Automatic verification of pointer programs using monadic second-order logic
Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
A Computing Procedure for Quantification Theory
Journal of the ACM (JACM)
Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
Automatic verification of parameterized networks of processes
Theoretical Computer Science
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Predicate abstraction for software verification
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
The Science of Programming
Computer-Aided Reasoning: An Approach
Computer-Aided Reasoning: An Approach
Verifying reachability invariants of linked structures
POPL '83 Proceedings of the 10th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Decidable Logic for Describing Linked Data Structures
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Comparing the Galois Connection and Widening/Narrowing Approaches to Abstract Interpretation
PLILP '92 Proceedings of the 4th International Symposium on Programming Language Implementation and Logic Programming
Incremental Verification by Abstraction
TACAS 2001 Proceedings of the 7th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
Relative Completeness of Abstraction Refinement for Software Model Checking
TACAS '02 Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
TVLA: A System for Implementing Static Analyses
SAS '00 Proceedings of the 7th International Symposium on Static Analysis
Interprocedural Shape Analysis for Recursive Programs
CC '01 Proceedings of the 10th International Conference on Compiler Construction
Construction of Abstract State Graphs with PVS
CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Experience with Predicate Abstraction
CAV '99 Proceedings of the 11th International Conference on Computer Aided Verification
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Syntactic Program Transformations for Automatic Abstraction
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Proving Pointer Programs in Hoare Logic
MPC '00 Proceedings of the 5th International Conference on Mathematics of Program Construction
Graphs and Decidable Transductions Based on Edge Constraints (Extended Abstract)
CAAP '94 Proceedings of the 19th International Colloquium on Trees in Algebra and Programming
Successive Approximation of Abstract Transition Relations
LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Modular Verification of Software Components in C
IEEE Transactions on Software Engineering
Efficient Verification of Sequential and Concurrent C Programs
Formal Methods in System Design
Verifying properties of well-founded linked lists
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstraction of Graph Transformation Systems by Temporal Logic and Its Verification
Verified Software: Theories, Tools, Experiments
Verifying Dynamic Pointer-Manipulating Threads
FM '08 Proceedings of the 15th international symposium on Formal Methods
Abstracting Complex Data Structures by Hyperedge Replacement
ICGT '08 Proceedings of the 4th international conference on Graph Transformations
MLAT: a tool for heap analysis based on predicate abstraction by modal logic
SE '08 Proceedings of the IASTED International Conference on Software Engineering
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
The spotlight principle: on combining process-summarizing state abstractions
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Maintaining doubly-linked list invariants in shape analysis with local reasoning
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Array abstractions from proofs
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Juggrnaut: Graph Grammar Abstraction for Unbounded Heap Structures
Electronic Notes in Theoretical Computer Science (ENTCS)
Shape analysis by predicate abstraction
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Predicate abstraction and canonical abstraction for singly-linked lists
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
A logic and decision procedure for predicate abstraction of heap-manipulating programs
VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
SAS'05 Proceedings of the 12th international conference on Static Analysis
Symbolic execution with abstract subsumption checking
SPIN'06 Proceedings of the 13th international conference on Model Checking Software
Reachability analysis of program variables
IJCAR'12 Proceedings of the 6th international joint conference on Automated Reasoning
Predicate abstraction of Java programs with collections
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Reachability analysis of program variables
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
We propose a new framework, based on predicate abstraction and model checking, for shape analysis of programs. Shape analysis is used to statically collect information -- such as possible reachability and sharing -- about program stores. Rather than use a specialized abstract interpretation based on shape graphs, we instantiate a generic and automated abstraction procedure with shape predicates from a correctness property. This results in a predicate-discovery procedure that identifies predicates relevant for correctness, using an analysis based on weakest preconditions, and creates a finite state abstract program. The correctness property is then checked on the abstraction with a model checking tool. To enable this process, we calculate weakest preconditions for common shape properties, and present heuristics for accelerating convergence. Exploring abstract state spaces with model checkers enables one to tap into a wealth of techniques and highly optimized implementations for state space exploration, and to analyze properties that go beyond invariances. We illustrate this simple and flexible framework with the analysis of some "classical" list manipulation programs, using our implementation of the abstraction algorithm, and the SPIN and COSPAN model checkers for state space exploration.