Abstract
We present a program analysis that can automatically discover the shape of complex pointer data structures. The discovered invariants are, then, used to verify the absence of safety errors in the program, or to check whether the program preserves the data consistency. Our analysis extends the shape analysis of Sagiv et al. with grammar annotations, which can precisely express the shape of complex data structures. We demonstrate the usefulness of our analysis with binomial heap construction and the Schorr-Waite tree traversal. For a binomial heap construction algorithm, our analysis returns a grammar that precisely describes the shape of a binomial heap; for the Schorr-Waite tree traversal, our analysis shows that at the end of the execution, the result is a tree and there are no memory leaks.
Lee and Yi were supported by the Brain Korea 21 project in 2004, and Yang was supported by R08-2003-000-10370-0 from the Basic Research Program of the Korea Science & Engineering Foundation.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms. MIT Press and McGraw-Hill Book Company (2001)
Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the ACM Symposium on Principles of Programming Languages, January 1977, pp. 238–252 (1977)
Cousot, P., Cousot, R.: Abstract interpretation frameworks. J. Logic and Comput. 2(4), 511–547 (1992)
Cousot, P., Cousot, R.: Formal language, grammar and set-constraint-based program analysis by abstract interpretation. In: Proceedings of the ACM Conference on Functional Programming Languages and Computer Architecture, La Jolla, California, June 1995, pp. 170–181. ACM Press, New York (1995)
Deutsch, A.: Interprocedural alias analysis for pointers: Beyond k-limiting. In: Proceedings of the ACM Conference on Programming Language Design and Implementation, pp. 230–241. ACM Press, New York (1994)
Fradet, P., Le Métayer, D.: Shape types. In: Proceedings of the ACM Symposium on Principles of Programming Languages, pp. 27–39. ACM Press, New York (1997)
Klarlund, N., Schwartzbach, M.I.: Graph types. In: Proceedings of the ACM Symposium on Principles of Programming Languages (January 1993)
Lee, O., Yang, H., Yi, K.: Automatic verification of pointer programs using grammar-based shape analysis. Tech. Memo. ROPAS-2005-23, Programming Research Laboratory, School of Computer Science & Engineering, Seoul National University (March 2005)
Manevich, R., Sagiv, M., Ramalingam, G., Field, J.: Partially disjunctive heap abstraction. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 265–279. Springer, Heidelberg (2004)
Møller, A., Schwartzbach, M.I.: The pointer assertion logic engine. In: Proceedings of the ACM Conference on Programming Language Design and Implementation. ACM, New York (2001)
O’Hearn, P.W., Yang, H., Reynolds, J.C.: Separation and information hiding. In: Proceedings of the ACM Symposium on Principles of Programming Languages, pp. 268–280. ACM Press, New York (2004)
Reynolds, J.C.: Separation logic: A logic for shared mutable data structures. In: Proceedings of the 17th IEEE Symposium on Logic in Computer Science, pp. 55–74. IEEE, Los Alamitos (2002)
Sagiv, M., Reps, T., Wilhelm, R.: Solving shape-analysis problems in languages with destructive updating. ACM Trans. Program. Lang. Syst. 20(1), 1–50 (1998)
Sagiv, M., Reps, T., Wilhelm, R.: Parametric shape analysis via 3-valued logic. ACM Trans. Program. Lang. Syst. 24(3), 217–298 (2002)
Sims, É.-J.: Extending separation logic with fixpoints and postponed substitution. In: Rattray, C., Maharaj, S., Shankland, C. (eds.) AMAST 2004. LNCS, vol. 3116, pp. 475–490. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, O., Yang, H., Yi, K. (2005). Automatic Verification of Pointer Programs Using Grammar-Based Shape Analysis. In: Sagiv, M. (eds) Programming Languages and Systems. ESOP 2005. Lecture Notes in Computer Science, vol 3444. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31987-0_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-31987-0_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25435-5
Online ISBN: 978-3-540-31987-0
eBook Packages: Computer ScienceComputer Science (R0)