Learning to Verify the Heap
نویسندگان
چکیده
We present a data-driven verification framework to automatically prove memory safety and functional correctness of heap programs. For this, we introduce a novel statistical machine learning technique that maps observed program states to (possibly disjunctive) separation logic formulas describing the invariant shape of data structures at relevant program locations. We then attempt to verify these predictions using a theorem prover, where counterexamples to a predicted invariant are used as additional input to the shape predictor in a refinement loop. After obtaining valid shape invariants, we use a second learning algorithm to strengthen them with data invariants, again employing a refinement loop using the underlying theorem prover. We have implemented our techniques in Cricket, an extension of the GRASShopper verification tool. Cricket is able to automatically prove memory safety and correctness of implementations of a variety of classical list-manipulating algorithms such as insertionsort.
منابع مشابه
Stability Analysis and Stabilization of Miduk Heap Leaching Structure, Iran
To construct copper heap leaching structures, a stepped heap of ore is placed over an isolated sloping surface and then washed with sulphuric acid. The isolated bed of such a heap consists of some natural and geosynthetic layers. Shear strength parameters between these layers are low, so they form the possible sliding surfaces of the heaps. Economic and environmental considerations call for stu...
متن کاملEffects of Pregnant Leach Solution Temperature on the Permeability of Gravelly Drainage Layer of Heap Leaching Structures
In copper heap leaching structures, the ore is leached by an acidic solution. After dissolving the ore mineral, the heap is drained off in the acidic solution using a drainage system (consisting of a network of perforated polyethylene pipes and gravelly drainage layers) and is, then, transferred to the leaching plant for copper extraction where the copper is extracted and the remaining solution...
متن کاملA New Analytical Solution for Determination of Acceptable Overall settlement of Heap Leaching Structures Foundation
There are some artificial and natural materials on foundation of heap leaching structures. Geomembrane liner is the most important artificial isolated layer of these structures. The thickness of this layer is about 1 to 2 mm. Foundation overall settlement of such structures changes the primary length of the geomembrane layer. If the strain of geomembrane is more than allowable one, the layer wi...
متن کاملComprehensively and Ef fi ciently Protecting the Heap ∗ Mazen
The goal of this paper is to propose a scheme that provides comprehensive security protection for the heap. Heap vulnerabilities are increasingly being exploited for attacks on computer programs. In most implementations, the heap management library keeps the heap meta-data (heap structure information) and the application’s heap data in an interleaved fashion and does not protect them against ea...
متن کاملLearning Shape Analysis
We present a data-driven verification framework to automatically prove memory safety of heap-manipulating programs. Our core contribution is a novel statistical machine learning technique that maps observed program states to (possibly disjunctive) separation logic formulas describing the invariant shape of (possibly nested) data structures at relevant program locations. We then attempt to verif...
متن کامل