Affiliation:
1. Laboratoire d'Informatique, U.S.M.G., BP. 53, 38041 Grenoble cedex, France
Abstract
The problem of discovering invariant assertions of programs is explored in light of the fixpoint approach in the static analysis of programs, Cousot [1977a], Cousot[1977b].
In section 2 we establish the lattice theoric foundations upon which the synthesis of invariant assertions is based. We study the resolution of a fixpoint system of equations by Jacobi's successive approximations method. Under continuity hypothesis we show that any chaotic iterative method converges to the optimal solution. In section 3 we study the deductive semantics of programs. We show that a system of logical forward equations can be associated with a program using the predicate transformer rules which define the semantics of elementary instructions. The resolution of this system of semantic equations by chaotic iterations leads to the optimal invariants which exactly define the semantics of this program. Therefore these optimal invariants can be used for total correctness proofs (section 4). Next we show that usually a system of inequations is used as a substitute for the system of equations. Hence the solutions to this system of inequations are approximate invariants which can only be used for proofs of partial correctness (section 5). In section 6 we show that symbolic execution of programs consists in fact in solving the semantic equations associated with this program. The construction of the symbolic execution tree corresponds to the chaotic successive approximations method. Therefore symbolic execution permits optimal invariant assertions to be discovered provided that one can pass to the limit, that is consider infinite paths in the symbolic execution tree. Induction nrinciDles can be used for that purpose. In section 7 we show how difference equations can be utilized to discover the general term of the sequence of successive approximations so that optimal invariants are obtained by a mere passage to the limit. In section 8 we show that an approximation of the optimal solution to a fixpoint system of equations can be obtained by strengthening the term of a chaotic iteration sequence. This formalizes the synthesis of approximate invariants by heuristic methods. Various examples provide a helpful intuitive support to the technical sections.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Graphics and Computer-Aided Design,Software
Reference15 articles.
1. Birkhoff G. Lattice Theory. 3rd ed. Colloquium Publications Vol.XXV AMS Providence R.I. 1967. Birkhoff G. Lattice Theory. 3rd ed. Colloquium Publications Vol.XXV AMS Providence R.I. 1967.
2. Symbolic evaluation of programs
3. Abstract interpretation
Cited by
23 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Nondeterminism and Guarded Commands;Edsger Wybe Dijkstra;2022-07-12
2. PEG parsing in less space using progressive tabling and dynamic analysis;Proceedings of the 2017 ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation;2017-01-02
3. Composite Constant Propagation and its Application to Android Program Analysis;IEEE Transactions on Software Engineering;2016-11-01
4. Composite Constant Propagation: Application to Android Inter-Component Communication Analysis;2015 IEEE/ACM 37th IEEE International Conference on Software Engineering;2015-05
5. Abstract interpretation;Proceedings of the Joint Meeting of the Twenty-Third EACSL Annual Conference on Computer Science Logic (CSL) and the Twenty-Ninth Annual ACM/IEEE Symposium on Logic in Computer Science (LICS);2014-07-14