Refinement-Based Verification for Possibly-Cyclic Lists

Loginov, A. A.; Reps, Thomas; Sagiv, Mooly

doi:10.1007/978-3-540-71322-7_12

Cited by 3 publications

(4 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that we prove termination of the program in Figure 5, which uses trees rather than flavors of lists, and that we support functions. Nevertheless, the results in Loginov et al [2006], Berdine et al [2006], Bouajjani et al [2006], and Brotherston et al [2008] show that termination analysis, tied to a specific data structure, leads to more precise results than does a general approach such as ours. For instance, it proves the termination of the panhandle list reversal, where our analysis fails.…”

Section: Related Workmentioning

confidence: 67%

“…After many years of research, it is mature enough now to apply to Java bytecode [Albert et al 2007a[Albert et al , 2008 and large system code written in the C language, as the TERMINATOR system shows [Cook et al 2006b] (see the detailed discussion in Section 1). Termination of the imperative reversal algorithm of some special kind of cyclic lists, called panhandle lists, is proved in Loginov et al [2006]. A panhandle list is a cyclical list whose starting node is not part of the cycle.…”

Section: Related Workmentioning

confidence: 99%

“…This is normally considered a complex problem of termination analysis and our analysis does not prove its termination. It must be noted that termination has been proved in Loginov et al [2006] through very specific reasonings about the kind of data structure at hand (addition of ad-hoc instrumentation relations), while we aim at a generic and automatic termination analysis. In Bouajjani et al [2006] counters are used to reason about the size of every region between two sharing points in one selector linked data structures, that is, again, linked lists.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

A termination analyzer for Java bytecode based on path-length

Spoto

Mesnard²,

Payet³

2010

ACM Trans. Program. Lang. Syst.

108

121

View full text Add to dashboard Cite

It is important to prove that supposedly terminating programs actually terminate, particularly if those programs must be run on critical systems or downloaded into a client such as a mobile phone. Although termination of computer programs is generally undecidable, it is possible and useful to prove termination of a large, nontrivial subset of the terminating programs. In this article, we present our termination analyzer for sequential Java bytecode, based on a program property called path-length. We describe the analyses which are needed before the path-length can be computed such as sharing, cyclicity, and aliasing. Then we formally define the path-length analysis and prove it correct with respect to a reference denotational semantics of the bytecode. We show that a constraint logic program P CLP can be built from the result of the path-length analysis of a Java bytecode program P and formally prove that if P CLP terminates, then P also terminates. Hence a termination prover for constraint logic programs can be applied to prove the termination of P . We conclude with some discussion of the possibilities and limitations of our approach. Ours is the first existing termination analyzer for Java bytecode dealing with any kind of data structures dynamically allocated on the heap and which does not require any help or annotation on the part of the user.

show abstract

Section: Related Workmentioning

confidence: 67%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A termination analyzer for Java bytecode based on path-length

Spoto

Mesnard²,

Payet³

2010

ACM Trans. Program. Lang. Syst.

108

121

View full text Add to dashboard Cite

show abstract

“…As a consequence, ordering properties are out of the scope of these analyses: for instance, one cannot check or even specify that the reverse of a sorted list is a sorted list. Extensions of shape analysis have been proposed for ordering properties, stability properties, and size properties, in shape graphs [3], in the TVLA approach [11], and in the separation logic approach [12] to cite a few. This paper studies the rather more theoretical issue of the decidability of the satisfiability problem.…”

Section: Introductionmentioning

confidence: 99%

Beyond Shapes: Lists with Ordered Data

Bansal

Brochenin

Lozes

2009

Foundations of Software Science and Computational Structures

View full text Add to dashboard Cite

Abstract. Standard analysis on recursive data structures restrict their attention to shape properties (for instance, a program that manipulates a list returns a list), excluding properties that deal with the actual content of these structures. For instance, these analysis would not establish that the result of merging two ordered lists is an ordered list. Separation logic, one of the prominent framework for these kind of analysis, proposed a heap model that could represent data, but, to our knowledge, no predicate dealing with data has ever been integrated to the logic while preserving decidability. We establish decidability for (first-order) separation logic with a predicate that allows to compare two successive data in a list. We then consider the extension where two data in arbitrary positions may be compared, and establish the undecidability in general. We define a guarded fragment that turns out to be both decidable and sufficiently expressive to prove the preservation of the loop invariant of a standard program merging ordered lists. We finally consider the extension with the magic-wand and prove that, by constrast with the data-free case, even a very restricted use of the magic wand already introduces undecidability.

show abstract

Finite differencing of logical formulas for static analysis

Reps

Sagiv

Loginov

2010

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

This article concerns mechanisms for maintaining the value of an instrumentation relation (also known as a derived relation or view ), defined via a logical formula over core relations, in response to changes in the values of the core relations. It presents an algorithm for transforming the instrumentation relation's defining formula into a relation-maintenance formula that captures what the instrumentation relation's new value should be. The algorithm runs in time linear in the size of the defining formula. The technique applies to program analysis problems in which the semantics of statements is expressed using logical formulas that describe changes to core relation values. It provides a way to obtain values of the instrumentation relations that reflect the changes in core relation values produced by executing a given statement. We present experimental evidence that our technique is an effective one: for a variety of benchmarks, the relation-maintenance formulas produced automatically using our approach yield the same precision as the best available hand-crafted ones.

show abstract

Refinement-Based Verification for Possibly-Cyclic Lists

Cited by 3 publications

References 19 publications

A termination analyzer for Java bytecode based on path-length

A termination analyzer for Java bytecode based on path-length

Beyond Shapes: Lists with Ordered Data

Finite differencing of logical formulas for static analysis

Contact Info

Product

Resources

About