On the Boolean Algebra of Shape Analysis Constraints

On the Boolean Algebra of Shape Analysis Constraints (2003)

Cached

Download Links

by Victor Kuncak , Martin Rinard

Citations:

BibTeX

@MISC{Kuncak03onthe,
    author = {Victor Kuncak and Martin Rinard},
    title = {On the Boolean Algebra of Shape Analysis Constraints},
    year = {2003}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Shape analysis is a promising technique for statically verifying and extracting properties of programs that manipulate complex data structures. We introduce a new characterization of constraints that arise in parametric shape analysis based on manipulation of three-valued structures as dataflow facts. We identify an interesting syntactic class of first-order logic formulas that captures the meaning of three-valued structures under concretization. This class is broader than previously introduced classes, allowing for a greater flexibility in the formulation of shape analysis constraints in program annotations and internal analysis representations. Three-valued structures can be viewed as one possible normal form of the formulas in our class. Moreover, we characterize the meaning of three-valued structures under "tight concretization". We show that the seemingly minor change from concretization to tight concretization increases the expressive power of three-valued structures in such a way that the resulting constraints are closed under all boolean operations. We call the resulting constraints boolean shape analysis constraints. The main technical contribution of this paper is a natural syntactic characterization of boolean shape analysis constraints as arbitrary boolean combinations of first-order sentences of certain form, and an algorithm for transforming such boolean combinations into the normal form that corresponds directly to three-valued structures.

Citations

710	EF: A relational model of data for large shared data banks - Codd - 1998
593	Introduction to Metamathematics - Kleene - 1971
520	H.: Construction of abstract state graphs with PVS - Graf, Saïdi - 1997
465	Parametric Shape Analysis via 3-Valued Logic - Sagiv, Reps, et al. - 1999
464	An Introduction to Database Systems - Date - 1990
360	Analysis of pointers and structures - Chase, Wegman, et al. - 1990
348	S.K.: Automatic predicate abstraction of C programs 36(5 - Ball, Majumdar, et al. - 2001
315	Cousot and Radhia Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints - Patrick - 1977
315	Checking System rules using System-specific, Programmer-written Compiler Extensions - Engler, Chelf, et al. - 2000
281	Solving shape-analysis problems in languages with destructive updating - Sagiv, Reps, et al. - 1998
278	Alloy: a lightweight object modelling notation - Jackson - 2000
242	A static analyzer for finding dynamic programming errors. Software—Practice and Experience - Bush, Pincus, et al. - 2000
237	H.: Local Reasoning about Programs that Alter Data Structures - O’Hearn, Reynolds, et al. - 2001
211	Interprocedural may-alias analysis for pointers: beyond k-limiting - Deutsch - 1994
157	Alias types - Smith, Walker, et al. - 2000
152	Detecting conflicts between structure accesses - Larus, Hilfinger - 1988
148	as an assertion language for mutable data structures - BI - 2001
143	JB, Stata R. Extended static checking for java - Flanagan, KRM, et al. - 2002
136	A static analyzer for large safety-critical software - Blanchet, Cousot, et al. - 2003
128	The pointer assertion logic engine - Møller, Schwartzbach - 2001
128	Alias types for recursive data structures - Walker, Morrisett - 2000
119	Graph Types - Klarlund, Schwartzback - 1993
97	A flexible approach to interprocedural data flow analysis and programs with recursive data structures - Jones, Muchnick - 1982
91	Role analysis - Kuncak, Lam, et al. - 2002
77	Putting static analysis to work for verification: A case study - Lev-Ami, Reps, et al. - 2000
69	A general data dependence test for dynamic, pointer-based data structures - Hummel, Hendren, et al. - 1994
68	Shape types - Fradet, Métayer - 1997
64	MONA implementation secrets - Klarlund, Moller, et al. - 2000
55	Automatic verification of pointer programs using monadic second-order logic - Jensen, Jorgensen, et al. - 1997
49	Relative completeness of abstraction refinement for software model checking - Ball, Podelski, et al. - 2002
46	Deciding validity in a spatial logic for trees - Calcagno, Cardelli, et al. - 2005
40	Navindra Umanee. Points-to analysis using BDDs - Berndl, Lhoták, et al. - 2003
40	Abstract State Machines - Börger, Stärk - 2003
37	Is it a tree, a DAG, or a cyclic graph - Ghiya, Hendren - 1996
27	Static source code checking for user-defined properties - Holzmann - 2002
27	Graphs and decidable transductions based on edge constraints - Klarlund, Schwartzbach - 1994
26	Shape analysis through predicate abstraction and model checking - Dams, Namjoshi - 2003
26	Logical characterizations of heap abstractions - Yorsh, Reps, et al. - 2005
24	Compile-time debugging of C programs working on trees - Elgaard, Møller, et al. - 2000
23	D.J.: Symbolic evaluation methods for program analysis - Clarke, Richardson - 1981
20	A trace model for pointers and objects - Hoare, He - 1999
17	Semantic analysis of pointer aliasing, allocation and disposal in hoare logic - Calcagno, Ishtiaq, et al. - 2000
16	Rinetzky and Mooly Sagiv. Interprocedural shape analysis for recursive programs - Noam - 2001
15	Class-level modular analysis for object oriented languages - Logozzo
14	The Pointer Assertion Logic Engine - Mller, Schwartzbach - 2001
13	Existential heap abstraction entailment is undecidable - Kuncak, Rinard
13	Fradet and Daniel Le Métayer. Shape types - Pascal - 1997
13	On role logic - Kuncak, Rinard - 2003
13	T.: Algorithms and Data - Meinel, Theobald - 1998
12	TVLA: A framework for kleene based logic static analyses - Lev-Ami - 2000