On Verifying Complex Properties using Symbolic Shape Analysis

One of the main challenges in the verification of software systems is the analysis of unbounded data structures with dynamic memory allocation, such as linked data structures and arrays. We describe Bohne, a new analysis for verifying data structures. Bohne verifies data structure operations and shows that 1) the operations preserve data structure invariants and 2) the operations satisfy their specifications expressed in terms of changes to the set of objects stored in the data structure. During the analysis, Bohne infers loop invariants in the form of disjunctions of universally quantified Boolean combinations of formulas. To synthesize loop invariants of this form, Bohne uses a combination of decision procedures for Monadic Second-Order Logic over trees, SMT-LIB decision procedures (currently CVC Lite), and an automated reasoner within the Isabelle interactive theorem prover. This architecture shows that synthesized loop invariants can serve as a useful communication mechanism between different decision procedures. Using Bohne, we have verified operations on data structures such as linked lists with iterators and back pointers, trees with and without parent pointers, two-level skip lists, array data structures, and sorted lists. We have deployed Bohne in the Hob and Jahob data structure analysis systems, enabling us to combine Bohne with analyses of data structure clients and apply it in the context of larger programs. This report describes the Bohne algorithm as well as techniques that Bohne uses to reduce the ammount of annotations and the running time of the analysis

When All the World\u27s a Stage: The Impact of Events on News Coverage of South Africa, 1979-1985

A time series analysis was used to investigate: (1) whether a significant increase in news coverage of South Africa occurred during the critical years of 1979-1985 ; (2) whether the geographic origin and/or sociopolitical impact of events, rather than deaths per se, caused the increase; and (3) the manner in which the increase occurred. Results indicated that two symbolic events (i.e., a series of riots in twenty-one South African townships, internal to South Africa; and the awarding of the Nobel Prize to Bishop Desmond Tutu, external to South Africa) cumulatively were responsible for a significant rise in news coverage of South Africa. The relationship of these symbolic sociopolitical events to the forces that shape short-term news headlines and long-term social change in general, including the imminent demise of apartheid in particular is discussed

Automating FEA programming

In this paper we briefly describe a combined symbolic and numeric approach for solving mathematical models on parallel computers. An experimental software system, PIER, is being developed in Common Lisp to synthesize computationally intensive and domain formulation dependent phases of finite element analysis (FEA) solution methods. Quantities for domain formulation like shape functions, element stiffness matrices, etc., are automatically derived using symbolic mathematical computations. The problem specific information and derived formulae are then used to generate (parallel) numerical code for FEA solution steps. A constructive approach to specify a numerical program design is taken. The code generator compiles application oriented input specifications into (parallel) FORTRAN77 routines with the help of built-in knowledge of the particular problem, numerical solution methods and the target computer

The Changing Narratives of Death, Dying, and HIV in the United Kingdom

Death and infection were closely linked from the start of the HIV epidemic, until successful treatments became available. The initial impact of mostly young, gay men dying from HIV was powerful in shaping UK responses. Neoliberal discourses developed at the same time, particularly focusing on how citizens (rather than the state) should take responsibility to improve health. Subsequently “successful ageing” became an allied discourse, further marginalising death discussions. Our study reflected on a broad range of meanings around death within the historical UK epidemic, to examine how dying narratives shape contemporary HIV experiences. Fifty-one participants including people living with HIV, professionals, and activists were recruited for semistructured interviews. Assuming a symbolic interactionist framework, analysis highlighted how HIV deaths were initially experienced as not only traumatic but also energizing, leading to creativity. With effective antiretrovirals, dying changed shape (e.g., loss of death literacy), and better integration of palliative care was recommended

Spatial patterns of knowledge-intensive business services in cities of various sizes, morphologies and economies

We compare intra-urban localization patterns of advertising and IT companies in three large Czech cities. The main aim of our analysis is an empirically-based contribution to the question to what extent do knowledge bases affect the spatial distribution of various knowledge-intensive business industries. The central research question is: To what extent is the localization of these two industries influenced by different modes of innovation/knowledge bases (symbolic vs. synthetic) and to what extent by contextual factors, such as urban size, morphology, position in the urban hierarchy and economic profile of the given city. We found that the urban contexts shape the localization patterns of advertising and IT companies more than differences in knowledge bases-both industries cluster primarily in the inner cities and urban cores. Formation of more suburban IT "scientific neighborhoods" is limited.Web of Science125art. no. 184

Chaucer's Wife of Bath, Hoccleve's Arguing Women, and Lydgate's Hertford Wives: Lay Interpretation and the Figure of the Spinning Woman in Late Medieval England

The paper explores the figure of the spinning woman in connection with the growing desire of Church and state forces to control lay religious and interpretive practices in late fourteenth- and early fifteenth-century England. Tracing a history of political, religious, and symbolic currency upon which authors could draw to shape their portraits of the spinning woman as representative of dangerous laic desires, the paper concludes with an analysis of Lydgate's Mumming at Hertford. Lydgate presents a multivalent portrait of the spinning woman that adopts conventional symbolic meanings while simultaneously informing a discourse of critique that was useful, but also unsettling, to both Church and state authorities

Synthesizing Short-Circuiting Validation of Data Structure Invariants

This paper presents incremental verification-validation, a novel approach for checking rich data structure invariants expressed as separation logic assertions. Incremental verification-validation combines static verification of separation properties with efficient, short-circuiting dynamic validation of arbitrarily rich data constraints. A data structure invariant checker is an inductive predicate in separation logic with an executable interpretation; a short-circuiting checker is an invariant checker that stops checking whenever it detects at run time that an assertion for some sub-structure has been fully proven statically. At a high level, our approach does two things: it statically proves the separation properties of data structure invariants using a static shape analysis in a standard way but then leverages this proof in a novel manner to synthesize short-circuiting dynamic validation of the data properties. As a consequence, we enable dynamic validation to make up for imprecision in sound static analysis while simultaneously leveraging the static verification to make the remaining dynamic validation efficient. We show empirically that short-circuiting can yield asymptotic improvements in dynamic validation, with low overhead over no validation, even in cases where static verification is incomplete

Modular Construction of Shape-Numeric Analyzers

The aim of static analysis is to infer invariants about programs that are precise enough to establish semantic properties, such as the absence of run-time errors. Broadly speaking, there are two major branches of static analysis for imperative programs. Pointer and shape analyses focus on inferring properties of pointers, dynamically-allocated memory, and recursive data structures, while numeric analyses seek to derive invariants on numeric values. Although simultaneous inference of shape-numeric invariants is often needed, this case is especially challenging and is not particularly well explored. Notably, simultaneous shape-numeric inference raises complex issues in the design of the static analyzer itself. In this paper, we study the construction of such shape-numeric, static analyzers. We set up an abstract interpretation framework that allows us to reason about simultaneous shape-numeric properties by combining shape and numeric abstractions into a modular, expressive abstract domain. Such a modular structure is highly desirable to make its formalization and implementation easier to do and get correct. To achieve this, we choose a concrete semantics that can be abstracted step-by-step, while preserving a high level of expressiveness. The structure of abstract operations (i.e., transfer, join, and comparison) follows the structure of this semantics. The advantage of this construction is to divide the analyzer in modules and functors that implement abstractions of distinct features.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455