Reduction of
inductive predicates
for shape analysis
of circular lists
Daniel Stutzman
April 27, 2010
circular lists
shape analysis
of circular lists
inductive predicates
for shape analysis
of circular lists
Reduction of
inductive predicates
for shape analysis
of circular lists
Let’s make a sorted linked list
struct ListNode {
int data;
struct ListNode* next;
struct ListNode* prev;
}
Let’s make a sorted linked list
3
4
7
0
0
x
Run-time “checker” functions
boolean is_sll(ListNode* x) {
return (x->prev == NULL) && is_sll2(x);
}
boolean is_sll2(ListNode* x, int min_data) {
return (x->data >= min_data) &&
(x->next->prev == x) &&
is_sll2(x->next, x->data);
}
Run-time “checker” functions
boolean is_sll(ListNode* x) {
return (x->prev == NULL) && is_sll2(x);
}
boolean is_sll2(ListNode* x) {
return (x->next->data >= x->data) &&
(x->next->prev == x) &&
is_sll2(x->next);
}
Run-time “checker” functions
boolean is_sll(ListNode* x) {
return (x->prev == NULL) && is_sll2(x);
}
boolean is_sll2(ListNode* x) {
return (x->next == NULL) ||
((x->next->data >= x->data) &&
(x->next->prev == x) &&
is_sll2(x->next));
}
Static inductive predicates
is_sll(x) = null(x->prev) /\ is_sll2(x)
is_sll2(x) = null(x->next) V
((x->next->data >= x->data) /\
(x->next->prev == x) /\
is_sll2(x->next))
Example in a shape domain
?
is_sll2
0
x
Unfolding
?
?
is_sll2
0
x
Unfolding
?
is_sll2
0
x
Unfolding
?
0
0
x
Unfolding
?
?
is_sll2
0
x
V
?
0
0
x
Let’s make a circular list
3
4
7
0
0
x
Let’s make a circular list
3
0
x
4
7
Let’s make a circular list
3
x
4
7
Walking backwards
?
?
is_circular_list
?
x
Walking backwards
?
?
is_circular_list
?
x
Walking backwards
?
?
is_circular_list
?
x
Error: Unable to find an
appropriate edge to unfold
Reduction
?
?
is_list
x
Reduction
?
?
is_list
x
Reduction
?
?
is_list
x
?
Two equivalent summaries
is_bounded_list
Two equivalent summaries
is_bounded_list
Two equivalent summaries
is_bounded_list
Two equivalent summaries
is_bounded_
list
Two equivalent summaries
is_
bound
ed_list
Two equivalent summaries
Two equivalent summaries
is_list
Two equivalent summaries
is_list
Two equivalent summaries
is_list
Two equivalent summaries
is_list
Two equivalent summaries
Other equivalent summaries
NULL
dll1
Other equivalent summaries
NULL
dll1
Other equivalent summaries
NULL
dll1
Other equivalent summaries
NULL
dll1
Other equivalent summaries
NULL
dll1
Other equivalent summaries
NULL
NULL
Other equivalent summaries
NULL
NULL
NULL
NULL
dll2
Other equivalent summaries
NULL
NULL
NULL
NULL
dll2
Other equivalent summaries
NULL
NULL
NULL
NULL
dll2
Other equivalent summaries
NULL
NULL
NULL
NULL
dll2
Other equivalent summaries
NULL
NULL
NULL
NULL
dll2
Other equivalent summaries
NULL
NULL
NULL
NULL
© Copyright 2026 Paperzz