| | |
Summary: Fluid Updates: Beyond Strong vs. Weak
Updates
Isil Dillig Thomas Dillig Alex Aiken
{isil, tdillig, aiken}@cs.stanford.edu
Department of Computer Science, Stanford University
Abstract. We describe a symbolic heap abstraction that unifies reason-
ing about arrays, pointers, and scalars, and we define a fluid update
operation on this symbolic heap that relaxes the dichotomy between
strong and weak updates. Our technique is fully automatic, does not
suffer from the kind of state-space explosion problem partition-based
approaches are prone to, and can naturally express properties that hold
for non-contiguous array elements. We demonstrate the effectiveness of
this technique by evaluating it on challenging array benchmarks and
by automatically verifying buffer accesses and dereferences in five Unix
Coreutils applications with no annotations or false alarms.
1 Introduction
In existing work on pointer and shape analysis, there is a fundamental distinction
between two kinds of updates to memory locations: weak updates and strong
updates [14]. A strong update overwrites the old content of an abstract memory
location l with a new value, whereas a weak update adds new values to the
|
