The pointer assertion logic engine
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
Separation Logic: A Logic for Shared Mutable Data Structures
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Automated Verification of Concurrent Linked Lists with Counters
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
TReX: A Tool for Reachability Analysis of Complex Systems
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Storeless semantics and alias logic
Proceedings of the 2003 ACM SIGPLAN workshop on Partial evaluation and semantics-based program manipulation
Termination analysis of integer linear loops
CONCUR 2005 - Concurrency Theory
Variance analyses from invariance analyses
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Monotonic Abstraction for Programs with Dynamic Memory Heaps
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Scalable Shape Analysis for Systems Code
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Pattern-Based Verification of Programs with Extended Linear Linked Data Structures
Electronic Notes in Theoretical Computer Science (ENTCS)
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Verifying temporal heap properties specified via evolution logic
ESOP'03 Proceedings of the 12th European conference on Programming
Shape analysis for composite data structures
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Abstract regular tree model checking of complex dynamic data structures
SAS'06 Proceedings of the 13th international conference on Static Analysis
Automated verification of the deutsch-schorr-waite tree-traversal algorithm
SAS'06 Proceedings of the 13th international conference on Static Analysis
Shape analysis by predicate abstraction
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Predicate abstraction and canonical abstraction for singly-linked lists
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Automatic termination proofs for programs with shape-shifting heaps
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Programs with lists are counter automata
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Verifying programs with dynamic 1-selector-linked structures in regular model checking
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Automatic verification of pointer programs using grammar-based shape analysis
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Abstraction refinement for termination
SAS'05 Proceedings of the 12th international conference on Static Analysis
Automatic verification of parameterized data structures
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
A local shape analysis based on separation logic
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Static analysis of list-manipulating programs via bit-vectors and numerical abstractions
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Hi-index | 0.00 |
We address the problem of verifying programs manipulating one-selector linked data structures. We propose and study in detail an application of counter automata as an accurate abstract model for this problem. We let control states of the counter automata correspond to abstract heap graphs where list segments without sharing are collapsed, and use counters to keep track of the number of elements in these segments. As a significant theoretical result, we show that the obtained counter automata are bisimilar to the original programs. Moreover, from a practical point of view, our translation allows one to apply efficient automatic analysis techniques and tools developed for counter automata (integer programs) in order to verify both safety as well as termination of list-manipulating programs. As another theoretical contribution, we prove that if the control of the generated counter automata does not contain nested loops (i.e., these automata are flat), both safety and termination are decidable for the original programs. Subsequently, we generalise our counter-automata-based model to keep track of ordering properties over lists storing ordered data. Finally, we show effectiveness of our approach by verifying automatically safety as well as termination of several sorting programs.