Advertisement

The Gauge Domain: Scalable Analysis of Linear Inequality Invariants

  • Arnaud J. Venet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7358)

Abstract

The inference of linear inequality invariants among variables of a program plays an important role in static analysis. The polyhedral abstract domain introduced by Cousot and Halbwachs in 1978 provides an elegant and precise solution to this problem. However, the computational complexity of higher-dimensional convex hull algorithms makes it impractical for real-size programs. In the past decade, much attention has been devoted to finding efficient alternatives by trading expressiveness for performance. However, polynomial-time algorithms are still too costly to use for large-scale programs, whereas the full expressive power of general linear inequalities is required in many practical cases. In this paper, we introduce the gauge domain, which enables the efficient inference of general linear inequality invariants within loops. The idea behind this domain consists of breaking down an invariant into a set of linear relations between each program variable and all loop counters in scope. Using this abstraction, the complexity of domain operations is no larger than O(kn), where n is the number of variables and k is the maximum depth of loop nests. We demonstrate the effectiveness of this domain on a real 144K LOC intelligent flight control system, which implements advanced adaptive avionics.

Keywords

Loop Nest Loop Counter Convex Polyhedron Abstract Interpretation Relational Domain 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Bouissou, O., Conquet, E., Cousot, P., Cousot, R., Feret, J., Ghorbal, K., Goubault, E., Lesens, D., Mauborgne, L., Miné, A., Putot, S., Rival, X., Turin, M.: Space software validation using abstract interpretation. In: Proc. of the International Space System Engineering Conference, Data Systems in Aerospace (DASIA 2009), pp. 1–7 (2009)Google Scholar
  2. 2.
    Bourdoncle, F.: Efficient Chaotic Iteration Strategies with Widenings. In: Pottosin, I.V., Bjorner, D., Broy, M. (eds.) FMP&TA 1993. LNCS, vol. 735, pp. 46–55. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  3. 3.
    Brat, G., Venet, A.: Precise and scalable static program analysis of NASA flight software. In: Proc. of the IEEE Aerospace Conference (2005)Google Scholar
  4. 4.
    Chernikova, N.V.: Algorithm for discovering the set of all the solutions of a linear programming problem. U.S.S.R. Computational Mathematics and Mathematical Physics 8(6), 282–293 (1968)CrossRefGoogle Scholar
  5. 5.
    Clarisó, R., Cortadella, J.: The Octahedron Abstract Domain. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 312–327. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Cousot, P.: Semantic foundations of program analysis. In: Program Flow Analysis: Theory and Applications, ch. 10, pp. 303–342. Prentice-Hall (1981)Google Scholar
  7. 7.
    Cousot, P., Cousot, R.: Static determination of dynamic properties of programs. In: Proc. of the International Symposium on Programming (ISOP 1976), pp. 106–130 (1976)Google Scholar
  8. 8.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the Symposium on Principles of Programming Languages (POPL 1977), pp. 238–252 (1977)Google Scholar
  9. 9.
    Cousot, P., Cousot, R.: Abstract interpretation frameworks. Journal of Logic and Computation 2(4), 511–547 (1992)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTREÉ Analyzer. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 21–30. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Proc. of the Symposium on Principles of Programming Languages (POPL 1978), pp. 84–97 (1978)Google Scholar
  12. 12.
    Dax, A.: An elementary proof of Farkas’ lemma. SIAM Rev. 39(3), 503–507 (1997)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Harvey, W., Stuckey, P.: Improving linear constraint propagation by changing constraint representation. Constraints 8(2), 173–207 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    Jeannet, B., Miné, A.: Apron: A Library of Numerical Abstract Domains for Static Analysis. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 661–667. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Laviron, V., Logozzo, F.: SubPolyhedra: A (More) Scalable Approach to Infer Linear Inequalities. In: Jones, N.D., Müller-Olm, M. (eds.) VMCAI 2009. LNCS, vol. 5403, pp. 229–244. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    The LLVM Compiler Infrastructure, http://llvm.org
  17. 17.
    Logozzo, F., Fähndrich, M.: Pentagons: a weakly relational abstract domain for the efficient validation of array accesses. In: Proc. of the ACM Symposium on Applied Computing (SAC 2008), pp. 184–188 (2008)Google Scholar
  18. 18.
    Miné, A.: A New Numerical Abstract Domain Based on Difference-Bound Matrices. In: Danvy, O., Filinski, A. (eds.) PADO 2001. LNCS, vol. 2053, pp. 155–172. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  19. 19.
    Miné, A.: The octagon abstract domain. In: Proc. of the Workshop on Analysis, Slicing, and Transformation (AST 2001), pp. 310–319 (2001)Google Scholar
  20. 20.
    Miné, A.: A Few Graph-Based Relational Numerical Abstract Domains. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 117–132. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. 21.
    Motzkin, T.S., Raiffa, H., Thompson, G.L., Thrall, R.M.: The double description method. Annals of Mathematics Studies II(28), 51–73 (1953)MathSciNetGoogle Scholar
  22. 22.
    Sankaranarayanan, S., Colón, M.A., Sipma, H.B., Manna, Z.: Efficient Strongly Relational Polyhedral Analysis. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 111–125. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. 23.
    Sankaranarayanan, S., Ivančić, F., Gupta, A.: Program Analysis Using Symbolic Ranges. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 366–383. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  24. 24.
    Sankaranarayanan, S., Sipma, H.B., Manna, Z.: Scalable Analysis of Linear Systems Using Mathematical Programming. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 25–41. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Seidl, H., Flexeder, A., Petter, M.: Interprocedurally Analysing Linear Inequality Relations. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 284–299. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  26. 26.
    Simon, A., King, A.: Exploiting Sparsity in Polyhedral Analysis. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 336–351. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Simon, A., King, A., Howe, J.M.: Two Variables per Linear Inequality as an Abstract Domain. In: Logic-Based Program Synthesis and Transformation, pp. 71–89 (2003)Google Scholar
  28. 28.
    Venet, A., Brat, G.P.: Precise and efficient static array bound checking for large embedded C programs. In: Proc. of the Conference on Programming Language Design and Implementation (PLDI 2004), pp. 231–242 (2004)Google Scholar
  29. 29.
    Ziegler, G.M.: Lectures on Polytopes. Graduate Texts in Mathematics. Springer (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Arnaud J. Venet
    • 1
  1. 1.NASA Ames Research CenterCarnegie Mellon UniversityMoffett FieldUSA

Personalised recommendations