Refining Existential Properties in Separation Logic Analyses
نویسندگان
چکیده
In separation logic program analyses, tractability is generally achieved by restricting invariants to a finite abstract domain. As this domain cannot vary, loss of information can cause failure even when verification is possible in the underlying logic. In this paper, we propose a CEGAR-like method for detecting spurious failures and avoiding them by refining the abstract domain. Our approach is geared towards discovering existential properties, e.g. “list contains value x”. To diagnose failures, we use abduction, a technique for inferring command preconditions. Our method works backwards from an error, identifying necessary information lost by abstraction, and refining the forward analysis to avoid the error. We define domains for several classes of existential properties, and show their effectiveness on case studies adapted from Redis, Azureus and FreeRTOS.
منابع مشابه
Abstraction Refinement for Separation Logic Program Analyses
ion Refinement for Separation Logic Program Analyses Matko Botinčan, Mike Dodds, and Stephen Magill 1 University of Cambridge, {matko.botincan,mike.dodds}@cl.cam.ac.uk 2 [email protected] Abstract. Abstract domains based on separation logic allow the compositional analysis of heap-manipulating programs, and their effectiveness on real-world software has been extensively demonstrated. Tra...
متن کاملDiagnosing Abstraction Failure for Separation Logic-Based Analyses
Abstraction refinement is an effective verification technique for automatically proving safety properties of software. Application of this technique in shape analyses has proved impractical as core components of existing refinement techniques such as backward analysis, general conjunction, and identification of unreachable but doomed states are computationally infeasible in such domains. We pro...
متن کاملModularization of Logic Programs
Standard software and knowledge engineering best practices advise for modularity because, amongst other benefits, it facilitates development, debugging, maintenance, composition and interoperability. Knowledge bases written as Logic Programs are no exception, and their corresponding semantics should enable such modularity. In this paper we formally define several new syntactical notions and sem...
متن کاملStructural Properties of Logic Programs
Miller has shown that disjunctions are not necessary in a large fragment of hereditary Harrop formulae, a class of formulae which properly includes Horn clauses. In this paper we extend this result to include existential quantiications, so that for each program D, there is a program D 0 which is operationally equivalent, but contains no disjunctions or existential quantiications. We may think o...
متن کاملDependencies in Strategy Logic∗
Strategy Logic (SL) is a very expressive logic for expressing and verifying properties of multi-agent systems: in SL, one can quantify over strategies, assign them to agents, and express properties of the resulting plays. Such a powerful framework has two drawbacks: first, model checking SL has non-elementary complexity; second, the exact semantics of SL is rather intricate, and may not corresp...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1504.08309 شماره
صفحات -
تاریخ انتشار 2015