Skip to main content
SpringerLink
Log in

Enforcing termination of interprocedural analysis

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

Interprocedural analysis by means of partial tabulation of summary functions may not terminate when the same procedure is analyzed for infinitely many abstract calling contexts or when the abstract domain has infinite strictly ascending chains. As a remedy, we present a novel local solver for general abstract equation systems, be they monotonic or not, and prove that this solver fails to terminate only when infinitely many variables are encountered. We clarify in which sense the computed results are sound. Moreover, we show that interprocedural analysis performed by this novel local solver, is guaranteed to terminate for all non-recursive programs—irrespective of whether the complete lattice is infinite or has infinite strictly ascending or descending chains.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. http://goblint.in.tum.de/.

  2. https://www.spec.org/cpu2006/CINT2006/.

  3. http://www.fourmilab.ch/random/ (version 28.01.2008).

  4. http://www.figlet.org/.

  5. http://www.maradns.org/.

  6. https://www.gnu.org/s/wget/.

  7. https://www.gnu.org/s/coreutils/.

References

  1. Alt M, Martin F (1995) Generation of efficient interprocedural analyzers with PAG. In: 2nd international symposium on static analysis (SAS), LNCS, vol 983, pp 33–50. Springer

  2. Amato G, Scozzari F, Seidl H, Apinis K, Vojdani V (2016) Efficiently intertwining widening and narrowing. Sci Comput Program 120:1–24

    Article  Google Scholar 

  3. Apinis K, Seidl H, Vojdani V (2012) Side-effecting constraint systems: a swiss army knife for program analysis. In: 10th Asian symposium on programming languages and systems (APLAS), LNCS, vol 7705, Springer. pp 157–172

  4. Apinis K, Seidl H, Vojdani V (2013) How to combine widening and narrowing for non-monotonic systems of equations. In: 34th ACM SIGPLAN conference on programming language design and implementation (PLDI). ACM, pp 377–386

  5. Apinis K, Seidl H, Vojdani V (2016) Enhancing top-down solving with widening and narrowing. In: Semantics, logics, and calculi—essays dedicated to Hanne Riis Nielson and Flemming Nielson on the occasion of their 60th birthdays, LNCS, vol 9560, pp 272–288. Springer

  6. Bagnara R, Hill PM, Ricci E, Zaffanella E (2005) Precise widening operators for convex polyhedra. Sci Comput Program 58(1–2):28–56

    Article  MathSciNet  Google Scholar 

  7. Bourdoncle F (1993) Efficient chaotic iteration strategies with widenings. In: Bjørner D, Broy M, Pottosin IV (eds) Formal methods in programming and their applications, LNCS, vol 735. Springer, pp 128–141

  8. Chen L, Miné A, Wang J, Cousot P (2010) An abstract domain to discover interval linear equalities. In: 11th international conference verification on model checking, and abstract interpretation (VMCAI), LNCS, vol 5944. Springer, pp 112–128

  9. Cousot P (2015) Abstracting induction by extrapolation and interpolation. In: 16th International conference on verification, model checking, and abstract interpretation (VMCAI), LNCS, vol 8931. Springer, pp 19–42

  10. Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Fourth ACM symposium on principles of programming languages (POPL). ACM, pp 238–252

  11. Cousot P, Cousot R (1977) Static determination of dynamic properties of generalized type unions. In: ACM conference on language design for reliable software (LDRS), pp 77–94. ACM

  12. Cousot P, Cousot R (1977) Static determination of dynamic properties of recursive procedures. In: IFIP conference on formal description of programming concepts. North-Holland, pp 237–277

  13. Cousot P, Cousot R (1992) Abstract interpretation frameworks. J Log Comput 2(4):511–547

    Article  MathSciNet  Google Scholar 

  14. Cousot P, Cousot R, Feret J, Mauborgne L, Miné A, Rival X (2009) Why does Astrée scale up? Form Methods Syst Des 35(3):229–264

    Article  Google Scholar 

  15. Fecht C, Seidl H (1996) An even faster solver for general systems of equations. In: Third international symposium on static analysis (SAS), LNCS, vol 1145. Springer, pp 189–204

  16. Gonnord L, Halbwachs N (2006) Combining widening and acceleration in linear relation analysis. In: 13th international symposium on static analysis (SAS), LNCS, vol 4134. Springer, pp 144–160

  17. Hermenegildo MV, Bueno F, Carro M, López-García P, Mera E, Morales JF, Puebla G (2012) An overview of Ciao and its design philosophy. Theory Pract Log Program 12(1–2):219–252

    Article  MathSciNet  Google Scholar 

  18. Hermenegildo MV, Puebla G, Bueno F, López-García P (2005) Integrated program debugging, verification, and optimization using abstract interpretation (and the Ciao system preprocessor). Sci Comput Program 58(1–2):115–140

    Article  MathSciNet  Google Scholar 

  19. Hofmann M, Karbyshev A, Seidl H (2010) Verifying a local generic solver in Coq. In: 17th international symposium on static analysis (SAS), LNCS, vol 6337. Springer, pp 340–355

  20. Hofmann M, Karbyshev A, Seidl H (2010) What is a pure functional? In: 37th international colloquium conference on automata, languages and programming (ICALP), LNCS, vol 6199. Springer, pp 199–210

  21. Karbyshev A (2013) Monadic parametricity of second-order functionals. PhD thesis, Institut für Informatik, Technische Universität München, September 2013

  22. MacNeille HM (1937) Partially ordered sets. Trans Am Math Soc 42(3):416–460

    Article  MathSciNet  Google Scholar 

  23. Muthukumar K, Hermenegildo MV (1990) Deriving a fixpoint computation algorithm for top-down abstract interpretation of logic programs. Technical report ACT-DC-153-90. Microelectronics and Computer Technology Corporation (MCC), Austin, April 1990

  24. Schulze Frielinghaus S, Seidl H, Vogler R (2016) Enforcing termination of interprocedural analysis. In: Rival X (eds) 23rd international symposium Static analysis (SAS), LNCS, vol 9837. Springer, pp 447–468

  25. Seidl H, Fecht C (2000) Interprocedural analyses: a comparison. J Log Program 43(2):123–156

    Article  MathSciNet  Google Scholar 

  26. Sharir M, Pnueli A (1981) Two approaches to interprocedural data flow analysis. In: Muchnick S, Jones N (eds) Program flow analysis: theory and application. Prentice-Hall, Englewood Cliffs, pp 189–233

    Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for their valuable comments and suggestions.

Author information

Authors and Affiliations

  1. Fakultät für Informatik, TU München, Munich, Germany

    Stefan Schulze Frielinghaus, Helmut Seidl & Ralf Vogler

Authors
  1. Stefan Schulze Frielinghaus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Helmut Seidl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ralf Vogler
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stefan Schulze Frielinghaus.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Schulze Frielinghaus, S., Seidl, H. & Vogler, R. Enforcing termination of interprocedural analysis. Form Methods Syst Des 53, 313–338 (2018). https://doi.org/10.1007/s10703-017-0288-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-017-0288-5

Keywords

Search

Navigation