skip to main content
10.1145/1328438.1328469acmconferencesArticle/Chapter ViewAbstractPublication PagespoplConference Proceedingsconference-collections
research-article

Relational inductive shape analysis

Published:07 January 2008Publication History

ABSTRACT

Shape analyses are concerned with precise abstractions of the heap to capture detailed structural properties. To do so, they need to build and decompose summaries of disjoint memory regions. Unfortunately, many data structure invariants require relations be tracked across disjoint regions, such as intricate numerical data invariants or structural invariants concerning back and cross pointers. In this paper, we identify issues inherent to analyzing relational structures and design an abstract domain that is parameterized both by an abstract domain for pure data properties and by user-supplied specifications of the data structure invariants to check. Particularly, it supports hybrid invariants about shape and data and features a generic mechanism for materializing summaries at the beginning, middle, or end of inductive structures. Around this domain, we build a shape analysis whose interesting components include a pre-analysis on the user-supplied specifications that guides the abstract interpretation and a widening operator over the combined shape and data domain. We then demonstrate our techniques on the proof of preservation of the red-black tree invariants during insertion.

References

  1. Gilad Arnold. Specialized 3-valued logic shape analysis using structure-based refinement and loose embedding. In Static Analysis (SAS), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Josh Berdine, Cristiano Calcagno, Byron Cook, Dino Distefano, Peter W. O'Hearn, Thomas Wies, and Hongseok Yang. Shape analysis for composite data structures. In Computer-Aided Verification (CAV), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bor-Yuh Evan Chang, Xavier Rival, and George C. Necula. Shape analysis with structural invariant checkers. In Static Analysis (SAS), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Shaunak Chatterjee, Shuvendu K. Lahiri, Shaz Qadeer, and Zvonimir Rakamaric. A reachability predicate for analyzing low-level software. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Sigmund Cherem and Radu Rugina. Maintaining doubly-linked list invariants in shape analysis with local reasoning. In Verification, Model Checking, and Abstract Interpretation (VMCAI), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Patrick Cousot. Verification by abstract interpretation. In Verification: Theory and Practice, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  7. Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Principles of Programming Languages (POPL), 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Dino Distefano, Peter W. O'Hearn, and Hongseok Yang. A local shape analysis based on separation logic. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Denis Gopan, Thomas W. Reps, and Shmuel Sagiv. A framework for numeric analysis of array operations. In Principles of Programming Languages (POPL), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Sumit Gulwani and Ashish Tiwari. An abstract domain for analyzing heapmanipulating low-level software. In Computer-Aided Verification (CAV), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Bolei Guo, Neil Vachharajani, and David I. August. Shape analysis with inductive recursion synthesis. In Programming Language Design and Implementation (PLDI), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Michael Karr. Affine relationships among variables of a program. Acta Inf., 6, 1976.Google ScholarGoogle Scholar
  13. Oukseh Lee, Hongseok Yang, and Kwangkeun Yi. Automatic verification of pointer programs using grammar-based shape analysis. In European Symposium on Programming (ESOP), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Tal Lev-Ami, Thomas W. Reps, Shmuel Sagiv, and Reinhard Wilhelm. Putting static analysis to work for verification: A case study. In Software Testing and Analysis (ISSTA), 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Stephen Magill, Josh Berdine, Edmund Clarke, and Byron Cook. Arithmetic strengthening for separation logic based shape analyses. In Static Analysis (SAS), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Scott McPeak and George C. Necula. Data structure specifications via local equality axioms. In Computer-Aided Verification (CAV), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Antoine Mine. The octagon abstract domain. Higher-Order and Symbolic Computation, 19(1), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Anders Møller and Michael I. Schwartzbach. The pointer assertion logic engine. In Programming Language Design and Implementation (PLDI), 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Huu Hai Nguyen, Cristina David, Shengchao Qin, and Wei-Ngan Chin. Automated verification of shape and size properties via separation logic. In Verification, Model Checking, and Abstract Interpretation (VMCAI), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. John C. Reynolds. Separation logic: A logic for shared mutable data structures. In Logic in Computer Science (LICS), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Radu Rugina. Quantitative shape analysis. In Static Analysis (SAS), 2004.Google ScholarGoogle ScholarCross RefCross Ref
  22. Shmuel Sagiv, Thomas W. Reps, and Reinhard Wilhelm. Parametric shape analysis via 3-valued logic. ACM Trans. Program. Lang. Syst., 24(3), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Arnaud Venet. Abstract cofibered domains: Application to the alias analysis of untyped programs. In Static Analysis (SAS), 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Relational inductive shape analysis

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!