Information Processing Letters 110 (2010) 666–671 Contents lists available at ScienceDirect Information Processing Letters www.elsevier.com/locate/ipl Refining abstract interpretations Bhargav S. Gulavani a,∗ , Supratik Chakraborty a , Aditya V. Nori b , Sriram K. Rajamani b a IIT Bombay, India b Microsoft Research Bangalore, India article info abstract Article history: Received 10 September 2009 Received in revised form 26 January 2010 Accepted 24 May 2010 Available online 27 May 2010 Communicated by A.A. Bertossi Keywords: Program correctness Abstract interpretation Interpolation CEGAR Abstract interpretation techniques prove properties of programs by computing abstract fixpoints. All such analyses suffer from the possibility of false errors. We present a dag-based abstraction refinement technique to automatically refine such abstract interpretations and reduce false errors. This technique refines precision loss due to widen operator by a new interpolated widen operator and refines precision loss due to join operator by disjunctions. We prove the soundness and progress properties of this abstraction refinement procedure.  2010 Elsevier B.V. All rights reserved. 1. Introduction Abstract interpretation [5] is a general technique to compute sound fixpoints for programs. Such fixpoint com- putations have to lose precision in order to guarantee ter- mination. However, precision losses can lead to false er- rors. Recently, there has been an increased interest in au- tomatically refining abstract interpretations. A first attempt in this direction was made in [8] where widen was refined by convex hull in the polyhedra domain. In [7] we im- proved upon these techniques by designing (a) an interpo- lated widen operator that refines widen using interpolants, (b) a new algorithm to implicitly handle disjunctions that occur during refinement, and (c) a new algorithm to re- fine abstract interpretations that use the join operator to merge abstract states at program locations where condi- tional branches merge. We have built a tool Dagger that implements these ideas. In [7] we compared Dagger with recent related works and presented its empirical evalu- ation. These results showed that Dagger outperforms a number of available tools such as Slam [2], Blast [10], * Corresponding author. E-mail address: bhargav@cse.iitb.ac.in (B.S. Gulavani). Armc [11], and our earlier tool [8] on a range of bench- marks. The focus of our earlier work [7] was on the practi- cal implementation of dag based abstraction refinement techniques in Dagger, and on the evaluation of Dagger’s performance and accuracy vis-a-vis other tools. In [7], we had therefore explained only the basic principles of ab- straction and refinement required for implementing Dag- ger. In the present paper, we provide an in-depth formal analysis of our dag-based abstraction and refinement al- gorithms, focusing on soundness and progress properties. This provides theoretical guarantees about our technique that are extremely useful (especially progress guarantees) in a practical setting. Preliminaries. Let V be a finite set of variables, each over potentially infinite domains. A state s is a valuation of all variables in V . Let Σ be the (possibly infinite) set of all possible states. A program P V over a set of variables V is a six-tuple (L, E , R , l 0 , l x , Image ♭ ), where (i) L is a finite set of control locations in the pro- gram, representing possible valuations of the program counter, (ii) E ⊆ L × L is a set of control flow edges, (iii) R ⊆ L is a set of error locations, 0020-0190/$ – see front matter  2010 Elsevier B.V. All rights reserved. doi:10.1016/j.ipl.2010.05.021