7 research outputs found
Convex polyhedral abstractions, specialisation and property-based predicate splitting in Horn clause verification
We present an approach to constrained Horn clause (CHC) verification
combining three techniques: abstract interpretation over a domain of convex
polyhedra, specialisation of the constraints in CHCs using abstract
interpretation of query-answer transformed clauses, and refinement by splitting
predicates. The purpose of the work is to investigate how analysis and
transformation tools developed for constraint logic programs (CLP) can be
applied to the Horn clause verification problem. Abstract interpretation over
convex polyhedra is capable of deriving sophisticated invariants and when used
in conjunction with specialisation for propagating constraints it can
frequently solve challenging verification problems. This is a contribution in
itself, but refinement is needed when it fails, and the question of how to
refine convex polyhedral analyses has not been studied much. We present a
refinement technique based on interpolants derived from a counterexample trace;
these are used to drive a property-based specialisation that splits predicates,
leading in turn to more precise convex polyhedral analyses. The process of
specialisation, analysis and splitting can be repeated, in a manner similar to
the CEGAR and iterative specialisation approaches.Comment: In Proceedings HCVS 2014, arXiv:1412.082
Widening with Thresholds for Programs with Complex Control Graphs
The precision of an analysis based on abstract interpretation does not only depend on the expressiveness of the abstract domain, but also on the way fixpoint equations are solved: exact solving is often not possible. The traditional solution is to solve iteratively abstract fixpoint equations, using extrapolation with a widening operator to make the iterations converge. Unfortunately, the extrapolation too often loses crucial information for the analysis goal. A classical technique for improving the precision is ''widening with thresholds'', which bounds the extrapolation. Its benefit strongly depends on the choice of relevant thresholds. In this paper we propose a semantic-based technique for automatically inferring such thresholds, which applies to any control graph, be it intraprocedural, interprocedural or concurrent, without specific assumptions on the abstract domain. Despite its technical simplicity, our technique is able to infer the relevant thresholds in many practical cases.La précision d'une analyse fondée sur l'interprétation abstraite dépend no seulement de l'expressivité du domaine abstrait, mais aussi de la façon dont les équations abstraites sont résolues: la solution optimale n'est en effet pas toujors calculable. La technique traditionnelle est de résoudre itérativement les équations de point-fixe abstraites, en effectuant des extrapolations à l'aide d'un opérateur d'élargissement pour faire converger les itérations. Malheureusement, ces extrapolations induisent fréquemment la perte d'informations cruciales pour l'objectif de l'analyse. Une technique classique pour améliorer la précision est >, qui borne l'extrapolation. Son efficacité dépend fortement du choix de seuils pertinents. Nous proposons ici une technique de nature sémantique pour inférer automatiquement des seuils pertinents, qui s'applique à n''importe quel graphe de contrôle, qu'il soit intraprocédural, interprocédural ou concurrent, sans hypothèse spécifique sur le domaine abstrait. malgré sa simplicité technique, cette technique infère les seuils pertinents dans beaucoup de cas pratiques
Numerical Abstract Domain using Support Functions
Abstract. In this paper, we present a new abstract domain that uses support functions to represent convex sets. Then, using a predefined set of directions, we can use an efficient method to compute the fixpoint of linear programs. We show on a simple example the efficiency of our method.