Article

Effectively-Propositional Reasoning about Reachability in Linked Data Structures

Authors:

Shachar Itzhaky,

Anindya Banerjee,

Aleksandar Nanevski,

Mooly SagivAuthors Info & Claims

CAV 2013: Proceedings of the 25th International Conference on Computer Aided Verification - Volume 8044

Pages 756 - 772

Published: 13 July 2013 Publication History

Abstract

This paper proposes a novel method of harnessing existing SAT solvers to verify reachability properties of programs that manipulate linked-list data structures. Such properties are essential for proving program termination, correctness of data structure invariants, and other safety properties. Our solution is complete, i.e., a SAT solver produces a counterexample whenever a program does not satisfy its specification. This result is surprising since even first-order theorem provers usually cannot deal with reachability in a complete way, because doing so requires reasoning about transitive closure.

Our result is based on the following ideas: 1 Programmers must write assertions in a restricted logic without quantifier alternation or function symbols. 2 The correctness of many programs can be expressed in such restricted logics, although we explain the tradeoffs. 3 Recent results in descriptive complexity can be utilized to show that every program that manipulates potentially cyclic, singly- and doubly-linked lists and that is annotated with assertions written in this restricted logic, can be verified with a SAT solver.

We implemented a tool atop Z3 and used it to show the correctness of several linked list programs.

References

[1]

SMTLIB: Satisfiability modulo theories library, http://smtlib.cs.uiowa.edu/docs.html

[2]

Technical report, http://www.cs.tau.ac.il/~shachar/dl/tr-2013.pdf

[3]

Bouajjani, A., Dră goi, C., Enea, C., Sighireanu, M.: Accurate invariant checking for programs manipulating lists and arrays with infinite data. In: Chakraborty, S., Mukund, M. eds. ATVA 2012. LNCS, vol. 7561, pp. 167---182. Springer, Heidelberg 2012

Digital Library

[4]

de Moura, L., BjØrner, N.S.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. eds. TACAS 2008. LNCS, vol. 4963, pp. 337---340. Springer, Heidelberg 2008

Digital Library

[5]

Demetrescu, C., Italiano, G.F.: Decremental all-pairs shortest paths. In: Encyclopedia of Algorithms 2008

[6]

Dong, G., Su, J.: Incremental maintenance of recursive views using relational calculus/sql. SIGMOD Record 29, 44---51 2000

Digital Library

[7]

Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: generating compact verification conditions. In: POPL 2001

Digital Library

[8]

Frade, M., Pinto, J.: Verification conditions for source-level imperative programs. Computer Science Review 53, 252---277 2011

Digital Library

[9]

Henriksen, J., Jensen, J., JØrgensen, M., Klarlund, N., Paige, B., Rauhe, T., Sandholm, A.: Mona: Monadic second-order logic in practice. In: Brinksma, E., Steffen, B., Cleaveland, W.R., Larsen, K.G., Margaria, T. eds. TACAS 1995. LNCS, vol. 1019, pp. 89---110. Springer, Heidelberg 1995

Digital Library

[10]

Hesse, W.: Dynamic computational complexity. PhD thesis, Dept. of Computer Science, University of Massachusetts, Amherst, MA 2003

Digital Library

[11]

Immerman, N., Rabinovich, A., Reps, T., Sagiv, M., Yorsh, G.: The boundary between decidability and undecidability for transitive-closure logics. In: Marcinkowski, J., Tarlecki, A. eds. CSL 2004. LNCS, vol. 3210, pp. 160---174. Springer, Heidelberg 2004

[12]

Kautz, H., Selman, B.: Knowledge compilation and theory approximation. J. ACM 432, 193---224 1996

Digital Library

[13]

Lahiri, S.K., Qadeer, S.: Back to the future: revisiting precise program verification using smt solvers. In: POPL 2008

Digital Library

[14]

Lev-Ami, T., Immerman, N., Reps, T.W., Sagiv, M., Srivastava, S., Yorsh, G.: Simulating reachability using first-order logic with applications to verification of linked data structures. Logical Methods in Computer Science 52 2009

[15]

Madhusudan, P., Parlato, G., Qiu, X.: Decidable logics combining heap structures and data. In: POPL 2011

Digital Library

[16]

McCarthy, J.: Towards a mathematical science of computation. In: IFIP Congress, pp. 21---28 1962

[17]

MØller, A., Schwartzbach, M.I.: The pointer assertion logic engine. In: PLDI 2001

Digital Library

[18]

Nelson, G.: Verifying reachability invariants of linked structures. In: POPL 1983

Digital Library

[19]

Piskac, R., de Moura, L.M., BjØrner, N.: Deciding effectively propositional logic using dpll and substitution sets. J. Autom. Reasoning 444, 401---424 2010

Digital Library

[20]

Reps, T.W., Sagiv, M., Loginov, A.: Finite differencing of logical formulas for static analysis. ACM Trans. Program. Lang. Syst. 326 2010

Digital Library

[21]

Rinetzky, N., Bauer, J., Reps, T.W., Sagiv, S., Wilhelm, R.: A semantics for procedure local heaps and its abstractions. In: POPL 2005

Digital Library

[22]

Yorsh, G., Rabinovich, A.M., Sagiv, M., Meyer, A., Bouajjani, A.: A logic of reachable patterns in linked data-structures. J. Log. Algebr. Program 731-2, 111---142 2007

Cited By

Padon OLosa GSagiv MShoham S(2017)Paxos made EPR: decidable reasoning about distributed protocolsProceedings of the ACM on Programming Languages10.1145/31405681:OOPSLA(1-31)Online publication date: 12-Oct-2017
https://dl.acm.org/doi/10.1145/3140568
Papadakis MBernstein GSharma RAiken AHanrahan P(2017)Seam: provably safe local edits on graphsProceedings of the ACM on Programming Languages10.1145/31339021:OOPSLA(1-29)Online publication date: 12-Oct-2017
https://dl.acm.org/doi/10.1145/3133902
Karbyshev ABjørner NItzhaky SRinetzky NShoham S(2017)Property-Directed Inference of Universal Invariants or Proving Their AbsenceJournal of the ACM10.1145/302218764:1(1-33)Online publication date: 29-Mar-2017
https://dl.acm.org/doi/10.1145/3022187
Show More Cited By

Recommendations

Modular reasoning about heap paths via effectively propositional formulas
POPL '14: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

First order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic ...
Modular reasoning about heap paths via effectively propositional formulas
POPL '14

First order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic ...
Symbolic backward reachability with effectively propositional logic

We describe a symbolic procedure for solving the reachability problem of transition systems that use formulae of Effectively Propositional Logic to represent sets of backward reachable states. We discuss the key ideas for the mechanization of the ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

CAV 2013: Proceedings of the 25th International Conference on Computer Aided Verification - Volume 8044

July 2013

1012 pages

ISBN:9783642397981

Editors:
Natasha Sharygina
University of Lugano, Lugano, Switzerland
,
Helmut Veith
University of Technology, Vienna, Austria

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 13 July 2013

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Padon OLosa GSagiv MShoham S(2017)Paxos made EPR: decidable reasoning about distributed protocolsProceedings of the ACM on Programming Languages10.1145/31405681:OOPSLA(1-31)Online publication date: 12-Oct-2017
https://dl.acm.org/doi/10.1145/3140568
Papadakis MBernstein GSharma RAiken AHanrahan P(2017)Seam: provably safe local edits on graphsProceedings of the ACM on Programming Languages10.1145/31339021:OOPSLA(1-29)Online publication date: 12-Oct-2017
https://dl.acm.org/doi/10.1145/3133902
Karbyshev ABjørner NItzhaky SRinetzky NShoham S(2017)Property-Directed Inference of Universal Invariants or Proving Their AbsenceJournal of the ACM10.1145/302218764:1(1-33)Online publication date: 29-Mar-2017
https://dl.acm.org/doi/10.1145/3022187
Padon OImmerman NShoham SKarbyshev ASagiv M(2016)Decidability of inferring inductive invariantsACM SIGPLAN Notices10.1145/2914770.283764051:1(217-231)Online publication date: 11-Jan-2016
https://dl.acm.org/doi/10.1145/2914770.2837640
Padon OImmerman NShoham SKarbyshev ASagiv MBodik RMajumdar R(2016)Decidability of inferring inductive invariantsProceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages10.1145/2837614.2837640(217-231)Online publication date: 11-Jan-2016
https://dl.acm.org/doi/10.1145/2837614.2837640
David CKroening DLewis M(2015)Propositional Reasoning about Safety and Termination of Heap-Manipulating ProgramsProceedings of the 24th European Symposium on Programming on Programming Languages and Systems - Volume 903210.1007/978-3-662-46669-8_27(661-684)Online publication date: 11-Apr-2015
https://dl.acm.org/doi/10.1007/978-3-662-46669-8_27
Pek EQiu XMadhusudan P(2014)Natural proofs for data structure manipulation in C using separation logicACM SIGPLAN Notices10.1145/2666356.259432549:6(440-451)Online publication date: 9-Jun-2014
https://dl.acm.org/doi/10.1145/2666356.2594325
Pek EQiu XMadhusudan PO'Boyle MPingali K(2014)Natural proofs for data structure manipulation in C using separation logicProceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/2594291.2594325(440-451)Online publication date: 9-Jun-2014
https://dl.acm.org/doi/10.1145/2594291.2594325
Itzhaky SBanerjee AImmerman NLahav ONanevski ASagiv M(2014)Modular reasoning about heap paths via effectively propositional formulasACM SIGPLAN Notices10.1145/2578855.253585449:1(385-396)Online publication date: 8-Jan-2014
https://dl.acm.org/doi/10.1145/2578855.2535854
Itzhaky SBanerjee AImmerman NLahav ONanevski ASagiv MJagannathan SSewell P(2014)Modular reasoning about heap paths via effectively propositional formulasProceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages10.1145/2535838.2535854(385-396)Online publication date: 11-Jan-2014
https://dl.acm.org/doi/10.1145/2535838.2535854
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents