Inferring disjunctive postconditions

Authors:
Corneliu Popeea;Wei-Ngan Chin
Affiliations:
Department of Computer Science, National University of Singapore;Department of Computer Science, National University of Singapore
Venue:
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Year:
2006

Citing 13
Cited 18

A practical algorithm for exact array dependence analysis

Communications of the ACM
Trace-based program analysis

POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Optimal domains for disjunctive abstract interpretation

Science of Computer Programming - Special issue on the 6th European symposium on programming
Predicate abstraction for software verification

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic discovery of linear restraints among variables of a program

POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Implementation of an array bound checker

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks

POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A static analyzer for large safety-critical software

PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Static analysis in disjunctive numerical domains

SAS'06 Proceedings of the 13th international conference on Static Analysis
Loop invariants on demand

APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Trace partitioning in abstract interpretation based static analyzers

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Counterexample driven refinement for abstract interpretation

TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems

A practical and precise inference and specializer for array bound checks elimination

PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Analysing memory resource bounds for low-level programs

Proceedings of the 7th international symposium on Memory management
Automated Analysis of Java Methods for Confidentiality

CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Dual analysis for proving safety and finding bugs

Proceedings of the 2010 ACM Symposium on Applied Computing
On-demand refinement of dependent types

FLOPS'08 Proceedings of the 9th international conference on Functional and logic programming
The reachability-bound problem

PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Loop invariant synthesis in a combined domain

ICFEM'10 Proceedings of the 12th international conference on Formal engineering methods and software engineering
Automatically refining partial specifications for program verification

FM'11 Proceedings of the 17th international conference on Formal methods
FIXBAG: a fixpoint calculator for quantified bag constraints

CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Bound analysis of imperative programs with the size-change abstraction

SAS'11 Proceedings of the 18th international conference on Static analysis
Using bounded model checking to focus fixpoint iterations

SAS'11 Proceedings of the 18th international conference on Static analysis
Modular abstractions of reactive nodes using disjunctive invariants

APLAS'11 Proceedings of the 9th Asian conference on Programming Languages and Systems
Loop invariant synthesis in a combined abstract domain

Journal of Symbolic Computation
Loop leaping with closures

SAS'12 Proceedings of the 19th international conference on Static Analysis
Dual analysis for proving safety and finding bugs

Science of Computer Programming
Invariants synthesis over a combined domain for automated program verification

Theories of Programming and Formal Methods
Automatically refining partial specifications for heap-manipulating programs

Science of Computer Programming
Dynamic enforcement of knowledge-based security policies using probabilistic abstract interpretation

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Polyhedral analysis [9] is an abstract interpretation used for automatic discovery of invariant linear inequalities among numerical variables of a program. Convexity of this abstract domain allows efficient analysis but also loses precision via convex-hull and widening operators. To selectively recover the loss of precision, sets of polyhedra (disjunctive elements) may be used to capture more precise invariants. However a balance must be struck between precision and cost. We introduce the notion of affinity to characterize how closely related is a pair of polyhedra. Finding related elements in the polyhedron (base) domain allows the formulation of precise hull and widening operators lifted to the disjunctive (powerset extension of the) polyhedron domain. We have implemented a modular static analyzer based on the disjunctive polyhedral analysis where the relational domain and the proposed operators can progressively enhance precision at a reasonable cost.