An Abstract Domain of Uninterpreted Functions
نویسندگان
چکیده
We revisit relational static analysis of numeric variables. Such analyses face two difficulties. First, even inexpensive relational domains scale too poorly to be practical for large code-bases. Second, to remain tractable they have extremely coarse handling of non-linear relations. In this paper, we introduce the subterm domain, a weakly relational abstract domain for inferring equivalences amongst sub-expressions, based on the theory of uninterpreted functions. This provides an extremely cheap approach for enriching non-relational domains with relational information, and enhances precision of both relational and nonrelational domains in the presence of non-linear operations. We evaluate the idea in the context of the software verification tool SeaHorn.
منابع مشابه
Static Analysis of Heap-Manipulating Low-Level Software
This paper describes a static (intraprocedural) analysis for analyzing heap-manipulating programs (in presence of recursive data structures and pointer arithmetic) in languages like C or low-level code. This analysis can be used for checking memory-safety, memory leaks, and user specified assertions. We first propose a rich abstract domain for representing useful invariants about such programs....
متن کاملUniqueness of meromorphic functions dealing with multiple values in an angular domain
This paper uses the Tsuji’s characteristic to investigate the uniqueness of transcen- dental meromorphic function with shared values in an angular domain dealing with the multiple values which improve a result of J. Zheng.
متن کاملOn Reasoning about Finite Sets in Software Model Checking
A number of static checking techniques is based on constructing and refining an abstract reachability tree (ART) and reasoning about Linear Arithmetics. For example, in BLAST, each program statement is represented as a series of assignments of a linear functions to variables, and the procedure of predicate discovery relies on Craig interpolation of linear arithmetics and equality with uninterpr...
متن کاملDeciding Satisfiability of Equality Logic Formulas with Uninterpreted Functions
The logic of equality with uninterpreted functions (EUF) has been proposed for verifying abstract hardware designs. Fast satisfiability checking over this logic is important for such verification to be successful. Our algorithm is based on the Davis-Putman-Logemann-Loveland (DPLL) procedure, one of the most effective methods to check propositional satisfiability. The DPLL procedure returns a sa...
متن کاملA note on the problem when FS-domains coincide with RB-domains
In this paper, we introduce the notion of super finitely separating functions which gives a characterization of RB-domains. Then we prove that FS-domains and RB-domains are equivalent in some special cases by the following three claims: a dcpo is an RB-domain if and only if there exists an approximate identity for it consisting of super finitely separating functions; a consistent join-semilatti...
متن کامل