Solving shape-analysis problems in languages with destructive updating
ACM Transactions on Programming Languages and Systems (TOPLAS)
Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
Separation Logic: A Logic for Shared Mutable Data Structures
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
TVLA: A System for Implementing Static Analyses
SAS '00 Proceedings of the 7th International Symposium on Static Analysis
Region-based shape analysis with tracked locations
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Generalised multi-pattern-based verification of programs with linear linked structures
Formal Aspects of Computing
Abstract regular tree model checking of complex dynamic data structures
SAS'06 Proceedings of the 13th international conference on Static Analysis
Symbolic execution with separation logic
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Predicate abstraction and canonical abstraction for singly-linked lists
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Abstraction for shape analysis with fast and precise transformers
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Automatic verification of pointer programs using grammar-based shape analysis
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
BI hyperdoctrines and higher-order separation logic
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Abstraction refinement via inductive learning
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
SAS'05 Proceedings of the 12th international conference on Static Analysis
A local shape analysis based on separation logic
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Back to the future: revisiting precise program verification using SMT solvers
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Relational inductive shape analysis
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Cooperative reasoning for automatic software verification
Proceedings of the second workshop on Automated formal methods
Local Hoare reasoning about DOM
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Scalable Specification and Reasoning: Challenges for Program Logic
Verified Software: Theories, Tools, Experiments
Tutorial on Separation Logic (Invited Tutorial)
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Monotonic Abstraction for Programs with Dynamic Memory Heaps
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Scalable Shape Analysis for Systems Code
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
THOR: A Tool for Reasoning about Shape and Arithmetic
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
Compositional shape analysis by means of bi-abduction
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abductive Inference for Reasoning about Heaps
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Identification of Heap---Carried Data Dependence Via Explicit Store Heap Models
Languages and Compilers for Parallel Computing
ICLP '08 Proceedings of the 24th International Conference on Logic Programming
Sharing analysis of arrays, collections, and recursive structures
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Logic-Based Program Synthesis and Transformation
Automatic Parallelization with Separation Logic
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Identification of logically related heap regions
Proceedings of the 2009 international symposium on Memory management
A Logic-Based Framework for Reasoning about Composite Data Structures
CONCUR 2009 Proceedings of the 20th International Conference on Concurrency Theory
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Automatic Parallelization and Optimization of Programs by Proof Rewriting
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Attacking Large Industrial Code with Bi-abductive Inference
FMICS '09 Proceedings of the 14th International Workshop on Formal Methods for Industrial Critical Systems
Fractional Ownerships for Safe Memory Deallocation
APLAS '09 Proceedings of the 7th Asian Symposium on Programming Languages and Systems
Automatic numeric abstractions for heap-manipulating programs
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Structuring the verification of heap-manipulating programs
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A termination analyzer for Java bytecode based on path-length
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verifying safety properties of concurrent heap-manipulating programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Finite differencing of logical formulas for static analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
An introduction to context logic
WoLLIC'07 Proceedings of the 14th international conference on Logic, language, information and computation
Runtime checking for separation logic
VMCAI'08 Proceedings of the 9th international conference on Verification, model checking, and abstract interpretation
Efficient context-sensitive shape analysis with graph based heap models
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
Non-disjunctive numerical domain for array predicate abstraction
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Improving MPI communication via data type fission
Proceedings of the 19th ACM International Symposium on High Performance Distributed Computing
Statically inferring complex heap, array, and numeric invariants
SAS'10 Proceedings of the 17th international conference on Static analysis
A shape analysis for non-linear data structures
SAS'10 Proceedings of the 17th international conference on Static analysis
Calling context abstraction with shapes
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Extended alias type system using separating implication
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Reasoning about memory layouts
Formal Methods in System Design
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Programs with lists are counter automata
Formal Methods in System Design
Infer: an automatic program verifier for memory safety of C programs
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Separation logic + superposition calculus = heap theorem prover
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
SLAYER: memory safety for systems-level code
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
A specialization calculus for pruning disjunctive predicates to support verification
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Forest automata for verification of heap manipulation
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Bottom-up shape analysis using LISF
ACM Transactions on Programming Languages and Systems (TOPLAS)
Tractable reasoning in a fragment of separation logic
CONCUR'11 Proceedings of the 22nd international conference on Concurrency theory
The complexity of abduction for separated heap abstractions
SAS'11 Proceedings of the 18th international conference on Static analysis
Compositional Shape Analysis by Means of Bi-Abduction
Journal of the ACM (JACM)
Shape analysis of low-level c with overlapping structures
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Shape analysis with reference set relations
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Precise specification of design pattern structure and behaviour
ECMFA'10 Proceedings of the 6th European conference on Modelling Foundations and Applications
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Precise shape analysis using field sensitivity
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Efficient bottom-up heap analysis for symbolic path-based data access summaries
Proceedings of the Tenth International Symposium on Code Generation and Optimization
Sound formal verification of linux's USB BP keyboard driver
NFM'12 Proceedings of the 4th international conference on NASA Formal Methods
Forest automata for verification of heap manipulation
Formal Methods in System Design
Automated termination proofs for Java programs with cyclic data
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Diagnosing abstraction failure for separation logic-based analyses
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
An introduction to data representation synthesis
Communications of the ACM
Predicate abstraction of Java programs with collections
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
A data dependence test based on the projection of paths over shape graphs
Journal of Parallel and Distributed Computing
Shape analysis with structural invariant checkers
SAS'07 Proceedings of the 14th international conference on Static Analysis
Footprint analysis: a shape analysis that discovers preconditions
SAS'07 Proceedings of the 14th international conference on Static Analysis
A theorem prover for Boolean BI
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
FESA: fold- and expand-based shape analysis
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Compositional invariant checking for overlaid and nested linked lists
ESOP'13 Proceedings of the 22nd European conference on Programming Languages and Systems
Predator: a tool for verification of low-level list manipulation
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Natural proofs for structure, data, and separation
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Thresher: precise refutations for heap reachability
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Static analysis of list-manipulating programs via bit-vectors and numerical abstractions
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Local Reasoning for Global Invariants, Part II: Dynamic Boundaries
Journal of the ACM (JACM)
Precise shape analysis using field sensitivity
Innovations in Systems and Software Engineering
The tree width of separation logic with recursive definitions
CADE'13 Proceedings of the 24th international conference on Automated Deduction
Automating separation logic using SMT
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Reachability analysis of program variables
ACM Transactions on Programming Languages and Systems (TOPLAS)
Fissile type analysis: modular checking of almost everywhere invariants
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
A proof system for separation logic with magic wand
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Verification of complex dynamic data tree with mu-calculus
Automated Software Engineering
Software verification with VeriFast: Industrial case studies
Science of Computer Programming
Automatically refining partial specifications for heap-manipulating programs
Science of Computer Programming
| Hi-index | 0.02 |
We propose a shape analysis that adapts to some of the complex composite data structures found in industrial systems-level programs. Examples of such data structures include "cyclic doubly-linked lists of acyclic singly-linked lists", "singly-linked lists of cyclic doubly-linked lists with back-pointers to head nodes", etc. The analysis introduces the use of generic higher-order inductive predicates describing spatial relationships together with a method of synthesizing new parameterized spatial predicates which can be used in combination with the higher-order predicates. In order to evaluate the proposed approach for realistic programs we have performed experiments on examples drawn from device drivers: the analysis proved safety of the data structure manipulation of several routines belonging to an IEEE 1394 (firewire) driver, and also found several previously unknown memory safety bugs.