Download presentation

Presentation is loading. Please wait.

Published byLeah McGarry Modified over 4 years ago

2
A Framework for describing recursive data structures Kenneth Roe Scott Smith

3
Shape analysis and Recursive data structures The objective is to verify the integrity of dynamic data structures such as lists and trees Based on principles of separation logic Builds on work from Byron Cook and company The key contribution is reasoning about data structures more complex than linked lists –Regular expressions are used to describe paths through data structures Creating a COQ formalism

4
Sample progam Data Structures struct list { struct list *n; struct tree *t; }; struct tree { struct tree *l, *r; int value;};

5
Sample program code Struct list *p; void build pre order(struct tree *r) { struct list *i = NULL, *n, *x; struct tree *t = r; p = NULL; while (t) { n=p; p = malloc(sizeof(struct list)); p->l = t; p->n = n; if (t->l==NULL && t->r==NULL) { if (i==NULL) { t = NULL;} else { struct list *tmp = i->n; t = i->l; free(l); i = tmp;} } else if (t->r==NULL) {t = t->l; } else if (t->l==NULL) {t = t->r; } else {n = i; i = malloc(sizeof(struct list)); i->n = n; x = t->r; i->t = x; t = t->l; } } }

6
Invariants The program maintains two well formed linked lists, the heads of which are pointed to by i and p. p nt nt … i nt nt … r l4r l2r l1r l6r l3rl5r

7
Invariants The program maintains a well formed tree pointed to by r. p nt nt … i nt nt … r l4r l2r l1r l6r l3rl5r

8
Invariants t always points to an element in the tree rooted at r. p nt nt … i nt nt … r l4r l2r l1r l6r l3rl5r

9
Invariants The two lists and the tree do not share any nodes. p nt nt … i nt nt … r l4r l2r l1r l6r l3rl5r

10
Invariants Other than the memory used for the two lists and the tree, no other heap memory is allocated. p nt nt … i nt nt … r l4r l2r l1r l6r l3rl5r

11
Invariants The t field of every element in both list structures points to an element in the tree. p nt nt … i nt nt nil r l4r l2r l1r l6r l3rl5r t

12
State representation r (l |r)* t ( v. z.p n *v v t z r (l |r)* z) ( v. z.i n *v v t z r (l |r)* z) nt nt … R n (i, ) nt nt nil R (l |r) (r, ) l4r l2r l1r l6r l3rl5r R n (p, ) ** t

13
Backward reasoning Logic rules for back propagation Generated preconditions imply post condition Not guaranteed to get weakest pre-condition The system also contains rules for merging states –Becomes necessary when joining the branches of an if statement

14
Back-chaining example Last line of source code: n = i; i = malloc(sizeof(struct list)); i->n = n; x = t->r; i->t = x; t = t->l;

15
Back-chaining example r (l |r)* t ( v. z.p n *v v t z r (l |r)* z) ( v. z. i n *v v t z r (l |r)* z) R n (p, ) * R (l |r) (r, ) * R n (i, ) p nt nt … i nt nt nil r l4r l2r l1r l6r l3rl5r t

16
Back-chaining example t l q r (l |r)* q ( v. z.p n * v v l z r (l |r)* z) ( v. z. i n *v v l z r (l|r)* z) R n (p, ) * R (l |r) (r, ) * R n (i, ) p nt nt … i nt nt nil r l4r l2r l1r l6r l3rl5r t t = t->l

17
Back-chaining example t l q r (l |r)* t ( v. z.p n *v v l z r (l |r)* z) ( v. z.i n *v v l z r (l |r)* z) R n (p, ) * R (l|r) (r, ) * R n (i, ) p nt nt … i nt nt nil r l4r l2r l1r l6r l3rl5r t t = t->l

18
Back-chaining example We have back propagated over the last statement. We have several more statements to go n = i; i = malloc(sizeof(struct list)); i->n = n; x = t->r; i->t = x; t = t->l;

19
Back-chaining example After back-propagating over the remaining statements, we end up with the following which is almost our original invariant: t l q t r e r (l |r)* t ( v. z. p n *v v l z r (l |r)* z) ( v. z. i n *v v l z r (l |r)* z) | R n (p, ) * R (l |r) (r, ) * R n (i, )

20
Future work COQ verification (in progress) Arrays Length predicate Handling procedures More information: www.cs.jhu.edu/~roe

Similar presentations

OK

9 Priority Queues, Heaps, and Graphs. 9-2 What is a Heap? A heap is a binary tree that satisfies these special SHAPE and ORDER properties: –Its shape.

9 Priority Queues, Heaps, and Graphs. 9-2 What is a Heap? A heap is a binary tree that satisfies these special SHAPE and ORDER properties: –Its shape.

© 2018 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Ppt on solid dielectrics inc Ppt on cse related topics of psychology Ppt on new technology 2013 Ppt on meetings and conferences Ppt on effect of global warming on weather maps Ppt on rajputs of india Ppt on ip address classes Ppt on channels of distribution strategy Ppt on 2nd world war videos Ppt on power quality in energy conversion systems