Shape analysis concerns the problem of determining “shape invariants ” for programs that perform destructive updating on dynamically allocated storage. This article presents a parametric framework for shape analysis that can be instantiated in different ways to create different shapeanalysis algorithms that provide varying degrees of efficiency and precision. A key innovation of the work is that the stores that can possibly arise during execution are represented (conservatively) using 3-valued logical structures. The framework is instantiated in different ways by varying the predicates used in the 3-valued logic. The class of programs to which a given instantiation of the framework can be applied is not limited a priori (i.e., as in some work on shape analysis, to programs that manipulate only lists, trees, DAGS, etc.); each instantiation of the framework can be applied to any program, but may produce imprecise results (albeit conservative ones) due to the set of predicates employed.
|
1283
|
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
– Cousot, Cousot
- 1977
|
|
1168
|
A Discipline of Programming
– Dijkstra
- 1976
|
|
671
|
Mobile ambients
– Cardelli, Gordon
- 1998
|
|
500
|
Introduction to metamathematics
– Kleene
- 1952
|
|
444
|
Systematic design of program analysis frameworks
– Cousot, Cousot
- 1979
|
|
416
|
H.: Construction of abstract state graphs with PVS
– Graf, Saidi
- 1997
|
|
322
|
Zadeck. Analysis of pointers and structures
– Chase, Wegman, et al.
- 1990
|
|
283
|
Counterexample-guided abstraction refinement
– Clarke, Grumberg, et al.
- 2000
|
|
252
|
Solving shapeanalysis problems in languages with destructive updating
– Sagiv, Reps, et al.
- 1998
|
|
189
|
Flow analysis and optimization of LISP-like structures
– Jones, Muchnick
- 1979
|
|
187
|
Interprocedural May-Alias Analysis for Pointers: Beyond k-limiting
– Deutsch
- 1994
|
|
167
|
Compiler-based prefetching for recursive data structures
– Luk, Mowry
- 1996
|
|
157
|
Detecting conflicts between structure accesses
– Larus, Hilfinger
- 1988
|
|
147
|
Symmetry and model checking
– Emerson, Sistla
- 1993
|
|
139
|
Static detection of dynamic memory errors
– Evans
- 1996
|
|
137
|
Parallelizing programs with recursive data structures
– Hendren, Nicolau
- 1990
|
|
131
|
Dependence analysis for pointer variables
– Horwitz, Pfelffer, et al.
- 1989
|
|
120
|
Experience with predicate abstraction
– Das, Dill, et al.
- 1999
|
|
98
|
Abstractions for recursive pointer data structures: Improving the analysis and transformation of imperative programs
– Hendren, Hummel, et al.
- 1992
|
|
98
|
A flexible approach to interprocedural data flow analysis and programs with recursive data structures
– Jones, Muchnick
- 1982
|
|
88
|
TVLA: A system for implementing static analyses
– Lev-Ami, Sagiv
- 2000
|
|
62
|
A storeless model of aliasing and its abstractions using firrite representations of right-regular equiwdence relations
– Deutsch
- 1992
|
|
61
|
Putting static analysis to work for verification: A case study
– Lev-Ami, Reps, et al.
- 2000
|
|
60
|
Verifying safety properties of concurrent Java programs using 3-valued logic
– Yahav
|
|
59
|
Notes on data structuring
– Hoare
- 1972
|
|
54
|
Automatic verification of pointer programs using monadic second order logic
– Jensen, Jørgensen, et al.
- 1997
|
|
50
|
A kleene analysis of mobile ambients
– Nielson, Nielson, et al.
|
|
46
|
A Program Verifier
– King
|
|
42
|
Multivalued logics: A uniform approach to inference in artificial intelligence
– Ginsberg
- 1988
|
|
42
|
A Course
– Bell, Machover
- 1977
|
|
38
|
Analysis of dynamic structures for efficient parallel execution
– Plevyak, Chien, et al.
- 1993
|
|
35
|
A decidable logic for describing linked data structures
– Benedikt, Reps, et al.
- 1999
|
|
27
|
M.: Compile-time debugging of C programs working on trees
– Elgaard, Møller, et al.
|
|
27
|
TVLA: A framework for Kleene based static analysis
– Lev-Ami, Sagiv
- 2000
|
|
23
|
An Interactive Program Verifier
– Deutsch
- 1973
|
|
19
|
A lattice for abstract interpretation of dynamic (Lisp-like) structures
– Stransky
- 1992
|
|
13
|
Interprocedural heap analysis for parallelizing imperative programs
– Assmann, Weinhardt
- 1993
|
|
13
|
Analysis of Recursive Types in an Imperative Language
– Wang
- 1994
|
|
12
|
induced aliasing: A problem classification
– Pointer
- 1991
|
|
10
|
Assignment and linked data structures
– Morris
- 1982
|
|
5
|
Symmetry and induction in model checking
– Clarke, Jha
- 1995
|
|
5
|
An Introduction to the PL/CV2 Programming Logic
– Constable, L, et al.
- 1982
|
|
5
|
Interprocedural shape analysis for recursive programs
– RINETSKEY, SAGIV
- 2000
|
|
4
|
LTL model checking for systems with unbounded number of dynamically created threads and objects
– Yahav, Reps, et al.
- 2001
|
|
3
|
Position statement. Prepared for the Programming Languages Working
– AIKEN
- 1996
|
|
1
|
Parametric Shape Analysis via 3-Valued Logic • 297
– GRIES
- 1981
|
|
1
|
Introduction to Metamathematics, Second Ed
– KLEENE
- 1987
|
