Footprint Analysis: A Shape Analysis that Discovers Preconditions - PowerPoint PPT Presentation

About This Presentation
Title:

Footprint Analysis: A Shape Analysis that Discovers Preconditions

Description:

Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno, Dino Distefano ... – PowerPoint PPT presentation

Number of Views:157
Avg rating:3.0/5.0
Slides: 55
Provided by: Hong116
Category:

less

Transcript and Presenter's Notes

Title: Footprint Analysis: A Shape Analysis that Discovers Preconditions


1
Footprint Analysis A Shape Analysis that
Discovers Preconditions
  • Hongseok Yang
  • (Queen Mary, University of London)
  • (Joint work with Cristiano Calcagno, Dino
    Distefano, and Peter OHearn)

2
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
PIRP Irp)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PRESET_IRP ResetIrp,temp,tempnext
  • PDEVICE_EXTENSION de
  • KeAcquireSpinLock(de-gtResetSpinLock, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

KeAcquireSpinLock(de-gtResetSpinLock, Irql)
KeReleaseSpinLock(de-gtResetSpinLock, Irql)
IoCompleteRequest(Irp, IO_NO_INCREMENT)
3
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PRESET_IRP ResetIrp,temp,tempnext
  • PDEVICE_EXTENSION de
  • KeAcquireSpinLock(de-gtResetSpinLock, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break
  • Footprint Analysis
  • Discovers safe preconditions of a piece of code.
  • Only the memory footprint of the code.

4
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PRESET_IRP ResetIrp,temp,tempnext
  • PDEVICE_EXTENSION de
  • KeAcquireSpinLock(de-gtResetSpinLock, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

5
(de aD Flink20)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PXXX_RESET_IRP XXXResetIrp,temp,tempnext
  • PDEVICE_EXTENSION deviceExtension
  • KeAcquireSpinLock(deviceExtension-gtResetSpinLoc
    k, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2)
(x0,x1) (x1aR IrpIrp)
typedef struct RESET_IRP Flink2 IRP
Irp RESET_IRP, PRESET_IRP
typedef struct RESET_IRP Flink2
DEVICE_EXTENSION
6
(de aD Flink20)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PXXX_RESET_IRP XXXResetIrp,temp,tempnext
  • PDEVICE_EXTENSION deviceExtension
  • KeAcquireSpinLock(deviceExtension-gtResetSpinLoc
    k, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2)
(x0,x1) (x1aR IrpIrp)
de aD Flink2 de
typedef struct RESET_IRP Flink2 IRP
Irp RESET_IRP, PRESET_IRP
typedef struct RESET_IRP Flink2
DEVICE_EXTENSION
7
(de aD Flink20)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PXXX_RESET_IRP XXXResetIrp,temp,tempnext
  • PDEVICE_EXTENSION deviceExtension
  • KeAcquireSpinLock(deviceExtension-gtResetSpinLoc
    k, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2)
(x0,x1) (x1aR IrpIrp)
de aD Flink2 de Æ de ResetIrp
typedef struct RESET_IRP Flink2 IRP
Irp RESET_IRP, PRESET_IRP
typedef struct RESET_IRP Flink2
DEVICE_EXTENSION
8
(de aD Flink20)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PXXX_RESET_IRP XXXResetIrp,temp,tempnext
  • PDEVICE_EXTENSION deviceExtension
  • KeAcquireSpinLock(deviceExtension-gtResetSpinLoc
    k, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2)
(x0,x1) (x1aR IrpIrp)
de aD Flink2 de Æ de ResetIrp
typedef struct RESET_IRP Flink2 IRP
Irp RESET_IRP, PRESET_IRP
typedef struct RESET_IRP Flink2
DEVICE_EXTENSION
9
(de aD Flink20)
  • void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject,
    PIRP Irp)
  • PXXX_RESET_IRP XXXResetIrp,temp,tempnext
  • PDEVICE_EXTENSION deviceExtension
  • KeAcquireSpinLock(deviceExtension-gtResetSpinLoc
    k, Irql)
  • ResetIrp (PRESET_IRP)de-gtFlink2
  • while (ResetIrp !NULL)
  • if (ResetIrp-gtIrp Irp)
  • temp (PRESET_IRP)de
  • tempnext temp-gtFlink2
  • while (tempnext ! ResetIrp)
  • temp tempnext tempnext
    temp-gtFlink2
  • temp-gtFlink2 ResetIrp-gtFlink2
  • free(ResetIrp)
  • break

(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2 de)
(de aD Flink2 x0) ls (RESET_IRP,Flink2)
(x0,x1) (x1aR IrpIrp)
de aD Flink2 de Æ de ResetIrp
ERROR No IRP Field in DEVICE_EXTENSION
typedef struct RESET_IRP Flink2 IRP
Irp RESET_IRP, PRESET_IRP
typedef struct RESET_IRP Flink2
DEVICE_EXTENSION
10
Footprint Analysis
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

Seeding
Footprint Computation
11
Footprint Analysis
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

Seeding
Footprint Computation
12
Footprint Analysis
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

P2
P3
P1
Seeding
Footprint Computation
13
Footprint Analysis
P1
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

P2
P3
P1
Seeding
I1,I2,I3
Footprint Computation
SpaceInvader
Q1,Q2
P1CQ1ÇQ2
14
Footprint Analysis
P2
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

P2
P3
P1
Seeding
I10,I11,I12
Footprint Computation
SpaceInvader
Q10,Q11 ,Q12
P1CQ1ÇQ2
P2CQ10ÇQ11ÇQ12
15
Footprint Analysis
P3
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

P2
P3
P1
Seeding
gt
Footprint Computation
SpaceInvader
gt
P1CQ1ÇQ2
P2CQ10ÇQ11ÇQ12
16
Footprint Analysis
xaÆemp
list t while (x!0) t x x
x-gtnext free(t)

P2
P3
P1
Seeding
Footprint Computation
SpaceInvader
P1CQ1ÇQ2
P2CQ10ÇQ11ÇQ12
17
Footprint Analysis

Seeding
Safe precondition Footprint only
Footprint Computation
SpaceInvader
18
Separation Logic
  • xay, ls (y,z)
  • xay ls (y,z), emp
  • 9y. z!0 Æ va Æ xay ls (y,z)

x
y
z
y
y
z
x
19
Variable Convention
  • Program variables x,y,z,t,v,w
  • Ghost (or auxiliary) variables a,b,c,d,.
  • Primed variables x,y,z,t,v,w
  • 9 w,w1.
  • x!0 Æ za Æ w!w1 Æ xaw ls (w,w1)
    yaw1

20
Symbolic Heaps
  • Separation logic formulas of the form
  • (x!0 Æ za Æ w!w1) Æ (xaw ls (w,w1)
    yaw1)
  • SH Set of all symbolic heaps
  • GhoSH Set of sym. heaps with ghost vars only

21
Footprint Computation
(xaÆemp, xaÆemp)
2 Pfin(GhoSH, SH)
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

Fixpoint Computation
(xaÆls (a,0), x0Æemp), (x0Æemp,
x0Æemp),
2 Pfin (GhoSH, SH)
22
Footprint Computation
rearr(x)(F,P) (F,P1), , (F,Pn) if
SpInvRearr(x)(P) P1, , Pn (Faab, Paab)
else if P xa (false,false)
otherwise
  • xx-gtnext Pfin(GhoSH x SH) !
    Pfin(GhoSH x SH)
  • rearr(x) GhoSH x SH ! Pfin(GhoSH
    x SH)
  • exec(xx-gtnext) GhoSH x SH ! GhoSH x SH
  • abs GhoSH x SH !
    CanGhoSH x CanSH

(xaÆls a b, xaÆls a b), (xaÆls a b,
xbÆls a b)
(xaÆls a b, xaÆaab), (xaÆls a b, xaÆaavls
v b), (xaÆls a bbac, xbÆls a bbac)
23
Footprint Computation
  • xx-gtnext Pfin(GhoSH x SH) !
    Pfin(GhoSH x SH)
  • rearr(x) GhoSH x SH ! Pfin(GhoSH
    x SH)
  • exec(xx-gtnext) GhoSH x SH ! GhoSH x SH
  • abs GhoSH x SH !
    CanGhoSH x CanSH

(xaÆls a b, xaÆls a b), (xaÆls a b,
xbÆls a b)
(xaÆls a b, xaÆaab), (xaÆls a b, xaÆaavls
v b), (xaÆls a bbac, xbÆls a bbac)
., (xaÆls a bbac, xcÆls a
bbac)
24
Footprint Computation
  • xx-gtnext Pfin(GhoSH x SH) !
    Pfin(GhoSH x SH)
  • rearr(x) GhoSH x SH ! Pfin(GhoSH
    x SH)
  • exec(xx-gtnext) GhoSH x SH ! GhoSH x SH
  • abs GhoSH x SH !
    CanGhoSH x CanSH

(xaÆls a b, xaÆls a b), (xaÆls a b,
xbÆls a b)
(xaÆls a b, xaÆaab), (xaÆls a b, xaÆaavls
v b), (xaÆls a bbac, xbÆls a bbac)
., (xaÆls a bbac, xcÆls a
bbac)
., (xaÆls a bbac, xcÆls a c)

., (xaÆls a cbac, xcÆls a c)

25
Footprint Computation
  • xx-gtnext Pfin(GhoSH x SH) !
    Pfin(GhoSH x SH)
  • rearr(x) GhoSH x SH ! Pfin(GhoSH
    x SH)
  • exec(xx-gtnext) GhoSH x SH ! GhoSH x SH
  • abs GhoSH x SH !
    CanGhoSH x CanSH

(xaÆls a b, xaÆls a b), (xaÆls a b,
xbÆls a b)
(xaÆls a b, xaÆaab), (xaÆls a b, xaÆaavls
v b), (xaÆls a bbac, xbÆls a bbac)
., (xaÆls a bbac, xcÆls a
bbac)
., (xaÆls a bbac, xcÆls a c)

., (xaÆls a cbac, xcÆls a c)

26
List Disposal
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

x
0
27
List Disposal
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

x
0
28
List Disposal
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

t
x
0
29
List Disposal
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

t
x
0
30
List Disposal
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

t
x
0
31
Footprint Computation
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

32
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ emp
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
33
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ emp
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
34
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ emp
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xa Æ a!0 Æ ta Æ emp
35
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ emp
aab
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ a!0 Æ ta Æ emp aab
36
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ emp
aab
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ a!0 Æ ta Æ emp aab
xb Æ a!0 Æ ta Æ emp
37
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ emp
aab
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ a!0 Æ ta Æ emp aab
xb Æ a!0 Æ ta Æ emp
38
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ a!0 Æ ta Æ emp aab
xb Æ a!0 Æ ta Æ emp
39
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ a!0 Æ tb Æ b!0 Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xb Æ a!0 Æ ta Æ emp
40
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab bac
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c a
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c a
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xc Æ tb Æ b!0 Æ emp bac
xb Æ a!0 Æ ta Æ emp
41
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab bac
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c a
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xc Æ tb Æ b!0 Æ emp bac
xb Æ a!0 Æ ta Æ emp
xc Æ tb Æ b!0 Æ emp
42
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab bac
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xc Æ tb Æ b!0 Æ emp bac
xb Æ a!0 Æ ta Æ emp
xc Æ tb Æ b!0 Æ emp
43
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab bac
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c a
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xc Æ tb Æ b!0 Æ emp bac
xb Æ a!0 Æ ta Æ emp
xc Æ tb Æ b!0 Æ emp
44
Footprint Computation
Loop (xaÆemp, xaÆemp) (xaÆa!0Æaab,
xbÆa!0ÆtaÆemp) (xaÆa!0Æls a c,
xcÆtbÆb!0Æemp)
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp aab bac
Discovered Precondition xa Æ a!0 Æ b!0
Æ emp ls a c a
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xa Æ emp
xa Æ a!0 Æ emp
xb Æ a!0 Æ ta Æ b!0 Æ emp
xa Æ a!0 Æ ta Æ emp
xb Æ tb Æ b!0 Æ emp
xb Æ a!0 Æ ta Æ emp aab
xc Æ tb Æ b!0 Æ emp bac
xb Æ a!0 Æ ta Æ emp
xc Æ tb Æ b!0 Æ emp
Result (xaÆa0Æemp, xaÆa0Æemp)
(xaÆa!0Æb0Æaab, xbÆa!0ÆtaÆb0Æemp)
(xaÆa!0Æc0Æls a c, xcÆtbÆb!0Æc0Æemp)
45
Shape Analysis with SpaceInvader
(xaÆa0Æemp, xaÆa0Æemp) (xaÆa!0Æb0Æaab,
xbÆa!0ÆtaÆb0Æemp) (xaÆa!0Æc0Æls a c,
xcÆtbÆb!0Æc0Æemp)
(xaÆa0Æemp, xaÆa0Æemp) (xaÆa!0Æb0Æaab,
xbÆa!0ÆtaÆb0Æemp) (xaÆa!0Æc0Æls a c,
xcÆtbÆb!0Æc0Æemp)
  • list t
  • while (x!0)
  • t x
  • x x-gtnext
  • free(t)

xaÆa0Æemp
xaÆa!0Æls a 0
xaÆa!0Æaa0
x0 Æ emp
x0 Æ emp
x0 Æ emp
46
Footprint Computation, Ideally
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.

Q
G
F0
F
P
D
C
47
Footprint Computation, Ideally
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.

taÆxbÆaab free(t)tx tbÆxbÆemp
xx-gtnext (taÆxbÆaab, tbÆxbÆemp)
(taÆxbÆaabbac, tbÆxcÆbac)
xx-gtnext (taÆxbÆaab, tbÆxbÆemp)
(taÆxbÆls a c , tbÆxcÆbac)
taÆxbÆaabbac .xx-gtnexttbÆxcÆbac
taÆxbÆls a c .xx-gtnexttbÆxcÆbac

48
Footprint Computation, Actually
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.
  • Actually for all D,
  • if SL FDP, then 9Pi,Fi. GiFFi,
    SLFFiDCPi, PiµQi.

Pi
Gi
Abstraction abs
Fi
F
P
D
C
Qi
Rearrangement rearr(E)
49
Footprint Computation, Actually
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.
  • Actually for all D,
  • if SL FDP, then 9Pi,Fi. GiFFi,
    SLFFiDCPi, PiµQi.

But, only abs and rearr(E)!
Pi
Gi
Abstraction abs
Fi
F
P
D
C
Qi
Rearrangement rearr(E)
50
Footprint Computation, Actually
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.
  • Actually for all D,
  • if SL FDP, then 9Pi,Fi. GiFFi,
    SLFFiDCPi, PiµQi.

But, only abs and rearr(E)!
Pi
Fi
F
P
D
free(t)
proof rule for free(t) in sep. logic
51
Footprint Computation, Actually
Sound because of Frame Rule in sep. log.
FDP FFiDPFi
PFifree(t)Pi
PFiDfree(t)Pi
  • C Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
  • Supp. C (F,P) (G1,Q1), (G2,Q2) .
  • Goal8D, if SLFDP, then 9Fi. GFFi and
    SLFFiDCQi.
  • Actually for all D,
  • if SL FDP, then 9Pi,Fi. GiFFi,
    SLFFiDCPi, PiµQi.

But, only abs and rearr(E)!
Pi
Fi
Fi
F
P
D
free(t)
proof rule for free(t) in sep. logic
52
Backward Footprint Computation
list t while (x!0) t x x x-gtnext
free(t)
Backward assert(x!0) t x x
x-gtnext free(t) assert(x0)
Forward assert(x!0) t x x
x-gtnext free(t) assert(x0)
53
Experiments with List Programs
xa Æ yb Æ ls a 0
append.c
xa Æ yc Æ ls a b ls c d
merge.c
  • MacBook, 2GH Intel Core 2 Duo. 2GB Mem.

54
Experiments with Firewire
t1394Diag_CancelIrp
t1394Diag_CancelIrpFix
t1394_GetAddressData
t1394_GetAddressDataFix
t1394_SetAddressData
t1394_SetAddressDataFix
  • MacBook, 2GH Intel Core 2 Duo. 2GB Mem.
Write a Comment
User Comments (0)
About PowerShow.com