Results 1  10
of
10
Generalized Constant Propagation A Study in C
 In 6th Int. Conf. on Compiler Construction, volume 1060 of Lec. Notes in Comp. Sci
, 1996
"... . Generalized Constant Propagation (GCP) statically estimates the ranges of variables throughout a program. GCP is a topdown compositional compiler analysis in the style of abstract intepretation. In this paper we present an implementation of both intraprocedural and interprocedural GCP within the ..."
Abstract

Cited by 33 (3 self)
 Add to MetaCart
(Show Context)
. Generalized Constant Propagation (GCP) statically estimates the ranges of variables throughout a program. GCP is a topdown compositional compiler analysis in the style of abstract intepretation. In this paper we present an implementation of both intraprocedural and interprocedural GCP within the context of the C language. We compare the accuracy and utility of GCP information for several versions of GCP using experimental results from an actual implementation. 1 Introduction Generalized Constant Propagation (GCP) is a topdown compositional compiler analysis based on the style of abstract interpretation [CC77]. A GCP analysis statically approximates the possible values each variable could take at each point in the program. As an extension of constant propagation (CP), GCP estimates ranges for variables rather than their precise value: each variable at each point is associated with a minimum and maximum value. We have implemented GCP for the full C language, in both intraprocedural...
Generating All Polynomial Invariants in Simple Loops
, 2007
"... This paper presents a method for automatically generating all polynomial invariants in simple loops. It is rst shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Based on this connection, a xpoint procedure using operations on ideals and Grobner bas ..."
Abstract

Cited by 24 (2 self)
 Add to MetaCart
This paper presents a method for automatically generating all polynomial invariants in simple loops. It is rst shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Based on this connection, a xpoint procedure using operations on ideals and Grobner basis constructions is proposed for nding all polynomial invariants. Most importantly, it is proved that the procedure terminates in at most m + 1 iterations, where m is the number of program variables. The proof relies on showing that the irreducible components of the varieties associated with the ideals generated by the procedure either remain the same or increase their dimension at every iteration of the xpoint procedure. This yields a correct and complete algorithm for inferring conjunctions of polynomial equalities as invariants. The method has been implemented in Maple using the Groebner package. The implementation has been used to automatically discover nontrivial invariants for several examples to illustrate the power of the technique.
An abstract interpretation approach for automatic generation of polynomial invariants
 In 11th Static Analysis Symposium
, 2004
"... www.cs.unm.edu/~kapur Abstract. A method for generating polynomial invariants of imperative programs is presented using the abstract interpretation framework. It is shown that for programs with polynomial assignments, an invariant consisting of a conjunction of polynomial equalities can be automatic ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
(Show Context)
www.cs.unm.edu/~kapur Abstract. A method for generating polynomial invariants of imperative programs is presented using the abstract interpretation framework. It is shown that for programs with polynomial assignments, an invariant consisting of a conjunction of polynomial equalities can be automatically generated for each program point. The proposed approach takes into account tests in conditional statements as well as in loops, insofar as they can be abstracted to be polynomial equalities and disequalities. The semantics of each statement is given as a transformation on polynomial ideals. Merging of paths in a program is defined as the intersection of the polynomial ideals associated with each path. For a loop junction, a widening operator based on selecting polynomials up to a certain degree is proposed. The algorithm for finding invariants using this widening operator is shown to terminate in finitely many steps. The proposed approach has been implemented and successfully tried on many programs. A table providing details about the programs is given. 1
Using Dynamic Analysis to Discover Polynomial and Array Invariants
"... Abstract—Dynamic invariant analysis identifies likely properties over variables from observed program traces. These properties can aid programmers in refactoring, documenting, and debugging tasks by making dynamic patterns visible statically. Two useful forms of invariants involve relations among po ..."
Abstract

Cited by 17 (2 self)
 Add to MetaCart
(Show Context)
Abstract—Dynamic invariant analysis identifies likely properties over variables from observed program traces. These properties can aid programmers in refactoring, documenting, and debugging tasks by making dynamic patterns visible statically. Two useful forms of invariants involve relations among polynomials over program variables and relations among array variables. Current dynamic analysis methods support such invariants in only very limited forms. We combine mathematical techniques that have not previously been applied to this problem, namely equation solving, polyhedra construction, and SMT solving, to bring new capabilities to dynamic invariant detection. Using these methods, we show how to find equalities and inequalities among nonlinear polynomials over program variables, and linear relations among array variables of multiple dimensions. Preliminary experiments on 24 mathematical algorithms and an implementation of AES encryption provide evidence that the approach is effective at finding these invariants. Keywordsprogram analysis; dynamic analysis; invariant generation; nonlinear invariants; array invariants I.
DIG: A Dynamic Invariant Generator for Polynomial and Array Invariants
 ACM Transactions on Software Engineering and Methodology
"... This article describes and evaluates DIG, a dynamic invariant generator that infers invariants from observed program traces, focusing on numerical and array variables. For numerical invariants, DIG supports both nonlinear equalities and inequalities of arbitrary degree defined over numerical program ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
This article describes and evaluates DIG, a dynamic invariant generator that infers invariants from observed program traces, focusing on numerical and array variables. For numerical invariants, DIG supports both nonlinear equalities and inequalities of arbitrary degree defined over numerical program variables. For array invariants, DIG generates nested relations among multidimensional array variables. These properties are nontrivial and challenging for current static and dynamic invariant analysis methods. The key difference between DIG and existing dynamic methods is its generative technique, which infers invariants directly from traces, instead of using traces to filter out predefined templates. To generate accurate invariants, DIG employs ideas and tools from the mathematical and formal methods domains, including equation solving, polyhedra construction, and theorem proving; for example, DIG represents and reasons about polynomial invariants using geometric shapes. Experimental results on 27 mathematical algorithms and an implementation of AES encryption provide evidence that DIG is effective at generating invariants for these programs.
A Generic Annotation Inference Algorithm for the Safety Certification of Automatically Generated Code
, 2006
"... Code generators for realistic application domains are not directly verifiable in practice. In the certifiable code generation approach the generator is extended to generate logical annotations (i.e., preand postconditions and loop invariants) along with the programs, allowing fully automated program ..."
Abstract
 Add to MetaCart
Code generators for realistic application domains are not directly verifiable in practice. In the certifiable code generation approach the generator is extended to generate logical annotations (i.e., preand postconditions and loop invariants) along with the programs, allowing fully automated program proofs of different safety properties. However, this requires access to the generator sources, and remains difficult to implement and maintain because the annotations are crosscutting concerns, both on the objectlevel (i.e., in the generated code) and on the metalevel (i.e., in the generator). Here we describe a new generic postgeneration annotation inference algorithm that circumvents these problems. We exploit the fact that the output of a code generator is highly idiomatic, so that patterns can be used to describe all code constructs that require annotations. The patterns are specific to the idioms of the targeted code generator and to the safety property to be shown, but the algorithm core remains fully generic. This core is implemented and instantiated for two generators; the instances are applied successfully to fully automatically certify initialization safety for a range of generated programs.
ISBN: 9780494672457 Our file Notre référence
, 2009
"... exclusive license allowing Library and ..."
(Show Context)
Automating and Validating Semantic Annotations
"... Usecase diagrams (UCDs) are widely used to describe requirements and desired functionality of software products. However, UCDs are loosely linked to the source code, and there are no approaches to maintain the correspondence between program variable and types (or program entities) and elements of U ..."
Abstract
 Add to MetaCart
Usecase diagrams (UCDs) are widely used to describe requirements and desired functionality of software products. However, UCDs are loosely linked to the source code, and there are no approaches to maintain the correspondence between program variable and types (or program entities) and elements of UCDs. We offer a novel approach for automating a part of the process of annotating program entities with names of elements from UCDs. Developers first annotate an initial set of a few program entities. Our LEarning ANnnotations (Lean) system combines these annotations with runtime monitoring, program analysis, and machinelearning approaches to discover and validate annotations on unannotated entities in Java programs. We evaluate our prototype implementation on opensource software projects and our results suggest that Lean can generalize from a small set of annotated entities to annotate many other entities.
Automating and validating program annotations
, 2005
"... Program annotations help to catch errors, improve program understanding, and specify invariants. Adding annotations, however, is often a manual, laborious, tedious, and error prone process especially when programs are large. We offer a novel approach for automating a part of this process. Developers ..."
Abstract
 Add to MetaCart
(Show Context)
Program annotations help to catch errors, improve program understanding, and specify invariants. Adding annotations, however, is often a manual, laborious, tedious, and error prone process especially when programs are large. We offer a novel approach for automating a part of this process. Developers first specify an initial set of annotations for a few variables and types. Our LEarning ANnnotations (Lean) system combines these annotations with runtime monitoring, program analysis, and machinelearning approaches to discover and validate annotations on unannotated variables. We evaluate our prototype implementation on opensource software projects and our results suggest that Lean can generalize from a small set of annotated variables to annotate many other variables. Our experiments show that after users annotate approximately 6 % of the program variables and types, Lean correctly annotates an additional 69 % of variables in the best case, 47 % on the average, and 12 % in the worst case, taking less than one hour to run on an application with over 20,000 lines of code.
NOTICE AND SIGNATURE PAGE
, 2012
"... Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the ..."
Abstract
 Add to MetaCart
(Show Context)
Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation; or convey any rights or permission to manufacture, use, or