ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Parametric shape analysis via 3-valued logic
Full text PdfPdf (1.10 MB)
Source ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 24 ,  Issue 3  (May 2002) table of contents
Pages: 217 - 298  
Year of Publication: 2002
ISSN:0164-0925
Authors
Mooly Sagiv
Thomas Reps
Reinhard Wilhelm
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 23,   Downloads (12 Months): 135,   Citation Count: 51
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/514188.514190
What is a DOI?

ABSTRACT

Shape analysis concerns the problem of determining "shape invariants" for programs that perform destructive updating on dynamically allocated storage. This article presents a parametric framework for shape analysis that can be instantiated in different ways to create different shape-analysis algorithms that provide varying degrees of efficiency and precision. A key innovation of the work is that the stores that can possibly arise during execution are represented (conservatively) using 3-valued logical structures. The framework is instantiated in different ways by varying the predicates used in the 3-valued logic. The class of programs to which a given instantiation of the framework can be applied is not limited a priori (i.e., as in some work on shape analysis, to programs that manipulate only lists, trees, DAGS, etc.); each instantiation of the framework can be applied to any program, but may produce imprecise results (albeit conservative ones) due to the set of predicates employed.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Aiken, A. 1996. Position statement. Prepared for the Programming Languages Working Group of the ACM Workshop on Strategic Directions in Computing Research (Cambridge, Mass, June 14--15, 1996).
 
2
Assmann, U. and Weinhardt, M. 1993. Interprocedural heap analysis for parallelizing imperative programs. In Programming Models For Massively Parallel Computers, W. K. Giloi, S. Jähnichen, and B. D. Shriver, Eds., IEEE Press, Washington, DC, 74--82.
 
3
Bell, J. and Machover, M. 1977. A Course in Mathematical Logic. North-Holland, Amsterdam.
 
4
Michael Benedikt , Thomas W. Reps , Shmuel Sagiv, A Decidable Logic for Describing Linked Data Structures, Proceedings of the 8th European Symposium on Programming Languages and Systems, p.2-19, March 22-28, 1999
 
5
Luca Cardelli , Andrew D. Gordon, Mobile Ambients, Proceedings of the First International Conference on Foundations of Software Science and Computation Structure, p.140-155, March 28-April 04, 1998
6
David R. Chase , Mark Wegman , F. Kenneth Zadeck, Analysis of pointers and structures, Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation, p.296-310, June 1990, White Plains, New York, United States
 
7
Clarke, E. and Jha, S. 1995. Symmetry and induction in model checking. In Computer Science Today: Recent Trends and Developments, J. V. Leeuwen, Ed., Lecture Notes in Computer Science, vol. 1000, Springer-Verlag, New York, 455--470.
 
8
Edmund M. Clarke , Orna Grumberg , Somesh Jha , Yuan Lu , Helmut Veith, Counterexample-Guided Abstraction Refinement, Proceedings of the 12th International Conference on Computer Aided Verification, p.154-169, July 15-19, 2000
 
9
R. L. Constable , S. D. Johnson , C. D. Eichenlaub, An Introduction to the PL/CV2 Programming Logic, Springer-Verlag New York, Inc., Secaucus, NJ, 1982
10
Patrick Cousot , Radhia Cousot, Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints, Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.238-252, January 17-19, 1977, Los Angeles, California  [doi>10.1145/512950.512973]
11
Patrick Cousot , Radhia Cousot, Systematic design of program analysis frameworks, Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.269-282, January 29-31, 1979, San Antonio, Texas  [doi>10.1145/567752.567778]
 
12
Satyaki Das , David L. Dill , Seungjoon Park, Experience with Predicate Abstraction, Proceedings of the 11th International Conference on Computer Aided Verification, p.160-171, July 06-10, 1999
 
13
Deutsch, L. 1973. An interactive program verifier. Ph.D. Thesis, University of California, Berkeley, Calif.
 
14
Edsger Wybe Dijkstra, A Discipline of Programming, Prentice Hall PTR, Upper Saddle River, NJ, 1997
 
15
Jacob Elgaard , Anders Møller , Michael I. Schwartzbach, Compile-Time Debugging of C Programs Working on Trees, Proceedings of the 9th European Symposium on Programming Languages and Systems, p.119-134, April 02, 2000
 
16
E. Allen Emerson , A. Prasad Sistla, Symmetry and Model Checking, Proceedings of the 5th International Conference on Computer Aided Verification, p.463-478, June 28-July 01, 1993
 
17
Ginsberg, M. 1988. Multivalued logics: A uniform approach to inference in artificial intelligence. Comp. Intell. 4, 265--316.
 
18
Susanne Graf , Hassen Saïdi, Construction of Abstract State Graphs with PVS, Proceedings of the 9th International Conference on Computer Aided Verification, p.72-83, June 22-25, 1997
 
19
David Gries, The Science of Programming, Springer-Verlag New York, Inc., Secaucus, NJ, 1987
 
20
Laurie Jane Hendren, Parallelizing programs with recursive data structures, Cornell University, Ithaca, NY, 1990
 
21
L. J. Hendren , A. Nicolau, Parallelizing Programs with Recursive Data Structures, IEEE Transactions on Parallel and Distributed Systems, v.1 n.1, p.35-47, January 1990  [doi>10.1109/71.80123]
22
Laurie J. Hendren , Joseph Hummell , Alexandru Nicolau, Abstractions for recursive pointer data structures: improving the analysis and transformation of imperative programs, Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation, p.249-260, June 15-19, 1992, San Francisco, California, United States
 
23
Hoare, C. 1975. Recursive data structures. Int. J. Comput. Inf. Sci. 4, 2, 105--132.
24
S. Horwitz , P. Pfeiffer , T. Reps, Dependence analysis for pointer variables, Proceedings of the ACM SIGPLAN 1989 Conference on Programming language design and implementation, p.28-40, June 19-23, 1989, Portland, Oregon, United States
25
Jakob L. Jensen , Michael E. Jørgensen , Michael I. Schwartzbach , Nils Klarlund, Automatic verification of pointer programs using monadic second-order logic, Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation, p.226-234, June 16-18, 1997, Las Vegas, Nevada, United States
 
26
Jones, N. and Muchnick, S. 1981. Flow analysis and optimization of Lisp-like structures. In Program Flow Analysis: Theory and Applications, S. Muchnick and N. Jones, Eds., Prentice-Hall, Englewood Cliffs, N.J., Chapter 4, 102--131.
27
Neil D. Jones , Steven S. Muchnick, A flexible approach to interprocedural data flow analysis and programs with recursive data structures, Proceedings of the 9th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.66-74, January 25-27, 1982, Albuquerque, Mexico  [doi>10.1145/582153.582161]
 
28
James Cornelius King, A program verifier, 1970
 
29
Kleene, S. 1987. Introduction to Metamathematics, Second Ed. North-Holland, Amsterdam.
 
30
Kunen, K. 1998. Personal communication.
31
J. R. Larus , P. N. Hilfinger, Detecting conflicts between structure accesses, Proceedings of the ACM SIGPLAN 1988 conference on Programming Language design and Implementation, p.24-31, June 20-24, 1988, Atlanta, Georgia, United States
 
32
Lev-Ami, T. 2000. TVLA: A framework for Kleene based static analysis. M.S. Thesis, Tel-Aviv University, Tel-Aviv, Israel.
 
33
Tal Lev-Ami , Shmuel Sagiv, TVLA: A System for Implementing Static Analyses, Proceedings of the 7th International Symposium on Static Analysis, p.280-301, June 29-July 01, 2000
34
Tal Lev-Ami , Thomas Reps , Mooly Sagiv , Reinhard Wilhelm, Putting static analysis to work for verification: A case study, Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis, p.26-38, August 21-24, 2000, Portland, Oregon, United States
 
35
Lifschitz, V. 1998. Personal communication.
 
36
Morris, J. 1982. Assignment and linked data structures. In Theoretical Foundations of Programming Methodology, M. Broy and G. Schmidt, Eds., D. Reidel, Boston, 35--41.
 
37
Flemming Nielson , Hanne Riis Nielson , Shmuel Sagiv, A Kleene Analysis of Mobile Ambients, Proceedings of the 9th European Symposium on Programming Languages and Systems, p.305-319, April 02, 2000
 
38
John Plevyak , Andrew A. Chien , Vijay Karamcheti, Analysis of Dynamic Structures for Efficient Parallel Execution, Proceedings of the 6th International Workshop on Languages and Compilers for Parallel Computing, p.37-56, August 12-14, 1993
 
39
Noam Rinetzky , Shmuel Sagiv, Interprocedural Shape Analysis for Recursive Programs, Proceedings of the 10th International Conference on Compiler Construction, p.133-149, April 02-06, 2001
40
Mooly Sagiv , Thomas Reps , Reinhard Wilhelm, Solving shape-analysis problems in languages with destructive updating, ACM Transactions on Programming Languages and Systems (TOPLAS), v.20 n.1, p.1-50, Jan. 1998  [doi>10.1145/271510.271517]
41
Mooly Sagiv , Thomas Reps , Reinhard Wilhelm, Parametric shape analysis via 3-valued logic, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.105-118, January 20-22, 1999, San Antonio, Texas, United States  [doi>10.1145/292540.292552]
 
42
Jan Stransky, A lattice for abstract interpretation of dynamic (LISP-like) structures, Information and Computation, v.101 n.1, p.70-102, Nov. 1992  [doi>10.1016/0890-5401(92)90076-R]
 
43
Edward Yan-Bing Wang , Paul N. Hilfinger, Analysis of recursive types in an imperative language, 1994
44
Eran Yahav, Verifying safety properties of concurrent Java programs using 3-valued logic, Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.27-40, January 2001, London, United Kingdom
 
45
Yahav, E., Reps, T., and Sagiv, M. 2001. LTL model checking for systems with unbounded number of dynamically created threads and objects. Tech. Rep. TR-1424, Comp. Sci. Dept., Univ. of Wisconsin, Madison, Wisc. March.

CITED BY  51
Patrick Lam , Viktor Kuncak , Martin Rinard, Generalized typestate checking using set interfaces and pluggable analyses, ACM SIGPLAN Notices, v.39 n.3, March 2004
Denis Gopan , Thomas Reps , Mooly Sagiv, A framework for numeric analysis of array operations, ACM SIGPLAN Notices, v.40 n.1, p.338-350, January 2005
Jianwen Zhu , Silvian Calman, Symbolic pointer analysis revisited, ACM SIGPLAN Notices, v.39 n.6, May 2004
Ondřej Lhoták , Laurie Hendren, Jedd: a BDD-based relational extension of Java, ACM SIGPLAN Notices, v.39 n.6, May 2004
Eran Yahav , G. Ramalingam, Verifying safety properties using separation and heterogeneous abstractions, ACM SIGPLAN Notices, v.39 n.6, May 2004
Brian Hackett , Radu Rugina, Region-based shape analysis with tracked locations, ACM SIGPLAN Notices, v.40 n.1, p.310-323, January 2005
Dierk Johannes , Raimund Seidel , Reinhard Wilhelm, Algorithm animation using shape analysis: visualising abstract executions, Proceedings of the 2005 ACM symposium on Software visualization, May 14-15, 2005, St. Louis, Missouri
Radu Rugina , Martin C. Rinard, Symbolic bounds analysis of pointers, array indices, and accessed memory regions, ACM Transactions on Programming Languages and Systems (TOPLAS), v.27 n.2, p.185-235, March 2005
Noam Rinetzky , Jörg Bauer , Thomas Reps , Mooly Sagiv , Reinhard Wilhelm, A semantics for procedure local heaps and its abstractions, ACM SIGPLAN Notices, v.40 n.1, p.296-309, January 2005
Ranjit Jhala , Rupak Majumdar, Path slicing, ACM SIGPLAN Notices, v.40 n.6, June 2005
Mangala Gowri Nanda , Christian Grothoff , Satish Chandra, Deriving object typestates in the presence of inter-object references, ACM SIGPLAN Notices, v.40 n.10, October 2005
Gregory Kulczycki , Murali Sitaraman , Bruce W. Weide , Atanas Rountev, A specification-based approach to reasoning about pointers, ACM SIGSOFT Software Engineering Notes, v.31 n.2, March 2006
Ran Shaham , Eran Yahav , Elliot K. Kolodner , Mooly Sagiv, Establishing local temporal heap safety properties with applications to compile-time memory management, Science of Computer Programming, v.58 n.1-2, p.264-289, October 2005
Élodie-Jane Sims, Extending separation logic with fixpoints and postponed substitution, Theoretical Computer Science, v.351 n.2, p.258-275, 21 February 2006
Karen Zee , Viktor Kuncak , Martin Rinard, Full functional verification of linked data structures, ACM SIGPLAN Notices, v.43 n.6, June 2008
Stephen J. Fink , Eran Yahav , Nurit Dor , G. Ramalingam , Emmanuel Geay, Effective typestate verification in the presence of aliasing, ACM Transactions on Software Engineering and Methodology (TOSEM), v.17 n.2, p.1-34, April 2008
Stephen Fink , Eran Yahav , Nurit Dor , G. Ramalingam , Emmanuel Geay, Effective typestate verification in the presence of aliasing, Proceedings of the 2006 international symposium on Software testing and analysis, July 17-20, 2006, Portland, Maine, USA
Greta Yorsh , Thomas Reps , Mooly Sagiv , Reinhard Wilhelm, Logical characterizations of heap abstractions, ACM Transactions on Computational Logic (TOCL), v.8 n.1, p.5-es, January 2007
Trishul M. Chilimbi , Vinod Ganapathy, HeapMD: identifying heap-based bugs using anomaly detection, ACM SIGARCH Computer Architecture News, v.34 n.5, December 2006
Gary T. Leavens , Jean-Raymond Abrial , Don Batory , Michael Butler , Alessandro Coglio , Kathi Fisler , Eric Hehner , Cliff Jones , Dale Miller , Simon Peyton-Jones , Murali Sitaraman , Douglas R. Smith , Aaron Stump, Roadmap for enhanced languages and methods to aid verification, Proceedings of the 5th international conference on Generative programming and component engineering, October 22-26, 2006, Portland, Oregon, USA
V. Krishna Nandivada , Suresh Jagannathan, Dynamic state restoration using versioning exceptions, Higher-Order and Symbolic Computation, v.19 n.1, p.101-124, March 2006
Deepak Kapur , Rupak Majumdar , Calogero G. Zarba, Interpolation for data structures, Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering, November 05-11, 2006, Portland, Oregon, USA
Greta Yorsh , Thomas Ball , Mooly Sagiv, Testing, abstraction, theorem proving: better together!, Proceedings of the 2006 international symposium on Software testing and analysis, July 17-20, 2006, Portland, Maine, USA
Antoine Miné, Field-sensitive value analysis of embedded C programs with union types and pointer arithmetics, ACM SIGPLAN Notices, v.41 n.7, July 2006
David L. Heine , Monica S. Lam, Static detection of leaks in polymorphic containers, Proceeding of the 28th international conference on Software engineering, May 20-28, 2006, Shanghai, China
Mana Taghdiri , Robert Seater , Daniel Jackson, Lightweight extraction of syntactic specifications, Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering, November 05-11, 2006, Portland, Oregon, USA
Ju Qian , Baowen Xu , Hongbo Min, Interstatement must aliases for data dependence analysis of heap locations, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, p.17-24, June 13-14, 2007, San Diego, California, USA
Bor-Yuh Evan Chang , Xavier Rival, Relational inductive shape analysis, ACM SIGPLAN Notices, v.43 n.1, January 2008
Paolo Baldan , Andrea Corradini , Barbara König, A framework for the verification of infinite-state graph transformation systems, Information and Computation, v.206 n.7, p.869-907, July, 2008
Martin T. Vechev , Eran Yahav , David F. Bacon , Noam Rinetzky, CGCExplorer: a semi-automated search procedure for provably correct concurrent collectors, ACM SIGPLAN Notices, v.42 n.6, June 2007
Dirk Beyer , Thomas A. Henzinger , Rupak Majumdar , Andrey Rybalchenko, Path invariants, ACM SIGPLAN Notices, v.42 n.6, June 2007
M. Pistoia , S. Chandra , S. J. Fink , E. Yahav, A survey of static analysis methods for identifying security vulnerabilities in software systems, IBM Systems Journal, v.46 n.2, p.265-288, April 2007
Matthew B. Dwyer , John Hatcliff , Robby Robby , Corina S. Pasareanu , Willem Visser, Formal Software Analysis Emerging Trends in Software Model Checking, 2007 Future of Software Engineering, p.120-136, May 23-25, 2007
Patrice Chalin, A Sound Assertion Semantics for the Dependable Systems Evolution Verifying Compiler, Proceedings of the 29th International Conference on Software Engineering, p.23-33, May 20-26, 2007
David Binkley, Source Code Analysis: A Road Map, 2007 Future of Software Engineering, p.104-119, May 23-25, 2007
Mana Taghdiri , Daniel Jackson, Inferring specifications to detect errors in code, Automated Software Engineering, v.14 n.1, p.87-121, March 2007
Guilin Chen , Mahmut Kandemir, Runtime integrity checking for inter-object connections, Proceedings of the 2005 IEEE/ACM International conference on Computer-aided design, p.303-306, November 06-10, 2005, San Jose, CA
Viktor Kuncak , Patrick Lam , Karen Zee , Martin C. Rinard, Modular Pluggable Analyses for Data Structure Consistency, IEEE Transactions on Software Engineering, v.32 n.12, p.988-1005, December 2006
Sigmund Cherem , Radu Rugina, Uniqueness inference for compile-time object deallocation, Proceedings of the 6th international symposium on Memory management, October 21-22, 2007, Montreal, Quebec, Canada
Peter Müller , Arsenii Rudich, Ownership transfer in universe types, ACM SIGPLAN Notices, v.42 n.10, October 2007
Xiaodong Ma , Ji Wang , Wei Dong, Shape Analysis by Refining on Abstract Evaluation Path, Electronic Notes in Theoretical Computer Science (ENTCS), 207, p.137-151, April, 2008
Sumit Gulwani , Tal Lev-Ami , Mooly Sagiv, A combination framework for tracking partition sizes, Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 21-23, 2009, Savannah, GA, USA
Alexey Loginov , Eran Yahav , Satish Chandra , Stephen Fink , Noam Rinetzky , Mangala Nanda, Verifying dereference safety via expanding-scope analysis, Proceedings of the 2008 international symposium on Software testing and analysis, July 20-24, 2008, Seattle, WA, USA
Ciera Jaspan, Checking framework interactions with relationships, Companion to the 23rd ACM SIGPLAN conference on Object oriented programming systems languages and applications, October 19-23, 2008, Nashville, TN, USA
Sascha A. Parduhn , Raimund Seidel , Reinhard Wilhelm, Algorithm visualization using concrete and abstract shape graphs, Proceedings of the 4th ACM symposium on Software visuallization, September 16-17, 2008, Ammersee, Germany
Ondřej Lhoták , Laurie Hendren, Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation, ACM Transactions on Software Engineering and Methodology (TOSEM), v.18 n.1, p.1-53, September 2008
Hyun-Goo Kang , Taisook Han, A bottom-up pointer analysis using the update history, Information and Software Technology, v.51 n.4, p.691-707, April, 2009
Ciera Jaspan , Jonathan Aldrich, Checking semantic usage of frameworks, Proceedings of the 2007 Symposium on Library-Centric Software Design, p.1-10, October 21-21, 2007, Montreal, Canada
Maria Jump , Kathryn S. McKinley, Dynamic shape analysis via degree metrics, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
Nomair A. Naeem , Ondrej Lhoták, Efficient alias set analysis using SSA form, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
Siddharth Srivastava , Neil Immerman , Shlomo Zilberstein, Learning generalized plans using abstract counting, Proceedings of the 23rd national conference on Artificial intelligence, p.991-997, July 13-17, 2008, Chicago, Illinois

INDEX TERMS

Primary Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.5 Testing and Debugging
          Subjects: Symbolic execution

Additional Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.3 Language Constructs and Features
          Subjects: Data types and structures; Dynamic storage management

  E. Data
  E.1 DATA STRUCTURES
      Subjects: Graphs and networks; Lists, stacks, and queues; Trees
  E.2 DATA STORAGE REPRESENTATIONS
      Subjects: Linked representations

  F. Theory of Computation
  F.3 LOGICS AND MEANINGS OF PROGRAMS
      F.3.1 Specifying and Verifying and Reasoning about Programs
          Subjects: Invariants; Assertions


General Terms:
Algorithms, Languages, Theory, Verification


Keywords:
3-valued logic, Abstract interpretation, alias analysis, constraint solving, destructive updating, pointer analysis, shape analysis, static analysis

Collaborative Colleagues:
Mooly Sagiv: colleagues
Thomas Reps: colleagues
Reinhard Wilhelm: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player