ABSTRACT
We consider a variant of string constraints given by membership constraints in context-free languages and subword relation between variables. The satisfiability problem for this variant turns out to be undecidable. We consider a fragment in which the subword-order constraints do not impose any cyclic dependency between variables. We show that this fragment is NexpTime-complete. As an application of our result, we settle the complexity of control state reachability in acyclic lossy channel pushdown systems, an important distributed system model. The problem was shown to be decidable in [8]. However, no elementary upper bound was known. We show that this problem is NexpTime-complete.
- A. Parosh Abdulla, F. Mohamed Atig, Yu-Fang Chen, Diep Phi Bui, Lukáš Holík, Ahmed Rezine, and Philipp Rummer. 2019. Trau : SMT solver for string constraints. In Proceedings of the 18th Conference on Formal Methods in Computer-Aided Design (Austin, US). FMCAD Inc., 165–169. https://doi.org/10.23919/FMCAD.2018.8602997Google Scholar
- P. Abdulla and B. Jonsson. 1993. Verifying programs with unreliable channels. In Proceedings of 8th Annual IEEE Symposium on Logic in Computer Science. IEEE Computer Society, Los Alamitos, CA, USA. https://doi.org/10.1109/LICS.1993.287591Google Scholar
- Parosh Aziz Abdulla, Mohamed Faouzi Atig, Yu-Fang Chen, Lukás Holík, Ahmed Rezine, Philipp Rümmer, and Jari Stenman. 2014. String Constraints for Verification. In Computer Aided Verification - 26th International Conference, CAV 2014, Held as Part of the Vienna Summer of Logic, VSL 2014, Vienna, Austria, July 18-22, 2014. Proceedings(Lecture Notes in Computer Science, Vol. 8559), Armin Biere and Roderick Bloem (Eds.). Springer. https://doi.org/10.1007/978-3-319-08867-9_10Google ScholarDigital Library
- Parosh Aziz Abdulla, Mohamed Faouzi Atig, Vrunda Dave, and Shankara Narayanan Krishna. 2020. On the Separability Problem of String Constraints. In 31st International Conference on Concurrency Theory, CONCUR 2020, September 1-4, 2020, Vienna, Austria (Virtual Conference)(LIPIcs, Vol. 171), Igor Konnov and Laura Kovács (Eds.). Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPIcs.CONCUR.2020.16Google Scholar
- Parosh Aziz Abdulla, Mohamed Faouzi Atig, Bui Phi Diep, Lukás Holík, and Petr Janku. 2019. Chain-Free String Constraints. In Automated Technology for Verification and Analysis - 17th International Symposium, ATVA 2019, Taipei, Taiwan, October 28-31, 2019, Proceedings(Lecture Notes in Computer Science, Vol. 11781), Yu-Fang Chen, Chih-Hong Cheng, and Javier Esparza (Eds.). Springer. https://doi.org/10.1007/978-3-030-31784-3_16Google ScholarDigital Library
- Oluwakemi Christiana Abikoye, Abdullahi Abubakar, Ahmed Haruna Dokoro, Oluwatobi Noah Akande, and Aderonke Anthonia Kayode. 2020. A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm. EURASIP Journal on Information Security 2020, 1 (18 Aug 2020). https://doi.org/10.1186/s13635-020-00113-yGoogle ScholarCross Ref
- C. Aiswarya. 2020. On Network Topologies and the Decidability of Reachability Problem. In Networked Systems - 8th International Conference, NETYS 2020, Marrakech, Morocco, June 3-5, 2020, Proceedings(Lecture Notes in Computer Science, Vol. 12129), Chryssis Georgiou and Rupak Majumdar (Eds.). Springer, 3–10. https://doi.org/10.1007/978-3-030-67087-0_1Google ScholarDigital Library
- Mohamed Faouzi Atig, Ahmed Bouajjani, and Tayssir Touili. 2008. On the Reachability Analysis of Acyclic Networks of Pushdown Systems. In Concurrency Theory, 19th International Conference, CONCUR 2008, Toronto, Canada, August 19-22, 2008. Proceedings(Lecture Notes in Computer Science, Vol. 5201), Franck van Breugel and Marsha Chechik (Eds.). Springer. https://doi.org/10.1007/978-3-540-85361-9_29Google ScholarDigital Library
- Mohamed Faouzi Atig, K. Narayan Kumar, and Prakash Saivasan. 2013. Adjacent Ordered Multi-Pushdown Systems. In Developments in Language Theory - 17th International Conference, DLT 2013, Marne-la-Vallée, France, June 18-21, 2013. Proceedings(Lecture Notes in Computer Science, Vol. 7907), Marie-Pierre Béal and Olivier Carton (Eds.). Springer, 58–69. https://doi.org/10.1007/978-3-642-38771-5_7Google Scholar
- Murphy Berzish, Vijay Ganesh, and Yunhui Zheng. 2017. Z3str3: A String Solver with Theory-Aware Heuristics. In Proceedings of the 17th Conference on Formal Methods in Computer-Aided Design (Vienna, Austria) (FMCAD ’17). FMCAD Inc, Austin, Texas. https://doi.org/10.23919/FMCAD.2017.8102241Google ScholarCross Ref
- Daniel Brand and Pitro Zafiropulo. 1983. On Communicating Finite-State Machines. J. ACM 30, 2 (apr 1983). https://doi.org/10.1145/322374.322380Google ScholarDigital Library
- Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, and Dawson R. Engler. 2008. EXE: Automatically Generating Inputs of Death. ACM Trans. Inf. Syst. Secur. 12, 2 (2008). https://doi.org/10.1145/1455518.1455522Google ScholarDigital Library
- Taolue Chen, Yan Chen, Matthew Hague, Anthony W. Lin, and Zhilin Wu. 2018. What is decidable about string constraints with the ReplaceAll function. Proc. ACM Program. Lang. 2, POPL (2018), 3:1–3:29. https://doi.org/10.1145/3158091Google ScholarDigital Library
- Taolue Chen, Alejandro Flores-Lamas, Matthew Hague, Zhilei Han, Denghang Hu, Shuanglong Kan, Anthony Widjaja Lin, Philipp Rümmer, and Zhilin Wu. 2021. Solving String Constraints With Regex-Dependent Functions Through Transducers With Priorities And Variables. CoRR abs/2111.04298(2021).Google Scholar
- Taolue Chen, Matthew Hague, Anthony W. Lin, Philipp Rümmer, and Zhilin Wu. 2019. Decision procedures for path feasibility of string-manipulating programs with complex operations. Proc. ACM Program. Lang. 3, POPL (2019). https://doi.org/10.1145/3290362Google ScholarDigital Library
- Peter Chini, Jonathan Kolberg, Andreas Krebs, Roland Meyer, and Prakash Saivasan. 2017. On the Complexity of Bounded Context Switching. In 25th Annual European Symposium on Algorithms, ESA 2017, September 4-6, 2017, Vienna, Austria(LIPIcs, Vol. 87), Kirk Pruhsand Christian Sohler (Eds.). Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPIcs.ESA.2017.27Google Scholar
- Vijay Ganesh, Mia Minnes, Armando Solar-Lezama, and Martin C. Rinard. 2012. Word Equations with Length Constraints: What’s Decidable?. In Hardware and Software: Verification and Testing - 8th International Haifa Verification Conference, HVC 2012, Haifa, Israel, November 6-8, 2012. Revised Selected Papers(Lecture Notes in Computer Science, Vol. 7857), Armin Biere, Amir Nahir, and Tanja E. J. Vos (Eds.). Springer. https://doi.org/10.1007/978-3-642-39611-3_21Google ScholarDigital Library
- Michael R. Garey and David S. Johnson. 1990. Computers and Intractability; A Guide to the Theory of NP-Completeness. W. H. Freeman & Co., USA.Google Scholar
- Lukás Holík, Petr Janku, Anthony W. Lin, Philipp Rümmer, and Tomás Vojnar. 2018. String constraints with concatenation and transducers solved efficiently. Proc. ACM Program. Lang. 2, POPL (2018). https://doi.org/10.1145/3158092Google ScholarDigital Library
- John E. Hopcroft, Rajeev Motwani, and Jeffrey D. Ullman. 2006. Introduction to Automata Theory, Languages, and Computation (3rd Edition). Addison-Wesley Longman Publishing Co., Inc., USA.Google ScholarDigital Library
- Shuanglong Kan, Anthony Widjaja Lin, Philipp Rümmer, and Micha Schrader. 2022. CertiStr: a certified string solver. In CPP ’22: 11th ACM SIGPLAN International Conference on Certified Programs and Proofs, Philadelphia, PA, USA, January 17 - 18, 2022, Andrei Popescu and Steve Zdancewic (Eds.). ACM. https://doi.org/10.1145/3497775.3503691Google ScholarDigital Library
- Adam Kiezun, Vijay Ganesh, Shay Artzi, Philip J. Guo, Pieter Hooimeijer, and Michael D. Ernst. 2013. HAMPI: A Solver for Word Equations over Strings, Regular Expressions, and Context-Free Grammars. ACM Trans. Softw. Eng. Methodol. 21, 4, Article 25 (feb 2013).Google Scholar
- Tianyi Liang, Andrew Reynolds, Nestan Tsiskaridze, Cesare Tinelli, Clark Barrett, and Morgan Deters. 2016. An Efficient SMT Solver for String Constraints. Form. Methods Syst. Des. 48, 3 (2016). https://doi.org/10.1007/s10703-016-0247-6Google ScholarDigital Library
- Anthony Widjaja Lin and Pablo Barceló. 2016. String solving with word equations and transducers: towards a logic for analysing mutation XSS. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, January 20 - 22, 2016, Rastislav Bodík and Rupak Majumdar (Eds.). ACM, 123–136. https://doi.org/10.1145/2837614.2837641Google ScholarDigital Library
- G S Makanin. 1977. The problem of solvability of equations in a free smigroup. Mathematics of the USSR-Sbornik 32(2) (1977). https://doi.org/10.1070/SM1977v032n02ABEH002376Google Scholar
- Yu. V. Matiyasevich. 1968. A connection between systems of words-and-lengths equations and Hilbert’s tenth problem. Studies in constructive mathematics and mathematical logic. Part II,Zap. Nauchn. Sem. LOMI 8(1968). https://doi.org/10.1070/SM1977v032n02ABEH002376Google Scholar
- Wojciech Plandowski. 1999. Satisfiability of Word Equations with Constants is in PSPACE. In 40th Annual Symposium on Foundations of Computer Science, FOCS ’99, 17-18 October, 1999, New York, NY, USA. IEEE Computer Society, 495–500. https://doi.org/10.1109/SFFCS.1999.814622Google ScholarCross Ref
- Wojciech Plandowski. 2006. An efficient algorithm for solving word equations. In Proceedings of the 38th Annual ACM Symposium on Theory of Computing, Seattle, WA, USA, May 21-23, 2006, Jon M. Kleinberg (Ed.). ACM. https://doi.org/10.1145/1132516.1132584Google ScholarDigital Library
- Sooel Son, Kathryn S. McKinley, and Vitaly Shmatikov. 2013. Diglossia: Detecting Code Injection Attacks with Precision and Efficiency. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security(CCS ’13). Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/2508859.2516696Google ScholarDigital Library
- Minh-Thai Trinh, Duc-Hiep Chu, and Joxan Jaffar. 2014. S3: A Symbolic String Solver for Vulnerability Detection in Web Applications. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014, Gail-Joon Ahn, Moti Yung, and Ninghui Li (Eds.). ACM. https://doi.org/10.1145/2660267.2660372Google ScholarDigital Library
- Minh-Thai Trinh, Duc-Hiep Chu, and Joxan Jaffar. 2016. Progressive Reasoning over Recursively-Defined Strings. In Computer Aided Verification - 28th International Conference, CAV 2016, Toronto, ON, Canada, July 17-23, 2016, Proceedings, Part I(Lecture Notes in Computer Science, Vol. 9779), Swarat Chaudhuri and Azadeh Farzan (Eds.). Springer. https://doi.org/10.1007/978-3-319-41528-4_12Google Scholar
- Tsu-Yang Wu, Jeng-Shyang Pan, Chien-Ming Chen, and Chun-Wei Lin. 2015. Towards SQL Injection Attacks Detection Mechanism Using Parse Tree. In Genetic and Evolutionary Computing, Hui Sun, Chin-Yu Yang, Chun-Wei Lin, Jeng-Shyang Pan, Vaclav Snasel, and Ajith Abraham (Eds.). Springer International Publishing. https://doi.org/10.1007/978-3-319-12286-1_38Google Scholar
Recommendations
What is decidable about string constraints with the ReplaceAll function
The theory of strings with concatenation has been widely argued as the basis of constraint solving for verifying string-manipulating programs. However, this theory is far from adequate for expressing many string constraints that are also needed in ...
Chain-Free String Constraints
Automated Technology for Verification and AnalysisAbstractWe address the satisfiability problem for string constraints that combine relational constraints represented by transducers, word equations, and string length constraints. This problem is undecidable in general. Therefore, we propose a new ...
HAMPI: a solver for string constraints
ISSTA '09: Proceedings of the eighteenth international symposium on Software testing and analysisMany automatic testing, analysis, and verification techniques for programs can be effectively reduced to a constraint generation phase followed by a constraint-solving phase. This separation of concerns often leads to more effective and maintainable ...
Comments