Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Handbook of theoretical computer science (vol. B)
A safe approximate algorithm for interprocedural aliasing
PLDI '92 Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation
Inferring the equivalence of functional programs that mutate data
Theoretical Computer Science
POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Interprocedural may-alias analysis for pointers: beyond k-limiting
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
LCLint: a tool for using specifications to check code
SIGSOFT '94 Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering
Efficient context-sensitive pointer analysis for C programs
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Semantic models and abstract interpretation techniques for inductive data structures and pointers
PEPM '95 Proceedings of the 1995 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Is it a tree, a DAG, or a cyclic graph? A shape analysis for heap-directed pointers in C
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Solving shape-analysis problems in languages with destructive updating
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Parallelizing Programs with Recursive Data Structures
IEEE Transactions on Parallel and Distributed Systems
Analysis of Dynamic Structures for Efficient Parallel Execution
Proceedings of the 6th International Workshop on Languages and Compilers for Parallel Computing
Flow-Insensitive Interprocedural Alias Analysis in the Presence of Pointers
LCPC '94 Proceedings of the 7th International Workshop on Languages and Compilers for Parallel Computing
Mona: Monadic Second-Order Logic in Practice
TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Graphs and Decidable Transductions Based on Edge Constraints (Extended Abstract)
CAAP '94 Proceedings of the 19th International Colloquium on Trees in Algebra and Programming
Detecting memory errors via static pointer analysis (preliminary experience)
Proceedings of the 1998 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A Domain-Specific Language for Regular Sets of Strings and Trees
IEEE Transactions on Software Engineering
Symbolic pointer analysis for detecting memory leaks
PEPM '00 Proceedings of the 2000 ACM SIGPLAN workshop on Partial evaluation and semantics-based program manipulation
Putting static analysis to work for verification: A case study
Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis
BI as an assertion language for mutable data structures
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The pointer assertion logic engine
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Finding bugs with a constraint solver
Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
A Decidable Logic for Describing Linked Data Structures
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Compile-Time Debugging of C Programs Working on Trees
ESOP '00 Proceedings of the 9th European Symposium on Programming Languages and Systems
Shape Analysis through Predicate Abstraction and Model Checking
VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Computability and Complexity Results for a Spatial Assertion Language for Data Structures
FST TCS '01 Proceedings of the 21st Conference on Foundations of Software Technology and Theoretical Computer Science
Safe Approximation of Data Dependencies in Pointer-Based Structures
LCPC '00 Proceedings of the 13th International Workshop on Languages and Compilers for Parallel Computing-Revised Papers
CIAA '00 Revised Papers from the 5th International Conference on Implementation and Application of Automata
Proving pointer programs in higher-order logic
Information and Computation - Special issue: 19th international conference on automated deduction (CADE-19)
A specification-based approach to reasoning about pointers
SAVCBS '05 Proceedings of the 2005 conference on Specification and verification of component-based systems
A domain-specific language for regular sets of strings and trees
DSL'97 Proceedings of the Conference on Domain-Specific Languages on Conference on Domain-Specific Languages (DSL), 1997
A Perspective on Program Verification
Verified Software: Theories, Tools, Experiments
Reasoning About Sequences of Memory States
LFCS '07 Proceedings of the international symposium on Logical Foundations of Computer Science
Monotonic Abstraction for Programs with Dynamic Memory Heaps
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
CSL '08 Proceedings of the 22nd international workshop on Computer Science Logic
Beyond Shapes: Lists with Ordered Data
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Proving pointer programs in higher-order logic
Information and Computation - Special issue: 19th international conference on automated deduction (CADE-19)
An abstract domain for analyzing heap-manipulating low-level software
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Verifying heap-manipulating programs in an SMT framework
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
A shape analysis for non-linear data structures
SAS'10 Proceedings of the 17th international conference on Static analysis
New algorithm for weak monadic second-order logic on inductive structures
CSL'10/EACSL'10 Proceedings of the 24th international conference/19th annual conference on Computer science logic
BI as an assertion language for mutable data structures
ACM SIGPLAN Notices
Smallfoot: modular automatic assertion checking with separation logic
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Safety and liveness in concurrent pointer programs
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Deciding satisfiability of positive second order joinability formulae
LPAR'06 Proceedings of the 13th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Characterizing provability in BI's pointer logic through resource graphs
LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
A unified memory model for pointers
LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Predicate abstraction and canonical abstraction for singly-linked lists
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Information and Computation
Verifying programs with dynamic 1-selector-linked structures in regular model checking
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
A logic and decision procedure for predicate abstraction of heap-manipulating programs
VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
A decidable fragment of separation logic
FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science
FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science
| Hi-index | 0.00 |
We present a technique for automatic verification of pointer programs based on a decision procedure for the monadic second-order logic on finite strings.We are concerned with a while-fragment of Pascal, which includes recursively-defined pointer structures but excludes pointer arithmetic.We define a logic of stores with interesting basic predicates such as pointer equality, tests for nil pointers, and garbage cells, as well as reachability along pointers.We present a complete decision procedure for Hoare triples based on this logic over loop-free code. Combined with explicit loop invariants, the decision procedure allows us to answer surprisingly detailed questions about small but non-trivial programs. If a program fails to satisfy a certain property, then we can automatically supply an initial store that provides a counterexample.Our technique had been fully and efficiently implemented for linear linked lists, and it extends in principle to tree structures. The resulting system can be used to verify extensive properties of smaller pointer programs and could be particularly useful in a teaching environment.