Donut Domains: Efficient Non-convex Domains for Abstract Interpretation
نویسندگان
چکیده
Program analysis using abstract interpretation has been successfully applied in practice to find runtime bugs or prove software correct. Most abstract domains that are used widely rely on convexity for their scalability. However, the ability to express non-convex properties is sometimes required in order to achieve a precise analysis of some numerical properties. This work combines already known abstract domains in a novel way in order to design new abstract domains that tackle some non-convex invariants. The abstract objects of interest are encoded as a pair of two convex abstract objects: the first abstract object defines an over-approximation of the possible reached values, as is done customarily. The second abstract object under-approximates the set of impossible values within the state-space of the first abstract object. Therefore, the geometrical concretization of our objects is defined by a convex set minus another convex set (or hole). We thus call these domains donut domains.
منابع مشابه
Numerical Abstract Domain using Support Functions (Extended Version)
An abstract interpretation based static analyzer depends on the choice of both an abstract domain and a methodology to compute fixpoints of monotonic functions. Abstract domains are almost always representations of convex sets that must provide efficient algorithms to perform both numerical and order-theoretic computations. In this paper, we present a new abstract domain that uses support funct...
متن کاملAbstract Interpretation over Non-lattice Abstract Domains
Interpretation over Non-Lattice Abstract Domains Graeme Gange, Jorge A. Navas, Peter Schachte, Harald Søndergaard, and Peter J. Stuckey Department of Computing and Information Systems, The University of Melbourne, Victoria 3010, Australia {gkgange,jorge.navas,schachte,harald,pstuckey}@unimelb.edu.au Abstract. The classical theoretical framework for static analysis of programs is abstract interp...
متن کاملA Certifying Frontend for (Sub)polyhedral Abstract Domains
Convex polyhedra provide a relational abstraction of numerical properties for static analysis of programs by abstract interpretation. We describe a lightweight certification of polyhedral abstract domains using the Coq proof assistant. Our approach consists in delegating most computations to an untrusted backend and in checking its outputs with a certified frontend. The backend is free to imple...
متن کاملSynthesizing Predicates from Abstract Domain Losses
Numeric abstract domains are key to many verification problems. Their ability to scale hinges on using convex approximations of the possible variable valuations. In certain cases, this approximation is too coarse to verify certain verification conditions, namely those that require disjunctive invariants. A common approach to infer disjunctive invariants is to track a set of states. However, thi...
متن کاملA Logical Product Approach to Zonotope Intersection
We define and study a new abstract domain which is a fine-grained combination of zonotopes with (sub-)polyhedric domains such as the interval, octagon, linear template or polyhedron domains. While abstract transfer functions are still rather inexpensive and accurate even for interpreting non-linear computations, we are able to also interpret tests (i.e. intersections) efficiently. This fixes a ...
متن کامل