Results 1  10
of
19
A Generic Approach to the Static Analysis of Concurrent Programs with Procedures
, 2003
"... We present a generic aproach to the static analysis of concurrent programs with procedures. We model programs as communicating pushdown systems. It is known that typical dataow problems for this model are undecidable, because the emptiness problem for the intersection of contextfree languages, w ..."
Abstract

Cited by 94 (19 self)
 Add to MetaCart
(Show Context)
We present a generic aproach to the static analysis of concurrent programs with procedures. We model programs as communicating pushdown systems. It is known that typical dataow problems for this model are undecidable, because the emptiness problem for the intersection of contextfree languages, which is undecidable, can be reduced to them. In this paper we propose an algebraic framework for de ning abstractions (upper approximations) of contextfree languages. We consider two classes of abstractions: nitechain abstractions, which are abstractions whose domains do not contain any in nite chains, and commutative abstractions corresponding to classes of languages that contain a word if and only if they contain all its permutations. We show how to compute such approximations by combining automata theoretic techniques with algorithms for solving systems of polynomial inequations in Kleene algebras.
On Fixed Point Equations over Commutative Semirings
, 2007
"... Fixed point equations x = f(x) overωcontinuous semirings can be seen as the mathematical foundation of interprocedural program analysis. The sequence 0, f(0), f 2 (0),...converges to the least fixed point μf. The convergence can be accelerated if the underlying semiring is commutative. We show tha ..."
Abstract

Cited by 19 (11 self)
 Add to MetaCart
Fixed point equations x = f(x) overωcontinuous semirings can be seen as the mathematical foundation of interprocedural program analysis. The sequence 0, f(0), f 2 (0),...converges to the least fixed point μf. The convergence can be accelerated if the underlying semiring is commutative. We show that accelerations in the literature, namely Newton’s method for the arithmetic semiring [4] and an acceleration for commutative Kleene algebras due to Hopkins and Kozen [5], are instances of a general algorithm for arbitrary commutative ωcontinuous semirings. In a second contribution, we improve the O(3 n) bound of [5] and show that their acceleration reaches μf after n iterations, where n is the number of equations. Finally, we apply the HopkinsKozen acceleration to itself and study the resulting hierarchy of increasingly fast accelerations.
Newtonian Program Analysis
, 2010
"... This article presents a novel generic technique for solving dataflow equations in interprocedural dataflow analysis. The technique is obtained by generalizing Newton’s method for computing a zero of a differentiable function to ωcontinuous semirings. Complete semilattices, the common program analy ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
(Show Context)
This article presents a novel generic technique for solving dataflow equations in interprocedural dataflow analysis. The technique is obtained by generalizing Newton’s method for computing a zero of a differentiable function to ωcontinuous semirings. Complete semilattices, the common program analysis framework, are a special class of ωcontinuous semirings. We show that our generalized method always converges to the solution, and requires at most as many iterations as current methods based on Kleene’s fixedpoint theorem. We also show that, contrary to Kleene’s method, Newton’s method always terminates for arbitrary idempotent and commutative semirings. More precisely, in the latter setting the number of iterations required to solve a system of n equations is at most n.
Reachability analysis of synchronized PA systems
 In Proceedings of Infinity 2004
, 2004
"... Abstract. We present a generic approach for the analysis of concurrent programs with (unbounded) dynamic creation of threads and recursive procedure calls. We define a model for such programs based on a set of term rewrite rules where terms represent control configurations. The reachability problem ..."
Abstract

Cited by 12 (5 self)
 Add to MetaCart
Abstract. We present a generic approach for the analysis of concurrent programs with (unbounded) dynamic creation of threads and recursive procedure calls. We define a model for such programs based on a set of term rewrite rules where terms represent control configurations. The reachability problem for this model is undecidable. Therefore, we propose a method for analyzing such models based on computing abstractions of their sets of computation paths. Our approach allows to compute such abstractions as least solutions of a system of (path language) constraints. More precisely, given a program and two regular sets of configurations (process terms) T and T , we provide (1) a construction of a system of constraints which characterizes precisely the set of computation paths leading from T to T , and (2) a generic framework, based on abstract interpretation, allowing to solve this system in various abstract domains leading to abstract analysis with different precision and cost. 1
Newton’s method for ωcontinuous semirings
, 2008
"... Fixed point equations X = f(X) over ωcontinuous semirings are a natural mathematical foundation of interprocedural program analysis. Generic algorithms for solving these equations are based on Kleene’s theorem, which states that the sequence 0, f(0), f(f(0)),... converges to the least fixed point. ..."
Abstract

Cited by 12 (6 self)
 Add to MetaCart
Fixed point equations X = f(X) over ωcontinuous semirings are a natural mathematical foundation of interprocedural program analysis. Generic algorithms for solving these equations are based on Kleene’s theorem, which states that the sequence 0, f(0), f(f(0)),... converges to the least fixed point. However, this approach is often inefficient. We report on recent work in which we extend Newton’s method, the wellknown technique from numerical mathematics, to arbitrary ωcontinuous semirings, and analyze its convergence speed in the real semiring.
DECISION PROCEDURES FOR EQUATIONALLY BASED REASONING
, 2008
"... This work develops new automated reasoning techniques for verifying the correctness of equationally specified programs. These techniques are not just theoretical, but have been implemented, and applied to actual program verification projects. Although the work spans several different areas, a major ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
This work develops new automated reasoning techniques for verifying the correctness of equationally specified programs. These techniques are not just theoretical, but have been implemented, and applied to actual program verification projects. Although the work spans several different areas, a major theme of this work is to develop better techniques at the boundary between decidable and undecidable problems. That is, this work seeks out not just positive decidability results, but ways to extend the underlying techniques to be effective on problems outside of decidable subclasses. For program verification to succeed, we feel that two important directions must be pursued: (1) considering more expressive logics to allow designers to more easily specify systems, and (2) develop decision procedures that can reason efficiently about these more sophsticated logics. This work pursues both directions, and the main topics addressed include: new decidability and undecidability results for equational tree automata (Chapter 3), ordersorted unification (Chapter 4), sufficient completeness for specifications with partiality
Interprocedural Dataflow Analysis over Weight Domains with Infinite Descending Chains
 in "Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures
"... Abstract. We study generalized fixedpoint equations over idempotent semirings and provide an efficient algorithm for the detection whether a sequence of Kleene’s iterations stabilizes after a finite number of steps. Previously known approaches considered only bounded semirings where there are no in ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We study generalized fixedpoint equations over idempotent semirings and provide an efficient algorithm for the detection whether a sequence of Kleene’s iterations stabilizes after a finite number of steps. Previously known approaches considered only bounded semirings where there are no infinite descending chains. The main novelty of our work is that we deal with semirings without the boundedness restriction. Our study is motivated by several applications from interprocedural dataflow analysis. We demonstrate how the reachability problem for weighted pushdown automata can be reduced to solving equations in the framework mentioned above and we describe a few applications to demonstrate its usability. 1
Derivation Tree Analysis for Accelerated FixedPoint Computation
"... Abstract. We show that for several classes of idempotent semirings the least fixedpoint of a polynomial system of equations X = f(X) is equal to the least fixedpoint of a linear system obtained by “linearizing ” the polynomials of f in a certain way. Our proofs rely on derivation tree analysis, a ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We show that for several classes of idempotent semirings the least fixedpoint of a polynomial system of equations X = f(X) is equal to the least fixedpoint of a linear system obtained by “linearizing ” the polynomials of f in a certain way. Our proofs rely on derivation tree analysis, a proof principle that combines methods from algebra, calculus, and formal language theory, and was first used in [5] to show that Newton’s method over commutative and idempotent semirings converges in a linear number of steps. Our results lead to efficient generic algorithms for computing the least fixedpoint. We use these algorithms to derive several consequences, including an O(N 3) algorithm for computing the throughput of a contextfree grammar (obtained by speeding up the O(N 4) algorithm of [2]), and a generalization of Courcelle’s result stating that the downwardclosed image of a contextfree language is regular [3]. 1