A semantics for procedure local heaps and its abstractions

RinetzkyNoam,; BauerJörg,; RepsThomas,; SagivMooly,; WilhelmReinhard,

doi:10.1145/1047659.1040330

Cited by 29 publications

(58 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Formula (8) is in AF R . In terms of [21], this means that we assume that the procedure is cutpoint free. We can also generate an AF R summary for a program with fixed number of cutpoints, as is done in Section 5.…”

Section: Expressivity Of Af Rmentioning

confidence: 99%

Effectively-Propositional Reasoning about Reachability in Linked Data Structures

Itzhaky

Banerjee

Immerman

et al. 2013

Computer Aided Verification

Self Cite

View full text Add to dashboard Cite

Abstract. This paper proposes a novel method of harnessing existing SAT solvers to verify reachability properties of programs that manipulate linked-list data structures. Such properties are essential for proving program termination, correctness of data structure invariants, and other safety properties. Our solution is complete, i.e., a SAT solver produces a counterexample whenever a program does not satisfy its specification. This result is surprising since even first-order theorem provers usually cannot deal with reachability in a complete way, because doing so requires reasoning about transitive closure. Our result is based on the following ideas: (1) Programmers must write assertions in a restricted logic without quantifier alternation or function symbols. (2) The correctness of many programs can be expressed in such restricted logics, although we explain the tradeoffs. (3) Recent results in descriptive complexity can be utilized to show that every program that manipulates potentially cyclic, singly-and doubly-linked lists and that is annotated with assertions written in this restricted logic, can be verified with a SAT solver. We implemented a tool atop Z3 and used it to show the correctness of several linked list programs.

show abstract

Section: Expressivity Of Af Rmentioning

confidence: 99%

Effectively-Propositional Reasoning about Reachability in Linked Data Structures

Itzhaky

Banerjee

Immerman

et al. 2013

Computer Aided Verification

Self Cite

View full text Add to dashboard Cite

show abstract

“…We expose only the callee reachable portion of the caller's heap when analyzing a callee method, similar to previous work [17,18] but with extensions to accommodate reachability properties. A summary of the transform follows: i) Compute the portion of the heap that is reachable from the callee.…”

Section: Interprocedural Analysismentioning

confidence: 99%

Using Disjoint Reachability for Parallelization

Jenista

Eom

Demsky

2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We present a disjoint reachability analysis for Java. Our analysis computes extended points-to graphs annotated with reachability states. Each heap node is annotated with a set of reachability states that abstract the reachability of objects represented by the node. The analysis also includes a global pruning step which analyzes a reachability graph to prune imprecise reachability states that cannot be removed with local reasoning alone. We have implemented the analysis and used it to parallelize 9 benchmarks. Our evaluation shows the analysis results are sufficiently precise to parallelize our benchmarks and achieve an average speedup of 16.9×.

show abstract

“…[13] // if y and h are non-NULL, [14] // this will create a cycle [15] if (y != NULL) y->n = h; [16] Two examples of our methodology are depicted in Fig. 11.…”

Section: ] If (?) H = T;mentioning

confidence: 99%

“…The slight modification shown on the right nondeterministically constructs a (cyclic or acyclic) linked list pointed to by x. This is achieved by setting y to point to the last list node on line [8], nondeterministically setting h to point to some list node (or NULL) on line [10], and setting y->n to point to h on line [16] if y is non-NULL (possibly completing a cycle). If h is NULL, the DSC constructs an acyclic list.…”

Section: ] If (?) H = T;mentioning

confidence: 99%

See 1 more Smart Citation

Refinement-Based Verification for Possibly-Cyclic Lists

Loginov

Reps²,

Sagiv

Program Analysis and Compilation, Theory and Practice

Self Cite

View full text Add to dashboard Cite

Abstract. In earlier work, we presented an abstraction-refinement mechanism that was successful in verifying automatically the partial correctness of in-situ list reversal when applied to an acyclic linked list [10]. This paper reports on the automatic verification of the total correctness (partial correctness and termination) of the same list-reversal algorithm, when applied to a possibly-cyclic linked list. A key contribution that made this result possible is an extension of the finitedifferencing technique [14] to enable the maintenance of reachability information for a restricted class of possibly-cyclic data structures, which includes possiblycyclic linked lists.

show abstract

A semantics for procedure local heaps and its abstractions

Cited by 29 publications

References 24 publications

Effectively-Propositional Reasoning about Reachability in Linked Data Structures

Effectively-Propositional Reasoning about Reachability in Linked Data Structures

Using Disjoint Reachability for Parallelization

Refinement-Based Verification for Possibly-Cyclic Lists

Contact Info

Product

Resources

About