Skip to main content
SpringerLink
Log in

Safety and Liveness in Concurrent Pointer Programs

  • Conference paper
Formal Methods for Components and Objects (FMCO 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 4111))

Included in the following conference series:

Abstract

The incorrect use of pointers is one of the most common source of software errors. Concurrency has a similar characteristic. Proving the correctness of concurrent pointer manipulating programs, let alone algorithmically, is a highly non-trivial task. This paper proposes an automated verification technique for concurrent programs that manipulate linked lists. Key issues of our approach are: automata (with fairness constraints), heap abstractions that are tailored to the program and property to be checked, first-order temporal logic, and a tableau-based model-checking algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bardin, S., Finkel, A., Nowak, D.: Towards symbolic verification of programs handling pointers. In: AVIS 2004 (2004)

    Google Scholar 

  2. Barr, A.: Find the Bug in this Java Program. Addison-Wesley, Reading (2005)

    Google Scholar 

  3. Basin, D., Matthews, S., Vigano, L.: Labelled modal logics: quantifiers. J. of Logic, Language and Information 7(3), 237–263 (1998)

    Article  MATH  MathSciNet  Google Scholar 

  4. Berdine, J., Calcagno, C., O’Hearn, P.W.: A decidable fragment of separation logic. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 97–109. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Berdine, J., Calcagno, C., O’Hearn, P.W.: Symbolic execution with separation logic. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 52–68. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Bergstra, J., Ponse, A., Smolka, S.A. (eds.): Handbook of Process Algebra. Elsevier, Amsterdam (2001)

    MATH  Google Scholar 

  7. Bouajjani, A., Habermehl, P., Moro, P., Vojnar, T.: Verifying programs with dynamic 1-selector-linked list structures in regular model checking. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 13–29. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Bozga, M., Iosif, R., Lakhnech, Y.: Storeless semantics and alias logic. In: PEPM, pp. 55–65. ACM Press, New York (2003)

    Google Scholar 

  9. Bozga, M., Iosif, R., Lakhnech, Y.: On logics of aliasing. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 344–360. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Burstall, R.: Some techniques for proving correctness of programs which alter data structures. Machine Intelligence 6, 23–50 (1971)

    MATH  Google Scholar 

  11. Cardelli, L., Gardner, P., Ghelli, G.: A spatial logic for querying graphs. In: Widmayer, P., Triguero, F., Morales, R., Hennessy, M., Eidenbenz, S., Conejo, R. (eds.) ICALP 2002. LNCS, vol. 2380, pp. 597–610. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Cardelli, L., Gordon, A.D.: Anytime, anywhere: modal logics for mobile ambients. In: POPL, pp. 365–377. ACM Press, New York (2000)

    Chapter  Google Scholar 

  13. Chase, D.R., Wegman, M., Zadeck, F.: Analysis of pointers and structures. In: PLDI, pp. 296–310. ACM Press, New York (1990)

    Google Scholar 

  14. Chong, S., Rugina, R.: Static analysis of accessed regions in recursive data structures. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 463–482. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Cook, S.A., Oppen, D.: An assertion language for data structures. In: POPL, pp. 160–166. ACM Press, New York (1975)

    Google Scholar 

  16. Deutsch, A.: Interprocedural may-alias analysis for pointers: beyond k-limiting. In: PLDI, pp. 230–241. ACM Press, New York (1994)

    Google Scholar 

  17. Distefano, D.: A parametric model for the analysis of mobile ambients. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 401–417. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  18. Distefano, D., Katoen, J.-P., Rensink, A.: Who is pointing when to whom? – On the automated verification of linked list structures. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 250–262. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Distefano, D., Rensink, A., Katoen, J.-P.: Who is pointing when to whom? – On the automated verification of linked list structures CTIT Tech. Rep. 03-12 (2003)

    Google Scholar 

  20. Distefano, D., Rensink, A., Katoen, J.-P.: Model checking birth and death. In: TCS, pp. 435–447. Kluwer, Dordrecht (2002)

    Google Scholar 

  21. Fitting, M.: On quantified modal logic. Fundamenta Informatica 39(1), 5–121 (1999)

    MathSciNet  Google Scholar 

  22. Fradet, P., Gaugne, R., Le Métayer, D.: Static detection of pointer errors: an axiomatisation and a checking algorithm. In: Riis Nielson, H. (ed.) ESOP 1996. LNCS, vol. 1058, pp. 125–140. Springer, Heidelberg (1996)

    Google Scholar 

  23. van Glabbeek, R.J.: The linear time-branching time spectrum I. In: [6], ch. 1, pp. 3–101 (2001)

    Google Scholar 

  24. Ishtiaq, S., O’Hearn, P.W.: BI as an assertion language for mutable data structures. In: POPL, pp. 14–26. ACM Press, New York (2001)

    Google Scholar 

  25. Jensen, J., Jørgensen, M., Schwartzbach, M., Klarlund, N.: Automatic verification of pointer programs using monadic second-order logic. In: PLDI, pp. 226–236. ACM Press, New York (1997)

    Chapter  Google Scholar 

  26. Jones, N.D., Muchnick, S.S.: Flow analysis and optimization of Lisp-like structures, ch. 4. In: Muchnick, S.S., Jones, N.D. (eds.) Program Flow Analysis: Theory and Applications, ch. 4, pp. 102–131. Prentice-Hall, Englewood Cliffs (1981)

    Google Scholar 

  27. Lichtenstein, O., Pnueli, A.: Checking that finite state concurrent programs satisfy their linear specification. In: POPL, pp. 97–107. ACM Press, New York (1985)

    Google Scholar 

  28. Nelson, G.: Verifying reachability invariants of linked structures. In: POPL, pp. 38–47. ACM Press, New York (1983)

    Google Scholar 

  29. Manevich, R., Yahav, E., Ramalingam, G., Sagiv, M.: Predicate abstraction and canonical abstraction for singly-linked lists. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 181–198. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  30. Milner, R. (ed.): A Calculus of Communication Systems. LNCS, vol. 92. Springer, Heidelberg (1980)

    Google Scholar 

  31. Montanari, U., Pistore, M.: An introduction to history-dependent automata. ENTCS 10 (1998)

    Google Scholar 

  32. Møller, A., Schwartzbach, M.: The pointer assertion logic engine. In: PLDI, pp. 213–221. ACM Press, New York (2001)

    Google Scholar 

  33. Morris, J.: Assignment and linked data structures. In: Th. Found. of Progr. Meth., Reidel, pp. 25–34 (1981)

    Google Scholar 

  34. O’Hearn, P.W., Yang, H., Reynolds, J.C.: Separation and information hiding. In: POPL, pp. 268–280. ACM Press, New York (2004)

    Chapter  Google Scholar 

  35. Pnueli, A.: The temporal logic of programs. In: FOCS, pp. 46–57. IEEE CS Press, Los Alamitos (1977)

    Google Scholar 

  36. Rensink, A.: Canonical graph shapes. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 401–415. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  37. Reynolds, J.C.: Separation logic: A logic for shared mutable data structures. In: LICS, pp. 55–74. IEEE CS Press, Los Alamitos (2002)

    Google Scholar 

  38. Sagiv, M., Reps, T., Wilhelm, R.: Solving shape-analysis problems in languages with destructive updating. ACM TOPLAS 20(1), 1–50 (1998)

    Article  Google Scholar 

  39. Séméria, L., Sato, K., de Micheli, G.: Resolution of dynamic memory allocation and pointers for the behavioural synthesis from C. In: DATE, pp. 312–319. ACM Press, New York (2000)

    Chapter  Google Scholar 

  40. Yahav, E., Reps, T., Sagiv, M., Wilhelm, R.: Verifying temporal heap properties specified via evolution logic. In: Degano, P. (ed.) ESOP 2003 and ETAPS 2003. LNCS, vol. 2618, pp. 204–222. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  41. Yavuz-Kahveci, T., Bultan, T.: Automated verification of concurrent linked lists with counters. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 69–82. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Queen Mary, University of London, United Kingdom

    Dino Distefano

  2. Software Modeling and Verification Group, RWTH Aachen, Germany

    Joost-Pieter Katoen

  3. Formal Methods and Tools, University of Twente, The Netherlands

    Joost-Pieter Katoen & Arend Rensink

Authors
  1. Dino Distefano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joost-Pieter Katoen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arend Rensink
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Mathematics and Computer Science, CWI, Kruislaan 413, 1098, Amsterdam, SJ, The Netherlands

    Frank S. de Boer

  2. Leiden Institute of Advanced Computer Science, Leiden University, P.O. Box 9512, 2300, Leiden, RA, The Netherlands

    Marcello M. Bonsangue

  3. Centre Equitation, VERIMAG, 2 Avenue de Vignate, 38610, Grenoble-Gières, France

    Susanne Graf

  4. Institute of Computer Science and Applied Mathematics, Christian-Albrechts University, Kiel,Hermann-Rodewald-Straße 3, 24118, Kiel, Germany

    Willem-Paul de Roever

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Distefano, D., Katoen, JP., Rensink, A. (2006). Safety and Liveness in Concurrent Pointer Programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, WP. (eds) Formal Methods for Components and Objects. FMCO 2005. Lecture Notes in Computer Science, vol 4111. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11804192_14

Download citation

  • DOI: https://doi.org/10.1007/11804192_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-36749-9

  • Online ISBN: 978-3-540-36750-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation