Abstract
First order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic verification of such programs, even when loop invariants and procedure contracts are specified as formulas in these logics. This paper tackles the problem of procedure-modular verification of reachability properties of heap-manipulating programs using efficient decision procedures that are complete: that is, a SAT solver must generate a counterexample whenever a program does not satisfy its specification. By (a) requiring each procedure modifies a fixed set of heap partitions and creates a bounded amount of heap sharing, and (b) restricting program contracts and loop invariants to use only deterministic paths in the heap, we show that heap reachability updates can be described in a simple manner. The restrictions force program specifications and verification conditions to lie within a fragment of first-order logic with transitive closure that is reducible to effectively propositional logic, and hence facilitate sound, complete and efficient verification. We implemented a tool atop Z3 and report on preliminary experiments that establish the correctness of several programs that manipulate linked data structures.
Supplemental Material
- M. F. Atig, A. Bouajjani, and S. Qadeer. Context-bounded analysis for concurrent programs with dynamic creation of threads. Logical Methods in Computer Science, 7(4), 2011.Google Scholar
- M. Barnett, M. Fähndrich, K. R. M. Leino, P. Müller, W. Schulte, and H. Venter. Specification and verification: the spec# experience. Commun. ACM, 54(6):81--91, 2011. Google Scholar
Digital Library
- C. Barrett, A. Stump, , and C. Tinelli. SMTLIB: Satisfiability Modulo Theories Library, 2013. http://smtlib.cs.uiowa.edu/docs.html.Google Scholar
- A. Bouajjani, C. Dragoi, C. Enea, and M. Sighireanu. Accurate invariant checking for programs manipulating lists and arrays with infinite data. In ATVA, pages 167--182, 2012. Google Scholar
Digital Library
- G. Dong and J. Su. Incremental and decremental evaluation of transitive closure by first-order queries. Inf. & Comput., 120:101--106, 1995. Google Scholar
Digital Library
- A. Gotsman, J. Berdine, and B. Cook. Interprocedural shape analysis with separated heap abstractions. In SAS, pages 240--260, 2006. Google Scholar
Digital Library
- W. Hesse. Dynamic Computational Complexity. PhD thesis, UMass in Computer Science, June 2003. Google Scholar
Digital Library
- N. Immerman. Descriptive complexity. Graduate texts in computer science. Springer, 1999.Google Scholar
- S. S. Ishtiaq and P. W. O'Hearn. Bi as an assertion language for mutable data structures. In POPL, pages 14--26, 2001. Google Scholar
Digital Library
- S. Itzhaky, A. Banerjee, N. Immerman, O. Lahav, A. Nanevski, and M. Sagiv. Modular reasoning about heap paths via effectively propositional formulas. Technical report, Tel Aviv University, 2013. http://www.cs.tau.ac.il/~shachar/dl/tr 2013b.pdf.Google Scholar
- S. Itzhaky, A. Banerjee, N. Immerman, A. Nanevski, and M. Sagiv. Effectively-propositional reasoning about reachability in linked data structures. In CAV, pages 756--772, 2013. Google Scholar
Digital Library
- S. Itzhaky, A. Banerjee, N. Immerman, A. Nanevski, and M. Sagiv. Effectively-propositional reasoning about reachability in linked data structures. Technical report, Tel Aviv University, 2013. http://www.cs.tau.ac.il/~shachar/dl/tr-2013.pdf.Google Scholar
- S. K. Lahiri and S. Qadeer. Back to the future: revisiting precise program verification using smt solvers. In POPL, pages 171--182, 2008. Google Scholar
Digital Library
- G. T. Leavens, A. L. Baker, and C. Ruby. Preliminary design of JML: a behavioral interface specification language for Java. ACM SIGSOFT Software Engineering Notes, 31(3):1--38, 2006. Google Scholar
Digital Library
- P. Madhusudan, G. Parlato, and X. Qiu. Decidable logics combining heap structures and data. In POPL, pages 611--622. ACM, 2011. Google Scholar
Digital Library
- N. Mitchell, E. Schonberg, and G. Sevitsky. Making sense of large heaps. In ECOOP, pages 77--97, 2009. Google Scholar
Digital Library
- A. Møller and M. I. Schwartzbach. The pointer assertion logic engine. In PLDI, pages 221--231. ACM, 2001. Google Scholar
Digital Library
- R. Piskac, L. M. de Moura, and N. Bjørner. Deciding effectively propositional logic using dpll and substitution sets. J. Autom. Reasoning, 44(4):401--424, 2010. Google Scholar
Digital Library
- R. Piskac, T.Wies, and D. Zufferey. Automating separation logic using smt. In CAV, pages 773--789, 2013. Google Scholar
Digital Library
- T. W. Reps, S. Sagiv, and G. Yorsh. Symbolic implementation of the best transformer. In VMCAI, pages 252--266, 2004.Google Scholar
Cross Ref
- N. Rinetzky, J. Bauer, T. W. Reps, S. Sagiv, and R. Wilhelm. A semantics for procedure local heaps and its abstractions. In POPL, pages 296--309, 2005. Google Scholar
Digital Library
- N. Rinetzky, M. Sagiv, and E. Yahav. Interprocedural shape analysis for cutpoint-free programs. In SAS, pages 284--302, 2005. Google Scholar
Digital Library
- X. Rival and B.-Y. E. Chang. Calling context abstraction with shapes. In POPL, pages 173--186, 2011. Google Scholar
Digital Library
- R. E. Tarjan. Efficiency of a good but not linear set union algorithm. Journal of the ACM, 22(2):215--225, 1975. Google Scholar
Digital Library
- J. Wing. The CMU Larch Project. 1995. URL http://www.cs.cmu.edu/afs/cs/project/larch/www/home.html.Google Scholar
- G. Winskel. The Formal Semantics of Programming Languages: An Introduction. Foundations of Computing Series. Zone Books, U.S., 1993. ISBN 9780262731034. Google Scholar
Digital Library
- H. Yang, O. Lee, J. Berdine, C. Calcagno, B. Cook, D. Distefano, and P. W. O'Hearn. Scalable shape analysis for systems code. In CAV, pages 385--398, 2008. Google Scholar
Digital Library
- G. Yorsh, A. M. Rabinovich, M. Sagiv, A. Meyer, and A. Bouajjani. A logic of reachable patterns in linked data-structures. J. Log. Algebr. Program., 73(1-2):111--142, 2007.Google Scholar
Cross Ref
- K. Zee, V. Kuncak, and M. C. Rinard. Full functional verification of linked data structures. In PLDI, pages 349--361, 2008. Google Scholar
Digital Library
Index Terms
Modular reasoning about heap paths via effectively propositional formulas
Recommendations
Modular reasoning about heap paths via effectively propositional formulas
POPL '14: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming LanguagesFirst order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic ...
Modular verification of heap reachability properties in separation logic
The correctness of many algorithms and data structures depends on reachability properties, that is, on the existence of chains of references between objects in the heap. Reasoning about reachability is difficult for two main reasons. First, any heap ...
Effectively-Propositional Reasoning about Reachability in Linked Data Structures
CAV 2013: Proceedings of the 25th International Conference on Computer Aided Verification - Volume 8044This paper proposes a novel method of harnessing existing SAT solvers to verify reachability properties of programs that manipulate linked-list data structures. Such properties are essential for proving program termination, correctness of data structure ...







Comments