Propositional Reasoning about Safety and Termination of Heap-Manipulating Programs

TL;DR

This paper introduces a propositional reasoning framework called SLH for verifying safety and termination of heap-manipulating programs that use cyclic singly-linked lists, effectively handling shape and length constraints.

Contribution

It presents the theory SLH that captures shape and length interactions in singly-linked lists, enabling decidable reasoning via SAT reduction for safety and termination proofs.

Findings

SLH can express safety invariants and termination arguments for cyclic lists.

The decision procedure is efficiently implemented and applied to real programs.

SLH effectively combines shape and arithmetic reasoning for heap programs.

Abstract

This paper shows that it is possible to reason about the safety and termination of programs handling potentially cyclic, singly-linked lists using propositional reasoning even when the safety invariants and termination arguments depend on constraints over the lengths of lists. For this purpose, we propose the theory SLH of singly-linked lists with length, which is able to capture non-trivial interactions between shape and arithmetic. When using the theory of bit-vector arithmetic as a background, SLH is efficiently decidable via a reduction to SAT. We show the utility of SLH for software verification by using it to express safety invariants and termination arguments for programs manipulating potentially cyclic, singly-linked lists with unrestricted, unspecified sharing. We also provide an implementation of the decision procedure and use it to check safety and termination proofs for several heap-manipulating programs.