Data flow analysis is model checking of abstract interpretations

David A. Schmidt
<span title="">1998</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="" style="color: black;">Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL &#39;98</a> </i> &nbsp;
This expository paper simplifies and clarifies Steifen's depiction of data flow analysis (d.Ja. ) as model checking: By employing abstract interpretation (a-i. ) to generate program traces and by utilizing Kozen's modal mu-calculus to express trace properties, we express in simplest possible terms that a d&a. is a model check of a program's a.i. trace. In particular, the classic %ow equations for bit-vector-based d-Jo. s reformat trivially into modal mu-Cal&us formulas., A surprising
more &raquo; ... is that two of the classical d&a. s are exposed as unsound; this problem is analyzed and simply repaired. In the process of making the above discoveries, we cIarify the relationship between a. i. and d-&a. in terms of the often-misunderstood notion of collecting semantics and we highlight how the research areas of %ow analysis, abstract interpretation, and mode1 checking have grown together. Acknowledgements Bernhard Steffen, Carolyn Talcott, and Mitchell Wand studied drafts of this and a related paper and made many useful suggestions. Also, Stephen Brookes, Edmund Clarke, OIivier Danvy, Peter Mosses, and Cotin Stirling are thanked for hosting, me during my sabbatjcal year journeys. Refereices [l] S. Abramsky and C. Hankin, editors. Abstract interpmtation of declarative languages. Ellis Horwood, chichester, 1987.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="">doi:10.1145/268946.268950</a> <a target="_blank" rel="external noopener" href="">dblp:conf/popl/Schmidt98</a> <a target="_blank" rel="external noopener" href="">fatcat:2muvgfeo6bhvva6gnqkukobs7e</a> </span>
