Permission Inference for Array Programs

Information about the memory locations accessed by a program is, for instance, required for program parallelisation and program verification. Existing inference techniques for this information provide only partial solutions for the important class of array-manipulating programs. In this paper, we present a static analysis that infers the memory footprint of an array program in terms of permission pre- and postconditions as used, for example, in separation logic. This formulation allows our analysis to handle concurrent programs and produces specifications that can be used by verification tools. Our analysis expresses the permissions required by a loop via maximum expressions over the individual loop iterations. These maximum expressions are then solved by a novel maximum elimination algorithm, in the spirit of quantifier elimination. Our approach is sound and is implemented; an evaluation on existing benchmarks for memory safety of array programs demonstrates accurate results, even for programs with complex access patterns and nested loops.

[1]  Bertrand Jeannet,et al.  Apron: A Library of Numerical Abstract Domains for Static Analysis , 2009, CAV.

[2]  Reuben N. S. Rowe,et al.  Automatic cyclic termination proofs for recursive procedures in separation logic , 2017, CPP.

[3]  Supratik Chakraborty,et al.  Bottom-Up Shape Analysis , 2009, SAS.

[4]  Peter Müller,et al.  Automatic Verification of Iterated Separating Conjunctions Using Symbolic Execution , 2016, CAV.

[5]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[6]  K. Rustan M. Leino,et al.  A Basis for Verifying Multi-threaded Programs , 2009, ESOP.

[7]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[8]  Laure Gonnord,et al.  Cell Morphing: From Array Programs to Array-Free Horn Clauses , 2016, SAS.

[9]  Joe D. Warren,et al.  The program dependence graph and its use in optimization , 1987, TOPL.

[10]  Isil Dillig,et al.  Fluid Updates: Beyond Strong vs. Weak Updates , 2010, ESOP.

[11]  Supratik Chakraborty,et al.  Verifying Array Manipulating Programs by Tiling , 2017, SAS.

[12]  Ruzica Piskac,et al.  GRASShopper - Complete Heap Verification with Mixed Specifications , 2014, TACAS.

[13]  Ashutosh Gupta,et al.  InvGen: An Efficient Invariant Generator , 2009, CAV.

[14]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[15]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[16]  Silvio Ghilardi,et al.  Booster: An Acceleration-Based Verification Framework for Array Programs , 2014, ATVA.

[17]  Frank Piessens,et al.  Implicit Dynamic Frames: Combining Dynamic Frames and Separation Logic , 2009, ECOOP.

[18]  Jan Smans,et al.  Deadlock-Free Channels and Locks , 2010, ESOP.

[19]  Antoine Miné,et al.  Inferring Sufficient Conditions with Backward Polyhedral Under-Approximations , 2012, NSAD@SAS.

[20]  Xavier Rival,et al.  An array content static analysis based on non-contiguous partitions , 2017, Comput. Lang. Syst. Struct..

[21]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[22]  Tomás Vojnar,et al.  Automatic Verification of Integer Array Programs , 2009, CAV.

[23]  Sorin Lerner,et al.  Composing dataflow analyses and transformations , 2002, POPL '02.

[24]  Peter Müller,et al.  Viper: A Verification Infrastructure for Permission-Based Reasoning , 2016, VMCAI.

[25]  Ranjit Jhala,et al.  Array Abstractions from Proofs , 2007, CAV.

[26]  James Brotherston,et al.  Biabduction (and Related Problems) in Array Separation Logic , 2016, CADE.

[27]  Silvio Ghilardi,et al.  Definability of Accelerated Relations in a Theory of Arrays and Its Applications , 2013, FroCos.

[28]  Reiner Hähnle,et al.  Automating Verification of Loops by Parallelization , 2006, LPAR.

[29]  Sumit Gulwani,et al.  Lifting abstract interpreters to quantified logical domains , 2008, POPL '08.

[30]  Sorin Lerner,et al.  RELAY: static race detection on millions of lines of code , 2007, ESEC-FSE '07.

[31]  Nicolas Halbwachs,et al.  Discovering properties about arrays in simple programs , 2008, PLDI '08.

[32]  Patrick Cousot,et al.  Static Analysis and Verification of Aerospace Software by Abstract Interpretation , 2010, Found. Trends Program. Lang..

[33]  Patrick Cousot,et al.  A parametric segmentation functor for fully automatic and scalable array content analysis , 2011, POPL '11.

[34]  Andrei Voronkov,et al.  Finding Loop Invariants for Programs over Arrays Using a Theorem Prover , 2009, 2009 11th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing.

[35]  Marieke Huisman,et al.  Verification of Loop Parallelisations , 2015, FASE.

[36]  Peter Müller,et al.  Automating Deductive Verification for Weak-Memory Programs , 2018, TACAS.

[37]  Frank Piessens,et al.  VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java , 2011, NASA Formal Methods.

[38]  John Tang Boyland,et al.  Checking Interference with Fractional Permissions , 2003, SAS.

[39]  Martin C. Rinard,et al.  Purity and Side Effect Analysis for Java Programs , 2005, VMCAI.

[40]  Thomas W. Reps,et al.  A framework for numeric analysis of array operations , 2005, POPL '05.

[41]  David I. August,et al.  A collaborative dependence analysis framework , 2017, 2017 IEEE/ACM International Symposium on Code Generation and Optimization (CGO).

[42]  Shengchao Qin,et al.  Shape Analysis via Second-Order Bi-Abduction , 2014, CAV.

[43]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[44]  Daisuke Kimura,et al.  Decision Procedure for Entailment of Symbolic Heaps with Arrays , 2017, APLAS.