Generating Representation Invariants of Structurally Complex Data

• Published in: Tools and Algorithms for the Construction and Analysis of Systems Vol. 4424; pp. 34 - 49
• Main Authors: Malik, Muhammad Zubair, Pervaiz, Aman, Khurshid, Sarfraz
• Format: Book Chapter
• Language: English
• Published: Germany Springer Berlin / Heidelberg 2007; Springer Berlin Heidelberg
• Series: Lecture Notes in Computer Science
• Subjects: Binary Search Tree; Input Structure; Integrity Constraint; Invariant Generation; Structural Invariant
• ISBN: 3540712089; 9783540712084
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-540-71209-1_5

Generating likely invariants using dynamic analyses is becoming an increasingly effective technique in software checking methodologies. This paper presents Deryaft, a novel algorithm for generating likely representation invariants of structurally complex data. Given a small set of concrete structures, Deryaft analyzes their key characteristics to formulate local and global properties that the structures exhibit. For effective formulation of structural invariants, Deryaft focuses on graph properties, including reachability, and views the program heap as an edge-labeled graph. Deryaft outputs a Java predicate that represents the invariants; the predicate takes an input structure and returns true if and only if it satisfies the invariants. The invariants generated by Deryaft directly enable automation of various existing frameworks, such as the Korat test generation framework and the Juzi data structure repair framework, which otherwise require the user to provide the invariants. Experimental results with the Deryaft prototype show that it feasibly generates invariants for a range of subject structures, including libraries as well as a stand-alone application.