An Algebraic Framework for Compositional Program Analysis

The purpose of a program analysis is to compute an abstract meaning for a program which approximates its dynamic behaviour. A compositional program analysis accomplishes this task with a divide-and-conquer strategy: the meaning of a program is computed by dividing it into sub-programs, computing their meaning, and then combining the results. Compositional program analyses are desirable because they can yield scalable (and easily parallelizable) program analyses. This paper presents algebraic framework for designing, implementing, and proving the correctness of compositional program analyses. A program analysis in our framework defined by an algebraic structure equipped with sequencing, choice, and iteration operations. From the analysis design perspective, a particularly interesting consequence of this is that the meaning of a loop is computed by applying the iteration operator to the loop body. This style of compositional loop analysis can yield interesting ways of computing loop invariants that cannot be defined iteratively. We identify a class of algorithms, the so-called path-expression algorithms [Tarjan1981,Scholz2007], which can be used to efficiently implement analyses in our framework. Lastly, we develop a theory for proving the correctness of an analysis by establishing an approximation relationship between an algebra defining a concrete semantics and an algebra defining an analysis.

[1]  Patrick Cousot,et al.  Abstract Interpretation Frameworks , 1992, J. Log. Comput..

[2]  Marsha Chechik,et al.  Ufo: A Framework for Abstraction- and Interpolation-Based Software Verification , 2012, CAV.

[3]  Daniel Kroening,et al.  Loop Summarization Using Abstract Transformers , 2008, ATVA.

[4]  S C Kleene,et al.  Representation of Events in Nerve Nets and Finite Automata , 1951 .

[5]  Patrick Cousot,et al.  Modular Static Program Analysis , 2002, CC.

[6]  Barbara G. Ryder,et al.  Elimination algorithms for data flow analysis , 1986, CSUR.

[7]  Dexter Kozen,et al.  Kleene Algebra with Tests and the Static Analysis of Programs , 2003 .

[8]  Wei-Ngan Chin,et al.  Inferring Disjunctive Postconditions , 2006, ASIAN.

[9]  Bernhard Steffen,et al.  The Interprocedural Coincidence Theorem , 1992, CC.

[10]  Somesh Jha,et al.  Weighted pushdown systems and their application to interprocedural dataflow analysis , 2003, Sci. Comput. Program..

[11]  Thomas W. Reps,et al.  Precise interprocedural dataflow analysis via graph reachability , 1995, POPL '95.

[12]  Ashutosh Gupta,et al.  InvGen: An Efficient Invariant Generator , 2009, CAV.

[13]  Jeffrey D. Ullman,et al.  Monotone data flow analysis frameworks , 1977, Acta Informatica.

[14]  Algebraic logic , 1985, Problem books in mathematics.

[15]  Flemming Nielson,et al.  Galois Connections for Flow Algebras , 2011, FMOODS/FORTE.

[16]  Gary A. Kildall,et al.  A unified approach to global program optimization , 1973, POPL.

[17]  A. Tarski,et al.  Cylindric Algebras. Part II , 1988 .

[18]  Edwin D. Reilly Activation record , 2003 .

[19]  Thomas W. Reps,et al.  Extended Weighted Pushdown Systems , 2005, CAV.

[20]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[21]  Robert E. Tarjan,et al.  Fast Algorithms for Solving Path Problems , 1981, JACM.

[22]  A. Tarski A LATTICE-THEORETICAL FIXPOINT THEOREM AND ITS APPLICATIONS , 1955 .

[23]  Georg Struth,et al.  Concurrent Kleene Algebra , 2009, CONCUR.

[24]  Helmut Seidl,et al.  Precise interprocedural analysis through linear algebra , 2004, POPL.

[25]  Lucja Kot,et al.  Second-Order Abstract Interpretation via Kleene Algebra , 2004 .

[26]  Dexter Kozen,et al.  A completeness theorem for Kleene algebras and the algebra of regular events , 1991, [1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science.

[27]  Thomas W. Reps,et al.  Improving Pushdown System Model Checking , 2006, CAV.

[28]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[29]  SeidlHelmut,et al.  Precise interprocedural analysis through linear algebra , 2004 .

[30]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[31]  Robert E. Tarjan,et al.  A Unified Approach to Path Problems , 1981, JACM.

[32]  Patrick Cousot,et al.  Static Determination of Dynamic Properties of Recursive Procedures , 1977, Formal Description of Programming Concepts.

[33]  Williams Ludwell Harrison,et al.  Automatic recognition of induction variables and recurrence relations by abstract interpretation , 1990, PLDI '90.

[34]  Dexter Kozen A Completeness Theorem for Kleene Algebras and the Algebra of Regular Events , 1994, Inf. Comput..

[35]  Johann Blieberger,et al.  A New Elimination-Based Data Flow Analysis Framework Using Annotated Decomposition Trees , 2007, CC.

[36]  Patrick Cousot,et al.  Systematic design of program analysis frameworks , 1979, POPL.

[37]  Stefan Kowalewski,et al.  Loop Leaping with Closures , 2012, SAS.

[38]  Tayssir Touili,et al.  A Generic Approach to the Static Analysis of Concurrent Programs with Procedures , 2003, Int. J. Found. Comput. Sci..

[39]  François Bourdoncle,et al.  Efficient chaotic iteration strategies with widenings , 1993, Formal Methods in Programming and Their Applications.