Finite Differencing of Logical Formulas for Static Analysis
This paper concerns mechanisms for maintaining the value of an instrumentation predicate (a.k.a. derived predicate or view), defined via a logical formula over core predicates, in response to changes in the values of the core predicates. It presents an algorithm for transforming the instrumentation predicate’s defining formula into a predicate-maintenance formula that captures what the instrumentation predicate’s new value should be.
This technique applies to program-analysis problems in which the semantics of statements is expressed using logical formulas that describe changes to corepredicate values, and provides a way to reflect those changes in the values of the instrumentation predicates.
KeywordsTransitive Closure Logical Formula Abstract Interpretation Predicate Symbol Predicate Abstraction
- 3.T. Ball, R. Majumdar, T. Millstein, and S.K. Rajamani. Automatic predicate abstraction of C programs. In Conf. on Prog. Lang. Design and Impl., NewYork, NY, 2001. ACM Press.Google Scholar
- 4.P. Cousot and R. Cousot. Systematic design of program analysis frameworks. In Symp. on Princ. of Prog. Lang., pages 269–282, NewYork, NY, 1979. ACM Press.Google Scholar
- 5.S. Das, D.L. Dill, and S. Park. Experience with predicate abstraction. In Proc. Computer-Aided Verif., pages 160–171. Springer-Verlag, July 1999.Google Scholar
- 8.S. Graf and H. Saïdi. Construction of abstract state graphs with PVS. In Proc. Computer-Aided Verif., pages 72–83, June 1997.Google Scholar
- 9.A. Gupta and I.S. Mumick, editors. Materialized Views: Techniques, Implementations, and Applications. The M.I.T. Press, Cambridge, MA, 1999.Google Scholar
- 10.T. Lev-Ami, T. Reps, M. Sagiv, and R. Wilhelm. Putting static analysis towork for verification: A case study. In Int. Symp. on Software Testing and Analysis, pages 26–38, 2000.Google Scholar
- 11.T. Lev-Ami and M. Sagiv. TVLA: A system for implementing static analyses. In Static Analysis Symp., pages 280–301, 2000.Google Scholar
- 12.Y.A. Liu, S.D. Stoller, and T. Teitelbaum. Discovering auxiliary information for incremental computation. In Symp. on Princ. of Prog. Lang., pages 157–170, January 1996.Google Scholar
- 14.K.L. McMillan. Verification of infinite state systems by compositional model checking. In CHARME, pages 219–234, 1999.Google Scholar
- 15.A. Møller and M.I. Schwartzbach. The pointer assertion logic engine. In Conf. on Prog. Lang. Design and Impl., pages 221–231, 2001.Google Scholar