Learn More
The task of summarizing memory regions becomes increasingly important in the analysis of data structures and the analysis of recursive functions. Calculating summaries of memory regions containing several abstract variables becomes quite subtle when using relational abstract domains. We address this challenge using two principal operations, fold and expand,(More)
A static shape analysis is presented that can prove the absence of NULL-and dangling pointer dereferences in standard algorithms on lists, trees and graphs. It is conceptually simpler than other analyses that use symbolically represented logic to describe the heap. Instead, it represents the heap as a single graph and a Boolean formula. The key idea is to(More)
Verification by static analysis often hinges on the inference of relational numeric information. In real-world programs, the set of active variables is often not fixed for a given program point due to, for instance, heap-allocated cells or recursive function calls. For these program points, an invariant has to summarize values for traces E where a variable(More)
  • 1