: Cousot, R., Martel, M. (eds.) SAS 2010. LNCS, vol. 6337, pp. 167–183. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Clarke, E., Kroening, D., Sharygina, N., Yorav, K.: Predicate abstraction of ANSI-C programs using SAT. FMSD 25(2-3) (2004)Google Scholar
  5. 5.
    Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL, pp. 269–282 (1979)Google Scholar
  6. 6.
    Cousot, P., Cousot, R., Mauborgne, L.: Logical abstract domains and interpretations. In: The Future of Software Engineering (2011)Google Scholar
  7. 7.
    Cousot, P., Halbwachs, N.: Automatic discovery of linear constraints among variables of a program. In: POPL (1978)Google Scholar
  8. 8.
    Craig, W.: Three uses of the Herbrand-Gentzen theorem in relating model theory and proof theory. J. Sym. Logic 22(3) (September 1957)Google Scholar
  9. 9.
    de Moura, L., Bjørner, N.: Z3: An Efficient SMT Solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Dutertre, B., de Moura, L.: Yices: An SMT solver (2006), yices.csl.sri.com/
  11. 11.
    Elder, M., Lim, J., Sharma, T., Andersen, T., Reps, T.: Abstract Domains of Affine Relations. In: Yahav, E. (ed.) SAS 2011. LNCS, vol. 6887, pp. 198–215. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Graf, S., Saïdi, H.: Construction of Abstract State Graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  13. 13.
    Gulwani, S., Musuvathi, M.: Cover Algorithms and Their Combination. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 193–207. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Kidd, N., Lal, A., Reps, T.: WALi: The Weighted Automaton Library (2007), http://www.cs.wisc.edu/wpis/wpds/download.php
  15. 15.
    King, A., Søndergaard, H.: Automatic Abstraction for Congruences. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 197–213. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Lal, A., Reps, T.: Improving Pushdown System Model Checking. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 343–357. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Lal, A., Reps, T., Balakrishnan, G.: Extended Weighted Pushdown Systems. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 434–448. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Lassez, J.-L., Maher, M.J., Marriott, K.: Unification Revisited. In: Boscarol, M., Carlucci Aiello, L., Levi, G. (eds.) Foundations of Logic and Functional Programming. LNCS, vol. 306, pp. 67–113. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  19. 19.
    Lim, J., Reps, T.: A System for Generating Static Analyzers for Machine Instructions. In: Hendren, L. (ed.) CC 2008. LNCS, vol. 4959, pp. 36–52. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Miné, A.: The octagon abstract domain. In: WCRE, pp. 310–322 (2001)Google Scholar
  21. 21.
    Mitchell, T.: Machine Learning. WCB/McGraw-Hill, Boston (1997)MATHGoogle Scholar
  22. 22.
    Monniaux, D.: Automatic modular abstractions for template numerical constraints. Logical Methods in Comp. Sci. 6(3) (2010)Google Scholar
  23. 23.
    Plotkin, G.: A note on inductive generalization. In: Machine Intelligence, vol. 5, pp. 153–165. Edinburgh Univ. Press (1970)Google Scholar
  24. 24.
    Regehr, J., Reid, A.: HOIST: A system for automatically deriving static analyzers for embedded systems. In: ASPLOS (2004)Google Scholar
  25. 25.
    Reps, T., Sagiv, M., Yorsh, G.: Symbolic Implementation of the Best Transformer. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 252–266. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Reynolds, J.: Transformational systems and the algebraic structure of atomic formulas. Machine Intelligence 5(1), 135–151 (1970)MathSciNetGoogle Scholar
  27. 27.
    Sagiv, M., Reps, T., Wilhelm, R.: Parametric shape analysis via 3-valued logic. TOPLAS 24(3), 217–298 (2002)CrossRefGoogle Scholar
  28. 28.
    Sankaranarayanan, S., Sipma, H.B., Manna, Z.: Scalable Analysis of Linear Systems Using Mathematical Programming. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 25–41. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  29. 29.
    Sheeran, M., Stålmarck, G.: A tutorial on Stålmarck’s proof procedure for propositional logic. FMSD 16(1), 23–58 (2000)Google Scholar
  30. 30.
    Steffen, B., Knoop, J., Rüthing, O.: The value flow graph: A program representation for optimal program transformations. In: ESOP (1990)Google Scholar
  31. 31.
    Steffen, B., Knoop, J., Rüthing, O.: Efficient Code Motion and an Adaption to Strength Reduction. In: Abramsky, S., Maibaum, T.S.E. (eds.) TAPSOFT 1991, CCPSD 1991, and ADC-Talks 1991. LNCS, vol. 494, pp. 394–415. Springer, Heidelberg (1991)Google Scholar
  32. 32.
    Thakur, A., Elder, M., Reps, T.: Bilateral algorithms for symbolic abstraction. TR 1713, CS Dept., Univ. of Wisconsin, Madison, WI (March 2012), http://www.cs.wisc.edu/wpis/papers/tr1713.pdf
  33. 33.
    Thakur, A., Reps, T.: A Generalization of Stålmarck’s Method. In: Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460, pp. 334–351. Springer, Heidelberg (2012)Google Scholar
  34. 34.
    Thakur, A., Reps, T.: A Method for Symbolic Computation of Abstract Operations. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 174–192. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  35. 35.
    Yorsh, G., Reps, T., Sagiv, M.: Symbolically Computing Most-Precise Abstract Operations for Shape Analysis. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 530–545. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Aditya Thakur
    • 1
  • Matt Elder
    • 1
  • Thomas Reps
    • 1
    • 2
  1. 1.University of WisconsinMadisonUSA
  2. 2.GrammaTech, Inc.IthacaUSA

Personalised recommendations