TY - JOUR
T1 - A logic of reachable patterns in linked data-structures
AU - Yorsh, Greta
AU - Rabinovich, Alexander
AU - Sagiv, Mooly
AU - Meyer, Antoine
AU - Bouajjani, Ahmed
N1 - Funding Information:
This research was supported by THE ISRAEL SCIENCE FOUNDATION (grant no. 304/03). ∗ Corresponding author. Tel.: +972 3 640 5358; fax: +972 3 640 6761. E-mail addresses: [email protected] (G. Yorsh), [email protected] (A. Rabinovich), [email protected] (M. Sagiv), [email protected] (A. Meyer), [email protected] (A. Bouajjani).
PY - 2007/9
Y1 - 2007/9
N2 - We define a new decidable logic for expressing and checking invariants of programs that manipulate dynamically-allocated objects via pointers and destructive pointer updates. The main feature of this logic is the ability to limit the neighborhood of a node that is reachable via a regular expression from a designated node. The logic is closed under boolean operations (entailment, negation) and has a finite model property. The key technical result is the proof of decidability. We show how to express preconditions, postconditions, and loop invariants for some interesting programs. It is also possible to express properties such as disjointness of data-structures, and low-level heap mutations. Moreover, our logic can express properties of arbitrary data-structures and of an arbitrary number of pointer fields. The latter provides a way to naturally specify postconditions that relate the fields on the entry of a procedure to the field on the exit of a procedure. Therefore, it is possible to use the logic to automatically prove partial correctness of programs performing low-level heap mutations.
AB - We define a new decidable logic for expressing and checking invariants of programs that manipulate dynamically-allocated objects via pointers and destructive pointer updates. The main feature of this logic is the ability to limit the neighborhood of a node that is reachable via a regular expression from a designated node. The logic is closed under boolean operations (entailment, negation) and has a finite model property. The key technical result is the proof of decidability. We show how to express preconditions, postconditions, and loop invariants for some interesting programs. It is also possible to express properties such as disjointness of data-structures, and low-level heap mutations. Moreover, our logic can express properties of arbitrary data-structures and of an arbitrary number of pointer fields. The latter provides a way to naturally specify postconditions that relate the fields on the entry of a procedure to the field on the exit of a procedure. Therefore, it is possible to use the logic to automatically prove partial correctness of programs performing low-level heap mutations.
KW - Decidable logic with reachability
KW - Heap-manipulating programs
KW - Pattern
KW - Program verification
KW - Reachability
KW - Routing expression
KW - Shape analysis
KW - Transitive closure logics
KW - Weak monadic second-order logic
UR - http://www.scopus.com/inward/record.url?scp=34447333644&partnerID=8YFLogxK
U2 - 10.1016/j.jlap.2006.12.001
DO - 10.1016/j.jlap.2006.12.001
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:34447333644
SN - 1567-8326
VL - 73
SP - 111
EP - 142
JO - Journal of Logic and Algebraic Programming
JF - Journal of Logic and Algebraic Programming
IS - 1-2
ER -