research-article

Relational inductive shape analysis

Authors:

Bor-Yuh Evan Chang,

Xavier RivalAuthors Info & Claims

ACM SIGPLAN Notices, Volume 43, Issue 1

Pages 247 - 260

https://doi.org/10.1145/1328897.1328469

Published: 07 January 2008 Publication History

Abstract

Shape analyses are concerned with precise abstractions of the heap to capture detailed structural properties. To do so, they need to build and decompose summaries of disjoint memory regions. Unfortunately, many data structure invariants require relations be tracked across disjoint regions, such as intricate numerical data invariants or structural invariants concerning back and cross pointers. In this paper, we identify issues inherent to analyzing relational structures and design an abstract domain that is parameterized both by an abstract domain for pure data properties and by user-supplied specifications of the data structure invariants to check. Particularly, it supports hybrid invariants about shape and data and features a generic mechanism for materializing summaries at the beginning, middle, or end of inductive structures. Around this domain, we build a shape analysis whose interesting components include a pre-analysis on the user-supplied specifications that guides the abstract interpretation and a widening operator over the combined shape and data domain. We then demonstrate our techniques on the proof of preservation of the red-black tree invariants during insertion.

References

[1]

Gilad Arnold. Specialized 3-valued logic shape analysis using structure-based refinement and loose embedding. In Static Analysis (SAS), 2006.

Digital Library

[2]

Josh Berdine, Cristiano Calcagno, Byron Cook, Dino Distefano, Peter W. O'Hearn, Thomas Wies, and Hongseok Yang. Shape analysis for composite data structures. In Computer-Aided Verification (CAV), 2007.

Digital Library

[3]

Bor-Yuh Evan Chang, Xavier Rival, and George C. Necula. Shape analysis with structural invariant checkers. In Static Analysis (SAS), 2007.

Digital Library

[4]

Shaunak Chatterjee, Shuvendu K. Lahiri, Shaz Qadeer, and Zvonimir Rakamaric. A reachability predicate for analyzing low-level software. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2007.

Digital Library

[5]

Sigmund Cherem and Radu Rugina. Maintaining doubly-linked list invariants in shape analysis with local reasoning. In Verification, Model Checking, and Abstract Interpretation (VMCAI), 2007.

Digital Library

[6]

Patrick Cousot. Verification by abstract interpretation. In Verification: Theory and Practice, 2003.

[7]

Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Principles of Programming Languages (POPL), 1977.

Digital Library

[8]

Dino Distefano, Peter W. O'Hearn, and Hongseok Yang. A local shape analysis based on separation logic. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2006.

Digital Library

[9]

Denis Gopan, Thomas W. Reps, and Shmuel Sagiv. A framework for numeric analysis of array operations. In Principles of Programming Languages (POPL), 2005.

Digital Library

[10]

Sumit Gulwani and Ashish Tiwari. An abstract domain for analyzing heapmanipulating low-level software. In Computer-Aided Verification (CAV), 2007.

Digital Library

[11]

Bolei Guo, Neil Vachharajani, and David I. August. Shape analysis with inductive recursion synthesis. In Programming Language Design and Implementation (PLDI), 2007.

Digital Library

[12]

Michael Karr. Affine relationships among variables of a program. Acta Inf., 6, 1976.

[13]

Oukseh Lee, Hongseok Yang, and Kwangkeun Yi. Automatic verification of pointer programs using grammar-based shape analysis. In European Symposium on Programming (ESOP), 2005.

Digital Library

[14]

Tal Lev-Ami, Thomas W. Reps, Shmuel Sagiv, and Reinhard Wilhelm. Putting static analysis to work for verification: A case study. In Software Testing and Analysis (ISSTA), 2000.

Digital Library

[15]

Stephen Magill, Josh Berdine, Edmund Clarke, and Byron Cook. Arithmetic strengthening for separation logic based shape analyses. In Static Analysis (SAS), 2007.

Digital Library

[16]

Scott McPeak and George C. Necula. Data structure specifications via local equality axioms. In Computer-Aided Verification (CAV), 2005.

Digital Library

[17]

Antoine Mine. The octagon abstract domain. Higher-Order and Symbolic Computation, 19(1), 2006.

Digital Library

[18]

Anders Møller and Michael I. Schwartzbach. The pointer assertion logic engine. In Programming Language Design and Implementation (PLDI), 2001.

Digital Library

[19]

Huu Hai Nguyen, Cristina David, Shengchao Qin, and Wei-Ngan Chin. Automated verification of shape and size properties via separation logic. In Verification, Model Checking, and Abstract Interpretation (VMCAI), 2007.

Digital Library

[20]

John C. Reynolds. Separation logic: A logic for shared mutable data structures. In Logic in Computer Science (LICS), 2002.

Digital Library

[21]

Radu Rugina. Quantitative shape analysis. In Static Analysis (SAS), 2004.

[22]

Shmuel Sagiv, Thomas W. Reps, and Reinhard Wilhelm. Parametric shape analysis via 3-valued logic. ACM Trans. Program. Lang. Syst., 24(3), 2002.

Digital Library

[23]

Arnaud Venet. Abstract cofibered domains: Application to the alias analysis of untyped programs. In Static Analysis (SAS), 1996.

Digital Library

Cited By

Dardinier TMüller PSummers A(2022)Fractional resources in unbounded separation logicProceedings of the ACM on Programming Languages10.1145/35633266:OOPSLA2(1066-1092)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563326
Al-Sibahi AJensen TDimovski AWąsowski A(2021)Verification of Program Transformations with Inductive Refinement TypesACM Transactions on Software Engineering and Methodology10.1145/340980530:1(1-33)Online publication date: 20-Jan-2021
https://dl.acm.org/doi/10.1145/3409805
Illous HLemerre MRival X(2021)A relational shape abstract domainFormal Methods in System Design10.1007/s10703-021-00366-4Online publication date: 24-Apr-2021
https://doi.org/10.1007/s10703-021-00366-4
Show More Cited By

Index Terms

Relational inductive shape analysis

Recommendations

Relational inductive shape analysis
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Shape analyses are concerned with precise abstractions of the heap to capture detailed structural properties. To do so, they need to build and decompose summaries of disjoint memory regions. Unfortunately, many data structure invariants require ...
Calling context abstraction with shapes
POPL '11: Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Interprocedural program analysis is often performed by computing procedure summaries. While possible, computing adequate summaries is difficult, particularly in the presence of recursive procedures. In this paper, we propose a complementary framework ...
Calling context abstraction with shapes
POPL '11

Interprocedural program analysis is often performed by computing procedure summaries. While possible, computing adequate summaries is difficult, particularly in the presence of recursive procedures. In this paper, we propose a complementary framework ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 43, Issue 1

POPL '08

January 2008

420 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/1328897

Issue’s Table of Contents

POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
January 2008
448 pages
ISBN:9781595936899
DOI:10.1145/1328438
General Chair:
George Necula
University of California, Berkeley
,
Program Chair:
Philip Wadler
University of Edinburgh

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 January 2008

Published in SIGPLAN Volume 43, Issue 1

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

158
Total Citations
View Citations
632
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dardinier TMüller PSummers A(2022)Fractional resources in unbounded separation logicProceedings of the ACM on Programming Languages10.1145/35633266:OOPSLA2(1066-1092)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563326
Al-Sibahi AJensen TDimovski AWąsowski A(2021)Verification of Program Transformations with Inductive Refinement TypesACM Transactions on Software Engineering and Methodology10.1145/340980530:1(1-33)Online publication date: 20-Jan-2021
https://dl.acm.org/doi/10.1145/3409805
Illous HLemerre MRival X(2021)A relational shape abstract domainFormal Methods in System Design10.1007/s10703-021-00366-4Online publication date: 24-Apr-2021
https://doi.org/10.1007/s10703-021-00366-4
Illous HLemerre MRival X(2021)Interprocedural Shape Analysis Using Separation Logic-Based Transformer SummariesStatic Analysis10.1007/978-3-030-65474-0_12(248-273)Online publication date: 13-Jan-2021
https://doi.org/10.1007/978-3-030-65474-0_12
Al-Sibahi AJensen TMøgelberg RWąsowski A(2020)Galois Connections for Recursive TypesFrom Lambda Calculus to Cybersecurity Through Program Analysis10.1007/978-3-030-41103-9_4(105-131)Online publication date: 15-Feb-2020
https://doi.org/10.1007/978-3-030-41103-9_4
Tatsuta MNakazawa KKimura D(2019)Completeness of Cyclic Proofs for Symbolic Heaps with Inductive DefinitionsProgramming Languages and Systems10.1007/978-3-030-34175-6_19(367-387)Online publication date: 18-Nov-2019
https://doi.org/10.1007/978-3-030-34175-6_19
Corradini AHeindel TKönig BNolte DRensink A(2019)Rewriting Abstract Structures: Materialization Explained CategoricallyFoundations of Software Science and Computation Structures10.1007/978-3-030-17127-8_10(169-188)Online publication date: 5-Apr-2019
https://doi.org/10.1007/978-3-030-17127-8_10
Cauderlier RSighireanu M(2018)A Verified Implementation of the Bounded List ContainerTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-319-89960-2_10(172-189)Online publication date: 12-Apr-2018
https://doi.org/10.1007/978-3-319-89960-2_10
Liu JRival X(2017)An array content static analysis based on non-contiguous partitionsComputer Languages, Systems & Structures10.1016/j.cl.2016.01.00547(104-129)Online publication date: Jan-2017
https://doi.org/10.1016/j.cl.2016.01.005
Illous HLemerre MRival X(2017)A Relational Shape Abstract DomainNASA Formal Methods10.1007/978-3-319-57288-8_15(212-229)Online publication date: 9-Apr-2017
https://doi.org/10.1007/978-3-319-57288-8_15
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents