footprint analysis: a shape analysis that discovers preconditions hongseok yang (queen mary,...
TRANSCRIPT
![Page 1: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/1.jpg)
Footprint Analysis: A Shape Analysis that Discovers
Preconditions
Hongseok Yang(Queen Mary, University of London)
(Joint work with Cristiano Calcagno, Dino Distefano, and Peter O’Hearn)
![Page 2: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/2.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PRESET_IRP ResetIrp,temp,tempnext; PDEVICE_EXTENSION de; ……… KeAcquireSpinLock(&de->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)ResetIrp->Flink2; } KeReleaseSpinLock(&de->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp)
KeReleaseSpinLock(&de->ResetSpinLock, Irql);
KeAcquireSpinLock(&de->ResetSpinLock, &Irql);
IoCompleteRequest(Irp, IO_NO_INCREMENT);
![Page 3: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/3.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PRESET_IRP ResetIrp,temp,tempnext; PDEVICE_EXTENSION de; ……… KeAcquireSpinLock(&de->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)ResetIrp->Flink2; } KeReleaseSpinLock(&de->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
Footprint Analysis
• Discovers safe preconditions of a piece of code. • Only the memory footprint of the code.
![Page 4: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/4.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PRESET_IRP ResetIrp,temp,tempnext; PDEVICE_EXTENSION de; ……… KeAcquireSpinLock(&de->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)ResetIrp->Flink2; } KeReleaseSpinLock(&de->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
![Page 5: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/5.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PXXX_RESET_IRP XXXResetIrp,temp,tempnext; PDEVICE_EXTENSION deviceExtension; ……… KeAcquireSpinLock(&deviceExtension->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)ResetIrp->Flink2; } KeReleaseSpinLock(&deviceExtension->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)
typedef struct { RESET_IRP* Flink2; IRP* Irp;…} RESET_IRP, *PRESET_IRP;
typedef struct { RESET_IRP* Flink2; …} DEVICE_EXTENSION;
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,x1) * (x1aR Irp:Irp)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)(de aD Flink2: de)
(de aD Flink2:0)
![Page 6: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/6.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PXXX_RESET_IRP XXXResetIrp,temp,tempnext; PDEVICE_EXTENSION deviceExtension; ……… KeAcquireSpinLock(&deviceExtension->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)BusResetIrp->Flink2; } KeReleaseSpinLock(&deviceExtension->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
typedef struct { RESET_IRP* Flink2; IRP* Irp;…} RESET_IRP, *PRESET_IRP;
typedef struct { RESET_IRP* Flink2; …} DEVICE_EXTENSION;
de aD Flink2: de
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,x1) * (x1aR Irp:Irp)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)(de aD Flink2: de)
(de aD Flink2:0)
![Page 7: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/7.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PXXX_RESET_IRP XXXResetIrp,temp,tempnext; PDEVICE_EXTENSION deviceExtension; ……… KeAcquireSpinLock(&deviceExtension->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)BusResetIrp->Flink2; } KeReleaseSpinLock(&deviceExtension->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
typedef struct { RESET_IRP* Flink2; IRP* Irp;…} RESET_IRP, *PRESET_IRP;
typedef struct { RESET_IRP* Flink2; …} DEVICE_EXTENSION;
de aD Flink2: deÆ de = ResetIrp
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,x1) * (x1aR Irp:Irp)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)(de aD Flink2: de)
(de aD Flink2:0)
![Page 8: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/8.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PXXX_RESET_IRP XXXResetIrp,temp,tempnext; PDEVICE_EXTENSION deviceExtension; ……… KeAcquireSpinLock(&deviceExtension->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)BusResetIrp->Flink2; } KeReleaseSpinLock(&deviceExtension->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
typedef struct { RESET_IRP* Flink2; IRP* Irp;…} RESET_IRP, *PRESET_IRP;
typedef struct { RESET_IRP* Flink2; …} DEVICE_EXTENSION;
de aD Flink2: deÆ de = ResetIrp
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,x1) * (x1aR Irp:Irp)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)(de aD Flink2: de)
(de aD Flink2:0)
![Page 9: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/9.jpg)
void XXX_CancelIrp(PDEVICE_OBJECT DeviceObject, PIRP Irp){ ……… PXXX_RESET_IRP XXXResetIrp,temp,tempnext; PDEVICE_EXTENSION deviceExtension; ……… KeAcquireSpinLock(&deviceExtension->ResetSpinLock, &Irql); ResetIrp = (PRESET_IRP)de->Flink2; while (ResetIrp !=NULL) { if (ResetIrp->Irp == Irp) { temp = (PRESET_IRP)de; tempnext = temp->Flink2; while (tempnext != ResetIrp) { temp = tempnext; tempnext = temp->Flink2; } temp->Flink2 = ResetIrp->Flink2; free(ResetIrp); break; } else if (ResetIrp->Flink2 == (PRESET_IRP)de) break; else ResetIrp = (PRESET_IRP)BusResetIrp->Flink2; } KeReleaseSpinLock(&deviceExtension->ResetSpinLock, Irql); …… IoCompleteRequest(Irp, IO_NO_INCREMENT);}
typedef struct { RESET_IRP* Flink2; IRP* Irp;…} RESET_IRP, *PRESET_IRP;
typedef struct { RESET_IRP* Flink2; …} DEVICE_EXTENSION;
de aD Flink2: deÆ de = ResetIrp
ERROR: No IRP Field in DEVICE_EXTENSION
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,x1) * (x1aR Irp:Irp)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,0)
(de aD Flink2: x0) * ls (RESET_IRP,Flink2) (x0,de)(de aD Flink2: de)
(de aD Flink2:0)
![Page 10: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/10.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
![Page 11: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/11.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
![Page 12: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/12.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
P2 P3P1
![Page 13: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/13.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
SpaceInvader
{P1}
{Q1,Q2}
{I1,I2,I3}
{P1}C{Q1ÇQ2}
P2 P3P1
![Page 14: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/14.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
SpaceInvader
{P2}
{Q10,Q11 ,Q12}
{I10,I11,I12}
{P1}C{Q1ÇQ2}
P2 P3P1
{P2}C{Q10ÇQ11ÇQ12}
![Page 15: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/15.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
SpaceInvader
{P3}
{P1}C{Q1ÇQ2}
P2 P3P1
{P2}C{Q10ÇQ11ÇQ12}
>
>
![Page 16: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/16.jpg)
Footprint Analysis
Seeding
FootprintComputation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
x=aÆemp
SpaceInvader
{P1}C{Q1ÇQ2}
P2 P3P1
{P2}C{Q10ÇQ11ÇQ12}
![Page 17: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/17.jpg)
Footprint Analysis
Safe precondition
Footprint only
Seeding
FootprintComputation
SpaceInvader
![Page 18: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/18.jpg)
Separation Logic
xay, ls (y,z)
xay * ls (y,z), emp
9y’. z!=0 Æ v=a Æ xay’ * ls (y’,z)
x y y z
y zx
![Page 19: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/19.jpg)
Variable Convention
• Program variables: x,y,z,t,v,w• Ghost (or auxiliary) variables: a,b,c,d,….• Primed variables: x’,y’,z’,t’,v’,w’
9 w’,w’1.
x!=0 Æ z=a Æ w’!=w’1 Æ xaw’ * ls (w’,w’1) * yaw’1
![Page 20: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/20.jpg)
Symbolic Heaps
Separation logic formulas of the form:
(x!=0 Æ z=a Æ w’!=w’1) Æ (xaw’ * ls (w’,w’1) * yaw’1)
SH = Set of all symbolic heapsGhoSH = Set of sym. heaps with ghost vars only
![Page 21: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/21.jpg)
Footprint Computation
list t*;while (x!=0) {
t = x;
x = x->next;
free(t);
}
{ (x=aÆemp, x=aÆemp) }
{ (x=aÆls (a,0), x=0Æemp), (x=0Æemp, x=0Æemp), … }
Fixpoint Computation
2 Pfin(GhoSH, SH)
2 Pfin (GhoSH, SH)
![Page 22: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/22.jpg)
Footprint Computation «x=x->next¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
rearr(x) : GhoSH x SH ! Pfin(GhoSH x SH)
exec(x=x->next) : GhoSH x SH ! GhoSH x SH abs : GhoSH x SH ! CanGhoSH x CanSH{ (x=aÆls a b, x=aÆls a b), (x=aÆls a b, x=bÆls a b) }
{ (x=aÆls a b, x=aÆaab), (x=aÆls a b, x=aÆaav’*ls v’ b), (x=aÆls a b*bac, x=bÆls a b*bac) }
rearr(x)(F,P) = { (F,P1), …, (F,Pn) } if SpInvRearr(x)(P) = {P1, …, Pn}= { (F*aab, P*aab) } else if P ` x=a= { (false,false) } otherwise
![Page 23: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/23.jpg)
Footprint Computation «x=x->next¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
rearr(x) : GhoSH x SH ! Pfin(GhoSH x SH)
exec(x=x->next) : GhoSH x SH ! GhoSH x SH abs : GhoSH x SH ! CanGhoSH x CanSH{ (x=aÆls a b, x=aÆls a b), (x=aÆls a b, x=bÆls a b) }
{ (x=aÆls a b, x=aÆaab), (x=aÆls a b, x=aÆaav’*ls v’ b), (x=aÆls a b*bac, x=bÆls a b*bac) }
{ ………………………………., (x=aÆls a b*bac, x=cÆls a b*bac) }
![Page 24: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/24.jpg)
Footprint Computation «x=x->next¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
rearr(x) : GhoSH x SH ! Pfin(GhoSH x SH)
exec(x=x->next) : GhoSH x SH ! GhoSH x SH abs : GhoSH x SH ! CanGhoSH x CanSH{ (x=aÆls a b, x=aÆls a b), (x=aÆls a b, x=bÆls a b) }
{ (x=aÆls a b, x=aÆaab), (x=aÆls a b, x=aÆaav’*ls v’ b), (x=aÆls a b*bac, x=bÆls a b*bac) }
{ ………………………………., (x=aÆls a b*bac, x=cÆls a b*bac) }{ ………………………………., (x=aÆls a b*bac, x=cÆls a c) }{ ………………………………., (x=aÆls a c*bac, x=cÆls a c) }
![Page 25: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/25.jpg)
Footprint Computation «x=x->next¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
rearr(x) : GhoSH x SH ! Pfin(GhoSH x SH)
exec(x=x->next) : GhoSH x SH ! GhoSH x SH abs : GhoSH x SH ! CanGhoSH x CanSH{ (x=aÆls a b, x=aÆls a b), (x=aÆls a b, x=bÆls a b) }
{ (x=aÆls a b, x=aÆaab), (x=aÆls a b, x=aÆaav’*ls v’ b), (x=aÆls a b*bac, x=bÆls a b*bac) }
{ ………………………………., (x=aÆls a b*bac, x=cÆls a b*bac) }{ ………………………………., (x=aÆls a b*bac, x=cÆls a c) }{ ………………………………., (x=aÆls a c*bac, x=cÆls a c) }
![Page 26: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/26.jpg)
List Disposal
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
x
0
![Page 27: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/27.jpg)
List Disposal
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
x
0
![Page 28: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/28.jpg)
List Disposal
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
x
0
t
![Page 29: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/29.jpg)
List Disposal
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
x
0
t
![Page 30: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/30.jpg)
List Disposal
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
x
0
t
![Page 31: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/31.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
![Page 32: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/32.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ emp
x=a Æ emp
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 33: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/33.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 34: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/34.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ emp
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 35: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/35.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ emp * aab
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 36: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/36.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ emp * aab
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ emp
x=b Æ a!=0 Æ t=a Æ emp
x=b Æ a!=0 Æ t=a Æ emp * aab
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 37: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/37.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ emp * aab
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ emp
x=b Æ a!=0 Æ t=a Æ emp
x=b Æ a!=0 Æ t=a Æ emp * aab
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 38: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/38.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ emp
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 39: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/39.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ a!=0 Æ t=b Æ b!=0 Æ emp
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
x=b Æ t=b Æ b!=0 Æ emp
![Page 40: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/40.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab * bac
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ t=b Æ b!=0 Æ empx=c Æ t=b Æ b!=0 Æ emp * bac
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c a
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c a
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 41: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/41.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab * bac
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ t=b Æ b!=0 Æ empx=c Æ t=b Æ b!=0 Æ emp * bac
x=c Æ t=b Æ b!=0 Æ emp
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c a
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 42: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/42.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab * bac
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ t=b Æ b!=0 Æ empx=c Æ t=b Æ b!=0 Æ emp * bac
x=c Æ t=b Æ b!=0 Æ emp
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 43: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/43.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab * bac
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ t=b Æ b!=0 Æ empx=c Æ t=b Æ b!=0 Æ emp * bac
x=c Æ t=b Æ b!=0 Æ emp
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c a
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
![Page 44: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/44.jpg)
Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * aab * bac
x=b Æ a!=0 Æ t=a Æ emp
x=a Æ empx=a Æ a!=0 Æ emp
x=a Æ a!=0 Æ t=a Æ empx=b Æ a!=0 Æ t=a Æ emp * aab
x=b Æ a!=0 Æ t=a Æ b!=0 Æ empx=b Æ t=b Æ b!=0 Æ empx=c Æ t=b Æ b!=0 Æ emp * bac
x=c Æ t=b Æ b!=0 Æ emp
Discovered Precondition: x=a Æ a!=0 Æ b!=0 Æ emp * ls a c a
Loop: (x=aÆemp, x=aÆemp) (x=aÆa!=0Æaab, x=bÆa!=0Æt=aÆemp) (x=aÆa!=0Æls a c, x=cÆt=bÆb!=0Æemp)
Result: (x=aÆa=0Æemp, x=aÆa=0Æemp) (x=aÆa!=0Æb=0Æaab, x=bÆa!=0Æt=aÆb=0Æemp) (x=aÆa!=0Æc=0Æls a c, x=cÆt=bÆb!=0Æc=0Æemp)
![Page 45: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/45.jpg)
Shape Analysis with SpaceInvader
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
(x=aÆa=0Æemp, x=aÆa=0Æemp)(x=aÆa!=0Æb=0Æaab, x=bÆa!=0Æt=aÆb=0Æemp)(x=aÆa!=0Æc=0Æls a c, x=cÆt=bÆb!=0Æc=0Æemp)
(x=aÆa=0Æemp, x=aÆa=0Æemp)(x=aÆa!=0Æb=0Æaab, x=bÆa!=0Æt=aÆb=0Æemp)(x=aÆa!=0Æc=0Æls a c, x=cÆt=bÆb!=0Æc=0Æemp)
{x=a’Æa’=0Æemp}
{x=a’Æa’!=0Æls a’ 0}
{x=a’Æa’!=0Æa’a0}
{ x=0 Æ emp }
{ x=0 Æ emp }
{ x=0 Æ emp }
![Page 46: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/46.jpg)
Footprint Computation, Ideally
F
F0
D P C
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
QG
![Page 47: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/47.jpg)
Footprint Computation, Ideally
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
«x=x->next¬{ (t=aÆx=bÆaab, t=bÆx=bÆemp) }=
{ (t=aÆx=bÆaab*bac, t=bÆx=cÆbac) }
«x=x->next¬{ (t=aÆx=bÆaab, t=bÆx=bÆemp) }=
{ (t=aÆx=bÆls a c , t=bÆx=cÆbac) }
{t=aÆx=bÆaab*bac} …….;x=x->next{t=bÆx=cÆbac}
{t=aÆx=bÆaab} free(t);t=x {t=bÆx=bÆemp}
{t=aÆx=bÆls a c } …….;x=x->next{t=bÆx=cÆbac}
![Page 48: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/48.jpg)
Footprint Computation, Actually
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
Actually: for all D, if `SL {F}D{P}, then 9Pi,Fi. Gi¶F*Fi, `SL{F*Fi}D;C{Pi},
PiµQi.
F
Fi
D P CPi
Gi
Qi
Abstraction abs
Rearrangement rearr(E)
![Page 49: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/49.jpg)
Footprint Computation, Actually
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
Actually: for all D, if `SL {F}D{P}, then 9Pi,Fi. Gi¶F*Fi, `SL{F*Fi}D;C{Pi},
PiµQi.
F
Fi
D P CPi
Gi
Qi
Abstraction abs
Rearrangement rearr(E)
But, only abs and rearr(E)!
![Page 50: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/50.jpg)
Footprint Computation, Actually
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
Actually: for all D, if `SL {F}D{P}, then 9Pi,Fi. Gi¶F*Fi, `SL{F*Fi}D;C{Pi},
PiµQi.
F D P free(t)
But, only abs and rearr(E)!
Fi Pi
proof rule for free(t) in sep. logic
![Page 51: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/51.jpg)
Footprint Computation, Actually
«C¬ : Pfin(GhoSH x SH) ! Pfin(GhoSH x SH)
Supp. «C¬{ (F,P) } = { (G1,Q1), (G2,Q2) }.
Goal:8D, if `SL{F}D{P}, then 9Fi. G=F*Fi and `SL{F*Fi}D;C{Qi}.
Actually: for all D, if `SL {F}D{P}, then 9Pi,Fi. Gi¶F*Fi, `SL{F*Fi}D;C{Pi},
PiµQi.
F D P free(t)
But, only abs and rearr(E)!
Fi PiFi
Sound because of Frame Rule in sep. log.
{F}D{P}
{F*Fi}D{P*Fi} {P*Fi}free(t){Pi}
{P*Fi}D;free(t){Pi}
proof rule for free(t) in sep. logic
![Page 52: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/52.jpg)
Backward Footprint Computation
list t*;while (x!
=0) { t = x; x = x-
>next; free(t);}
Backward:
assert(x!=0);t = x;x = x->next;free(t);assert(x=0);
Forward:
assert(x!=0);t = x;x = x->next;free(t);assert(x=0);
![Page 53: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/53.jpg)
Experiments with List Programs
MacBook, 2GH Intel Core 2 Duo. 2GB Mem.
…x=a Æ y=b Æ ls a 0
…
append.c
merge.c…
x=a Æ y=c Æ ls a b * ls c d
…
![Page 54: Footprint Analysis: A Shape Analysis that Discovers Preconditions Hongseok Yang (Queen Mary, University of London) (Joint work with Cristiano Calcagno,](https://reader036.vdocuments.net/reader036/viewer/2022081519/56649d205503460f949f4caa/html5/thumbnails/54.jpg)
Experiments with Firewire
MacBook, 2GH Intel Core 2 Duo. 2GB Mem.
t1394_SetAddressData
t1394Diag_CancelIrp
t1394_GetAddressData
t1394_SetAddressDataFix
t1394Diag_CancelIrpFix
t1394_GetAddressDataFix