Cited By
View all- Bautista SJensen TMontagu B(2022)Lifting Numeric Relational Domains to Algebraic Data TypesStatic Analysis10.1007/978-3-031-22308-2_6(104-134)Online publication date: 5-Dec-2022
Interprocedural Shape Analysis Using Separation Logic-Based Transformer Summaries
Pages 248 - 273
Abstract
Shape analyses aim at inferring semantic invariants related to the data-structures that programs manipulate. To achieve that, they typically abstract the set of reachable states. By contrast, abstractions for transformation relations between input states and output states not only provide a finer description of program executions but also enable the composition of the effect of program fragments so as to make the analysis modular. However, few logics can efficiently capture such transformation relations. In this paper, we propose to use connectors inspired by separation logic to describe memory state transformations and to represent procedure summaries. Based on this abstraction, we design a top-down interprocedural analysis using shape transformation relations as procedure summaries. Finally, we report on implementation and evaluation.
References
[1]
Bourdoncle F Abstract interpretation by dynamic partitioning J. Funct. Program 1992 2 4 407-423
[2]
Calcagno C, Distefano D, O’Hearn PW, and Yang H Nielson HR and Filé G Footprint analysis: a shape analysis that discovers preconditions Static Analysis 2007 Heidelberg Springer 402-418
[3]
Calcagno, C., Distefano, D., O’Hearn, P., Yang, H.: Compositional shape analysis by means of bi-abduction. In: Symposium on Principles of Programming Languages (POPL), pp. 289–300. ACM (2009)
[4]
Castelnuovo G, Naik M, Rinetzky N, Sagiv M, and Yang H Blazy S and Jensen T Modularity in lattices: a case study on the correspondence between top-down and bottom-up analysis Static Analysis 2015 Heidelberg Springer 252-274
[5]
Chang, B.Y.E., Rival, X.: Relational inductive shape analysis. In Symposium on Principles of Programming Languages (POPL), pp. 247–260. ACM (2008)
[6]
Chang B-YE, Rival X, and Necula GC Nielson HR and Filé G Shape analysis with structural invariant checkers Static Analysis 2007 Heidelberg Springer 384-401
[7]
Chatterjee, R., Ryder, B.G., Landi, W.A.: Relevant context inference. In: Symposium on Principles of Programming Languages (POPL), pp. 133–146. ACM (1999)
[8]
Codish, M., Debray, S.K., Giacobazzi, R.: Compositional analysis of modular logic programs. In: Symposium on Principles of Programming Languages (POPL), pp. 451–464. ACM (1993)
[9]
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Symposium on Principles of Programming Languages (POPL), ACM (1977)
[10]
Cousot P and Cousot R Horspool RN Modular static program analysis Compiler Construction 2002 Heidelberg Springer 159-179
[11]
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Symposium on Principles of Programming Languages (POPL), pp. 84–97. ACM (1978)
[12]
Dillig, I., Dillig, T., Aiken, A. and Sagiv, M.: Precise and compact modular procedure summaries for heap manipulating programs. In: Hall, M.W., Padua, D.A. (eds.) Conference on Programming Languages Design and Implementation (PLDI), pp. 567–577. ACM (2011)
[13]
Distefano D, O’Hearn PW, and Yang H Hermanns H and Palsberg J A local shape analysis based on separation logic Tools and Algorithms for the Construction and Analysis of Systems 2006 Heidelberg Springer 287-302
[14]
Dudka K, Peringer P, and Vojnar T Gopalakrishnan G and Qadeer S Predator: a practical tool for checking manipulation of dynamic data structures using separation logic Computer Aided Verification 2011 Heidelberg Springer 372-378
[15]
Gulavani BS, Chakraborty S, Ramalingam G, and Nori AV Palsberg J and Su Z Bottom-up shape analysis Static Analysis 2009 Heidelberg Springer 188-204
[16]
Illous, H.: Abstract Heap Relations for a Compositional Shape Analysis. PhD thesis, École Normale Supérieure (2018)
[17]
Illous H, Lemerre M, and Rival X Barrett C, Davies M, and Kahsai T A relational shape abstract domain NASA Formal Methods 2017 Cham Springer 212-229
[18]
Jeannet B, Loginov A, Reps T, and Sagiv M A relational approach to interprocedural shape analysis ACM Trans. Program. Lang. Syst. (TOPLAS) 2010 32 2 5
[19]
Jeannet, B., Loginov, A., Reps, T.W., Sagiv, S.: A relational approach to interprocedural shape analysis. In: Static Analysis Symposium (SAS), pp. 246–264 (2004)
[20]
Kirchner F, Kosmatov N, Prevosto V, Signoles J, and Yakobowski B Frama-c: a software analysis perspective Formal Aspects Comput. 2015 27 3 573-609
[21]
Lattner, C., Lenharth, A., Adve, V.: Making context-sensitive points-to analysis with heap cloning practical for the real world. In: Ferrante, J., McKinley, K.S. (eds), Conference on Programming Languages Design and Implementation (PLDI), pp. 278–289. ACM (2007)
[22]
Le QL, Gherghina C, Qin S, and Chin W-N Biere A and Bloem R Shape analysis via second-order bi-abduction Computer Aided Verification 2014 Cham Springer 52-68
[23]
Lei Y and Sui Y Chang B-YE Fast and precise handling of positive weight cycles for field-sensitive pointer analysis Static Analysis 2019 Cham Springer 27-47
[24]
Manna Z and Pnueli A Axiomatic approach to total correctness of programs Acta Informatica 1974 3 243-263
[25]
Marron M, Hermenegildo M, Kapur D, and Stefanovic D Hendren L Efficient context-sensitive shape analysis with graph based heap models Compiler Construction 2008 Heidelberg Springer 245-259
[26]
Müller-Olm, M., Seidl, H.: Precise interprocedural analysis through linear algebra. In: Symposium on Principles of Programming Languages (POPL), pp. 330–341. ACM (2004)
[27]
Popeea C and Chin W-N Okada M and Satoh I Inferring disjunctive postconditions Advances in Computer Science - ASIAN 2006. Secure Software and Related Issues 2007 Heidelberg Springer 331-345
[28]
Reynolds, J.: Separation logic: a logic for shared mutable data structures. In: Symposium on Logics In Computer Science (LICS), pp. 55–74. IEEE (2002)
[29]
Rinetzky, N., Bauer, J., Reps, T., Sagiv, M., Wilhelm, R.: A semantics for procedure local heaps and its abstractions. In: Symposium on Principles of Programming Languages (POPL), pp. 296–309 (2005)
[30]
Noam Rinetzky, Mooly Sagiv, and Eran Yahav. Interprocedural shape analysis for cutpoint-free programs. In: Hankin, C., Siveroni, I. (eds.) Static Analysis Symposium (SAS), Springer, Berlin, pp. 284–302 (2005)
[31]
Rinetzky N and Sagiv M Wilhelm R Interprocedural shape analysis for recursive programs Compiler Construction 2001 Heidelberg Springer 133-149
[32]
Rival, X., Chang, B.Y.E.: Calling context abstraction with shapes. In: Symposium on Principles of Programming Languages (POPL), pp. 173–186. ACM (2011)
[33]
Sagiv M, Reps T, and Whilhelm R Solving shape-analysis problems in languages with destructive updating ACM Trans. Program. Lang. Syst. (TOPLAS) 1998 20 1 50
[34]
Schaefer, I., Podelski, A.: Local reasoning for termination. In: COSMICAH 2005: Workshop on Verification of COncurrent Systems with dynaMIC Allocated Heaps, pp. 16–30 (2005)
[35]
Sharir, M., Pnueli, A.: Two approaches to interprocedural data flow analysis. In: Program Flow Analysis: Theory and Applications, chapter 7. Prentice-Hall Inc, Englewood Cliffs, New Jersey (1981)
Index Terms
- Interprocedural Shape Analysis Using Separation Logic-Based Transformer Summaries
Index terms have been assigned to the content through auto-classification.
Recommendations
Interprocedural pointer alias analysis
We present practical approximation methods for computing and representing interprocedural aliases for a program written in a language that includes pointers, reference parameters, and recursion. We present the following contributions: (1) a framework ...
A relational approach to interprocedural shape analysis
This article addresses the verification of properties of imperative programs with recursive procedure calls, heap-allocated storage, and destructive updating of pointer-valued fields, that is, interprocedural shape analysis. The article makes three ...
Precise interprocedural analysis using random interpretation
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languagesWe describe a unified framework for random interpretation that generalizes previous randomized intraprocedural analyses, and also extends naturally to efficient interprocedural analyses. There is no such natural extension known for deterministic ...
Comments
Information & Contributors
Information
Published In
Nov 2020
390 pages
© Springer Nature Switzerland AG 2020.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 18 November 2020
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 06 Jan 2025
Other Metrics
Citations
Cited By
View all- Bautista SJensen TMontagu B(2022)Lifting Numeric Relational Domains to Algebraic Data TypesStatic Analysis10.1007/978-3-031-22308-2_6(104-134)Online publication date: 5-Dec-2022