The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
Incremental and decremental evaluation of transitive closure by first-order queries
Information and Computation
Efficiency of a Good But Not Linear Set Union Algorithm
Journal of the ACM (JACM)
BI as an assertion language for mutable data structures
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The pointer assertion logic engine
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Dynamic computational complexity
Dynamic computational complexity
A semantics for procedure local heaps and its abstractions
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Preliminary design of JML: a behavioral interface specification language for java
ACM SIGSOFT Software Engineering Notes
Back to the future: revisiting precise program verification using SMT solvers
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Full functional verification of linked data structures
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Scalable Shape Analysis for Systems Code
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Deciding Effectively Propositional Logic Using DPLL and Substitution Sets
Journal of Automated Reasoning
Calling context abstraction with shapes
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Decidable logics combining heap structures and data
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Specification and verification: the Spec# experience
Communications of the ACM
Interprocedural shape analysis with separated heap abstractions
SAS'06 Proceedings of the 13th international conference on Static Analysis
Interprocedural shape analysis for cutpoint-free programs
SAS'05 Proceedings of the 12th international conference on Static Analysis
Accurate invariant checking for programs manipulating lists and arrays with infinite data
ATVA'12 Proceedings of the 10th international conference on Automated Technology for Verification and Analysis
Effectively-Propositional reasoning about reachability in linked data structures
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Automating separation logic using SMT
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Hi-index | 0.00 |
First order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic verification of such programs, even when loop invariants and procedure contracts are specified as formulas in these logics. This paper tackles the problem of procedure-modular verification of reachability properties of heap-manipulating programs using efficient decision procedures that are complete: that is, a SAT solver must generate a counterexample whenever a program does not satisfy its specification. By (a) requiring each procedure modifies a fixed set of heap partitions and creates a bounded amount of heap sharing, and (b) restricting program contracts and loop invariants to use only deterministic paths in the heap, we show that heap reachability updates can be described in a simple manner. The restrictions force program specifications and verification conditions to lie within a fragment of first-order logic with transitive closure that is reducible to effectively propositional logic, and hence facilitate sound, complete and efficient verification. We implemented a tool atop Z3 and report on preliminary experiments that establish the correctness of several programs that manipulate linked data structures.