Abstract
We introduce Subpolyhedra (SubPoly) a new numerical abstract domain to infer and propagate linear inequalities. Subpoly is as expressive as Polyhedra, but it drops some of the deductive power to achieve scalability. Subpoly is based on the insight that the reduced product of linear equalities and intervals produces powerful yet scalable analyses. Precision can be recovered using hints. Hints can be automatically generated or provided by the user in the form of annotations.
We implemented Subpoly on the top of Clousot, a generic abstract interpreter for .Net. Clousot with Subpoly analyzes very large and complex code bases in few minutes. Subpoly can efficiently capture linear inequalities among hundreds of variables, a result well-beyond state-of-the-art implementations of Polyhedra.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bagnara, R., Hill, P.M., Zaffanella, E.: The Parma Polyhedra Library: Toward a Complete Set of Numerical Abstractions for the Analysis and Verification of Hardware and Software Systems. Sci. Comput. Program. 72(1) (2008)
Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A modular reusable verifier for Object-Oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)
Barnett, M., Fähndrich, M., Logozzo, F.: Managed contract tools, http://research.microsoft.com/downloads
Barnett, M., Fähndrich, M.A., Logozzo, F.: Foxtrot and Clousot: Language agnostic dynamic and static contract checking for. Net. Technical Report MSR-TR-2008-105, Microsoft Research (2008)
Chen, L., Miné, A., Cousot, P.: A sound floating-point polyhedra abstract domain. In: APLAS 2008 (2008)
Chvátal, V.: Linear Programming. W.H. Freeman, New York (1983)
Clarisó, R., Cortadella, J.: The octahedron abstract domain. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 312–327. Springer, Heidelberg (2004)
Cousot, P.: The calculational design of a generic abstract interpreter. In: Calculational System Design. NATO ASI Series F. IOS Press, Amsterdam (1999)
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL 1977 (1977)
Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL 1979 (1979)
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: POPL 1978 (1978)
Dantzig, G.B.: Programming in linear structures. Technical report, USAF (1948)
Feret, J.: Analysis of mobile systems by abstract interpretation. PhD thesis
Ferrara, P., Logozzo, F., Fähndrich, M.A.: Safer unsafe code in. Net. In: OOPSLA 2008 (2008)
Gulavani, B.S., Chakraborty, S., Nori, A.V., Rajamani, S.K.: Automatically refining abstract interpretations. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 443–458. Springer, Heidelberg (2008)
Gulwani, S., Mehra, K., Chilimbi, T.: Speed: Precise and efficient static estimation of program computational complexity. In: POPL 2009 (2009)
Karr, M.: On affine relationships among variables of a program. Acta Informatica 6(2), 133–151 (1976)
Khachiyan, L., Boros, E., Borys, K., Elbassioni, K.M., Gurvich, M.: Generating all vertices of a polyhedron is hard. In: SODA 2006 (2006)
Laviron, V., Logozzo, F.: The Subpoly Library, http://research.microsoft.com/downloads
Logozzo, F.: Cibai: An abstract interpretation-based static analyzer for modular analysis and verification of java classes. In: Cook, B., Podelski, A. (eds.) VMCAI 2007. LNCS, vol. 4349, pp. 283–298. Springer, Heidelberg (2007)
Logozzo, F., Fähndrich, M.A.: On the relative completeness of bytecode analysis versus source code analysis. In: Hendren, L. (ed.) CC 2008. LNCS, vol. 4959, pp. 197–212. Springer, Heidelberg (2008)
Logozzo, F., Fähndrich, M.A.: Pentagons: A weakly relational abstract domain for the efficient validation of array accesses. In: SAC 2008 (2008)
Meyer, B.: Object-Oriented Software Construction, 2nd edn. Professional Technical Reference. Prentice-Hall, Englewood Cliffs (1997)
Miné, A.: The octagon abstract domain. In: WCRE 2001 (2001)
Müller-Olm, M., Seidl, H.: Precise interprocedural analysis through linear algebra. In: POPL 2004 (2004)
Rodríguez-Carbonell, E., Kapur, D.: Automatic generation of polynomial invariants of bounded degree using abstract interpretation. Sci. Comput. Program. 64(1) (2007)
Sankaranarayanan, S., Ivančić, F., Gupta, A.: Program analysis using symbolic ranges. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 366–383. Springer, Heidelberg (2007)
Sankaranarayanan, S., Sipma, H.B., Manna, Z.: Scalable analysis of linear systems using mathematical programming. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 25–41. Springer, Heidelberg (2005)
Simon, A., King, A., Howe, J.: Two variables per linear inequality as an abstract domain. In: Leuschel, M.A. (ed.) LOPSTR 2002. LNCS, vol. 2664. Springer, Heidelberg (2003)
Spielman, D.A., Teng, S.-H.: Smoothed analysis of algorithms: Why the simplex algorithm usually takes polynomial time. J. ACM. 51(3) (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Laviron, V., Logozzo, F. (2008). SubPolyhedra: A (More) Scalable Approach to Infer Linear Inequalities. In: Jones, N.D., Müller-Olm, M. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2009. Lecture Notes in Computer Science, vol 5403. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-93900-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-540-93900-9_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-93899-6
Online ISBN: 978-3-540-93900-9
eBook Packages: Computer ScienceComputer Science (R0)