Logical characterizations of heap abstractions

Authors:
Greta Yorsh;Thomas Reps;Mooly Sagiv;Reinhard Wilhelm
Affiliations:
Tel-Aviv University, Tel-Aviv, Israel;University of Wisconsin, Madison, WI;Tel-Aviv University, Tel-Aviv, Israel;Universität des Saarlandes, Saarbrücken, Germany
Venue:
ACM Transactions on Computational Logic (TOCL)
Year:
2007

Citing 33
Cited 11

Analysis of pointers and structures

PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
Parallelizing programs with recursive data structures

Parallelizing programs with recursive data structures
Abstractions for recursive pointer data structures: improving the analysis and transformation of imperative programs

PLDI '92 Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation
Binding-time analysis and the taming of C pointers

PEPM '93 Proceedings of the 1993 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Graph types

POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model checking and abstraction

ACM Transactions on Programming Languages and Systems (TOPLAS)
Points-to analysis in almost linear time

POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fast and accurate flow-insensitive points-to analysis

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Shape types

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Solving shape-analysis problems in languages with destructive updating

ACM Transactions on Programming Languages and Systems (TOPLAS)
Partial online cycle elimination in inclusion constraint graphs

PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Parametric shape analysis via 3-valued logic

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Projection merging: reducing redundancies in inclusion constraint graphs

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Putting static analysis to work for verification: A case study

Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis
Unification-based pointer analysis with directional assignments

PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Verifying safety properties of concurrent Java programs using 3-valued logic

POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The pointer assertion logic engine

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Role analysis

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Deriving specialized program analyses for certifying component-client conformance

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Parametric shape analysis via 3-valued logic

ACM Transactions on Programming Languages and Systems (TOPLAS)
Principles of Program Analysis

Principles of Program Analysis
A flexible approach to interprocedural data flow analysis and programs with recursive data structures

POPL '82 Proceedings of the 9th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Parallelizing Programs with Recursive Data Structures

IEEE Transactions on Parallel and Distributed Systems
Mona: Monadic Second-Order Logic in Practice

TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On the Expressiveness of 3-Valued Models

VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
TVLA: A System for Implementing Static Analyses

SAS '00 Proceedings of the 7th International Symposium on Static Analysis
Counterexample-Guided Abstraction Refinement

CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Verifying safety properties using separation and heterogeneous abstractions

Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Logical characterizations of heap abstractions

ACM Transactions on Computational Logic (TOCL)
Establishing local temporal heap safety properties with applications to compile-time memory management

SAS'03 Proceedings of the 10th international conference on Static analysis
Hob: a tool for verifying data structure consistency

CC'05 Proceedings of the 14th international conference on Compiler Construction

Logical characterizations of heap abstractions

ACM Transactions on Computational Logic (TOCL)
Verification of Boolean programs with unbounded thread creation

Theoretical Computer Science
Abstraction Refinement for Quantified Array Assertions

SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Finite differencing of logical formulas for static analysis

ACM Transactions on Programming Languages and Systems (TOPLAS)
An appreciation of the work of Reinhard Wilhelm

Program analysis and compilation, theory and practice
Refinement-based verification for possibly-cyclic lists

Program analysis and compilation, theory and practice
An overview of the Jahob analysis system: project goals and current status

IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Automated verification of the deutsch-schorr-waite tree-traversal algorithm

SAS'06 Proceedings of the 13th international conference on Static Analysis
Lazy shape analysis

CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Field constraint analysis

VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
Sound and complete abstract graph transformation

SBMF'11 Proceedings of the 14th Brazilian conference on Formal Methods: foundations and Applications

Quantified Score

Hi-index	0.01

Visualization

Abstract

Shape analysis concerns the problem of determining “shape invariants” for programs that perform destructive updating on dynamically allocated storage. In recent work, we have shown how shape analysis can be performed using an abstract interpretation based on three-valued first-order logic. In that work, concrete stores are finite two-valued logical structures, and the sets of stores that can possibly arise during execution are represented (conservatively) using a certain family of finite three-valued logical structures. In this article, we show how three-valued structures that arise in shape analysis can be characterized using formulas in first-order logic with transitive closure. We also define a nonstandard (“supervaluational”) semantics for three-valued first-order logic that is more precise than a conventional three-valued semantics, and demonstrate that the supervaluational semantics can be implemented using existing theorem provers.