International On Static Analysis

SAS 2015: Static Analysis pp 217-234 | Cite as

A Simple Abstraction of Arrays and Maps by Program Translation

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9291)

Abstract

We present an approach for the static analysis of programs handling arrays, with a Galois connection between the semantics of the array program and semantics of purely scalar operations. The simplest way to implement it is by automatic, syntactic transformation of the array program into a scalar program followed analysis of the scalar program with any static analysis technique (abstract interpretation, acceleration, predicate abstraction,...). The scalars invariants thus obtained are translated back onto the original program as universally quantified array invariants. We illustrate our approach on a variety of examples, leading to the “Dutch flag” algorithm.

References

  1. 1.
    Alberti, F., Ghilardi, S., Sharygina, N.: Decision procedures for flat array properties. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 15–30. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  2. 2.
    Alberti, F., et al.: An extension of lazy abstraction with interpolation for programs with arrays. Form. Methods Syst. Des. 45(1), 63–109 (2014)CrossRefMATHGoogle Scholar
  3. 3.
    Alberti, F., Ghilardi, S., Sharygina, N.: Definability of accelerated relations in a theory of arrays and its applications. In: Fontaine, P., Ringeissen, C., Schmidt, R.A. (eds.) FroCoS 2013. LNCS, vol. 8152, pp. 23–39. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  4. 4.
    Alberti, F., Ghilardi, S., Sharygina, N.: Decision procedures for flat array properties. J. Autom. Reasoning 54(4), 327–352 (2015)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Alberti, F., Monniaux, D.: Polyhedra to the rescue of array interpolants. In: Symposium on applied computing (Software Verification & Testing). ACM (2015)Google Scholar
  6. 6.
    Bjørner, N., McMillan, K., Rybalchenko, A.: On solving universally quantified horn clauses. In: Logozzo, F., Fähndrich, M. (eds.) Static Analysis. LNCS, vol. 7935, pp. 105–125. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  7. 7.
    Blanchet, et al.: A static analyzer for large safety-critical software. In: PLDI, pp. 196–207. ACM (2003)Google Scholar
  8. 8.
    Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: Design and implementation of a special-purpose static program analyzer for safety-critical real-time embedded software. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 85–108. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  9. 9.
    Bozga, M., Habermehl, P., Iosif, R., Konečný, F., Vojnar, T.: Automatic verification of integer array programs. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 157–172. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  10. 10.
    Bozga, M., Iosif, R., Konečný, F.: Fast acceleration of ultimately periodic relations. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 227–242. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  11. 11.
    Bozga, M., Iosif, R., Lakhnech, Y.: Flat parametric counter automata. Fundamenta Informaticae 91, 275–303 (2009)MathSciNetMATHGoogle Scholar
  12. 12.
    Cousot, P., Cousot, R.: Abstract interpretation frameworks. J. Log. Comput. 2(4), 511–547 (1992)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: POPL, pp. 84–96 (1978)Google Scholar
  14. 14.
    Cousot, P., Cousot, R.: Invited talk: Higher order abstract interpretation. In: IEEE International Conference on Computer Languages, pp. 95–112. IEEE Computer Society (1994)Google Scholar
  15. 15.
    Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Rival, X.: Why does Astrée scale up? Form. Methods Syst. Des. 35(3), 229–264 (2009)CrossRefMATHGoogle Scholar
  16. 16.
    Cousot, P., Cousot, R., Logozzo, F.: A parametric segmentation functor for fully automatic and scalable array content analysis. In: POPL, pp. 105–118. ACM (2011)Google Scholar
  17. 17.
    Cox, A., Chang, B.-Y.E., Rival, X.: Automatic analysis of open objects in dynamic language programs. In: Müller-Olm, M., Seidl, H. (eds.) Static Analysis. LNCS, vol. 8723, pp. 134–150. Springer, Heidelberg (2014) Google Scholar
  18. 18.
    Dijkstra, E.W.: A discipline of programming. Prentice-Hall, Upper Saddle River (1976)MATHGoogle Scholar
  19. 19.
    Dillig, I., Dillig, T., Aiken, A.: Fluid updates: beyond strong vs. weak updates. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 246–266. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  20. 20.
    Flanagan, C., Qadeer, S.: Predicate abstraction for software verification. In: POPL, pp. 191–202 (2002)Google Scholar
  21. 21.
    Gopan, D., Reps, T., Sagiv, S.: A framework for numeric analysis of array operations. In: POPL, pp. 338–350 (2005)Google Scholar
  22. 22.
    Halbwachs, N.: Détermination automatique de relations linéaires vérifiées par les variables d’un programme. Ph.D. thesis, Univ. Grenoble (Mar 1979). https://tel.archives-ouvertes.fr/tel-00288805
  23. 23.
    Halbwachs, N., Péron, M.: Discovering properties about arrays in simple programs. In: PLDI, pp. 339–348. ACM (2008)Google Scholar
  24. 24.
    Halpern, J.: Presburger arithmetic with unary predicates is \(\Pi ^1_1\) complete. J. Symbolic Log. 56(2), 637–642 (1991)CrossRefMATHGoogle Scholar
  25. 25.
    Hoder, K., Kovács, L., Voronkov, A.: Invariant generation in vampire. In: Abdulla, P.A., Leino, K.R.M. (eds.) TACAS 2011. LNCS, vol. 6605, pp. 60–64. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  26. 26.
    Hoder, K., Kovács, L., Voronkov, A.: Interpolation and symbol elimination in vampire. In: Giesl, J., Hähnle, R. (eds.) IJCAR 2010. LNCS, vol. 6173, pp. 188–195. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  27. 27.
    Hojjat, H., Konečný, F., Garnier, F., Iosif, R., Kuncak, V., Rümmer, P.: A verification toolkit for numerical transition systems. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 247–251. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  28. 28.
    Jeannet, B., Gopan, D., Reps, T.: A relational abstraction for functions. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 186–202. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  29. 29.
    Jeannet, B., Miné, A.: Apron: a library of numerical abstract domains for static analysis. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 661–667. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  30. 30.
    Jhala, R., McMillan, K.L.: Array abstractions from proofs. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 193–206. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  31. 31.
    Kovács, L., Voronkov, A.: First-order theorem proving and Vampire. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 1–35. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  32. 32.
    McMillan, K.L.: Applications of craig interpolation to model checking. In: Ciardo, G., Darondeau, P. (eds.) ICATPN 2005. LNCS, vol. 3536, pp. 15–16. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  33. 33.
    McMillan, K.L.: Quantified invariant generation using an interpolating saturation prover. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 413–427. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  34. 34.
    McMillan, K.L.: Lazy abstraction with interpolants. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 123–136. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  35. 35.
    McMillan, K.: Interpolants from Z3 proofs. In: FMCAD, pp. 19–27 (2011)Google Scholar
  36. 36.
    Miné, A.: The octagon abstract domain. High. Order Symbolic Comput. 19(1), 31–100 (2006)CrossRefMATHGoogle Scholar
  37. 37.
    Monniaux, D.: A quantifier elimination algorithm for linear real arithmetic. In: Cervesato, I., Veith, H., Voronkov, A. (eds.) LPAR 2008. LNCS (LNAI), vol. 5330, pp. 243–257. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  38. 38.
    Péron, M.: Contributions to the Static Analysis of Programs Handling Arrays. Theses, Université de Grenoble (September 2010). https://tel.archives-ouvertes.fr/tel-00623697
  39. 39.
    Perrelle, V.: Analyse statique de programmes manipulant des tableaux. Theses, Université de Grenoble (February 2013). https://tel.archives-ouvertes.fr/tel-00973892
  40. 40.
    Rival, X., Mauborgne, L.: The trace partitioning abstract domain. ACM Trans. Program Lang. Syst. 29(5), 26 (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  1. 1.Université Grenoble Alpes, VERIMAGGrenobleFrance
  2. 2.CNRS, VERIMAGGrenobleFrance
  3. 3.Fondazione Centro San RaffaeleMilanItaly

Personalised recommendations