The pointer assertion logic engine
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
Separation Logic: A Logic for Shared Mutable Data Structures
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Shape analysis with inductive recursion synthesis
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Full functional verification of linked data structures
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Monotonic Abstraction for Programs with Dynamic Memory Heaps
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Scalable Shape Analysis for Systems Code
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Compositional shape analysis by means of bi-abduction
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract Regular Tree Model Checking
Electronic Notes in Theoretical Computer Science (ENTCS)
Automated verification of shape and size properties via separation logic
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Shape analysis for composite data structures
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Computing simulations over tree automata: efficient techniques for reducing tree automata
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Decidable logics combining heap structures and data
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract regular tree model checking of complex dynamic data structures
SAS'06 Proceedings of the 13th international conference on Static Analysis
Programs with lists are counter automata
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Automatic verification of parameterized data structures
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Efficient inclusion checking on explicit and semi-symbolic tree automata
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
An easy to use infrastructure for building static analysis tools
EUROCAST'11 Proceedings of the 13th international conference on Computer Aided Systems Theory - Volume Part I
VATA: a library for efficient manipulation of non-deterministic tree automata
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Fully automated shape analysis based on forest automata
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Hi-index | 0.00 |
We consider verification of programs manipulating dynamic linked data structures such as various forms of singly and doubly-linked lists or trees. We consider important properties for this kind of systems like no null-pointer dereferences, absence of garbage, shape properties, etc. We develop a verification method based on a novel use of tree automata to represent heap configurations. A heap is split into several "separated" parts such that each of them can be represented by a tree automaton. The automata can refer to each other allowing the different parts of the heaps to mutually refer to their boundaries. Moreover, we allow for a hierarchical representation of heaps by allowing alphabets of the tree automata to contain other, nested tree automata. Program instructions can be easily encoded as operations on our representation structure. This allows verification of programs based on a symbolic state-space exploration together with refinable abstraction within the so-called abstract regular tree model checking. A motivation for the approach is to combine advantages of automata-based approaches (higher generality and flexibility of the abstraction) with some advantages of separation-logic-based approaches (efficiency). We have implemented our approach and tested it successfully on multiple non-trivial case studies.