Xavier Rival, Research Director at INRIA Paris-Rocquencourt (Directeur de Recherche, DR 2)
Semantic Directed Clumping of Disjunctive Abstract States
(joint work with Huisong Li, Bor-Yuh Evan Chang and Francois Berenger)
Time: Jan 11, 2018, 1100-1145 in room 3A08, IT University of Copenhagen, Rued Langgaards Vej 7

To infer complex structural invariants, shape analyses rely on expressive
families of logical properties. Many such analyses manipulate abstract
memory states that consist of separating conjunctions of basic predicates
describing atomic blocks or summaries. Moreover, they use finite
disjunctions of abstract memory states in order to account for dissimilar
shapes. Disjunctions should be kept small for scalability, though
precision often requires keeping additional case splits. In this context,
deciding when and how to merge case splits and to replace them with
summaries is critical both for precision and efficiency. Existing
techniques use sets of syntactic rules, which are tedious to design and
prone to failure. In this talk, we present a semantic criterion to clump
abstract states based on their silhouette, which applies not only to the
conservative union of disjuncts but also to the weakening of separating
conjunctions of memory predicates into inductive summaries. Our approach
allows us to define union and widening operators that aim at preserving
the case splits that are required for the analysis to succeed. We report
on the implementation of this approach in the MemCAD analyzer and on the
evaluation on real-world C codes from existing libraries dealing with
doubly-linked lists, red-black trees, AVL-trees and splay-trees.