Compositional Verification of Heap-Manipulating Programs through Property-Guided Learning

Analyzing and verifying heap-manipulating programs automatically is challenging. A key for fighting the complexity is to develop compositional methods. For instance, many existing verifiers for heap-manipulating programs require user-provided specification for each function in the program in order to decompose the verification problem. The requirement, however, often hinders the users from applying such tools. To overcome the issue, we propose to automatically learn heap-related program invariants in a property-guided way for each function call. The invariants are learned based on the memory graphs observed during test execution and improved through memory graph mutation. We implemented a prototype of our approach and integrated it with two existing program verifiers. The experimental results show that our approach enhances existing verifiers effectively in automatically verifying complex heap-manipulating programs with multiple function calls

A Carleman-Picard approach for reconstructing zero-order coefficients in parabolic equations with limited data

We propose a globally convergent computational technique for the nonlinear inverse problem of reconstructing the zero-order coefficient in a parabolic equation using partial boundary data. This technique is called the "reduced dimensional method". Initially, we use the polynomial-exponential basis to approximate the inverse problem as a system of 1D nonlinear equations. We then employ a Picard iteration based on the quasi-reversibility method and a Carleman weight function. We will rigorously prove that the sequence derived from this iteration converges to the accurate solution for that 1D system without requesting a good initial guess of the true solution. The key tool for the proof is a Carleman estimate. We will also show some numerical examples

S2TD: a Separation Logic Verifier that Supports Reasoning of the Absence and Presence of Bugs

Heap-manipulating programs are known to be challenging to reason about. We present a novel verifier for heap-manipulating programs called S2TD, which encodes programs systematically in the form of Constrained Horn Clauses (CHC) using a novel extension of separation logic (SL) with recursive predicates and dangling predicates. S2TD actively explores cyclic proofs to address the path explosion problem. S2TD differentiates itself from existing CHC-based verifiers by focusing on heap-manipulating programs and employing cyclic proof to efficiently verify or falsify them with counterexamples. Compared with existing SL-based verifiers, S2TD precisely specifies the heaps of de-allocated pointers to avoid false positives in reasoning about the presence of bugs. S2TD has been evaluated using a comprehensive set of benchmark programs from the SV-COMP repository. The results show that S2TD is more effective than state-of-art program verifiers and is more efficient than most of them.Comment: 24 page

Concolic Testing Heap-Manipulating Programs

Concolic testing is a test generation technique which works effectively by integrating random testing generation and symbolic execution. Existing concolic testing engines focus on numeric programs. Heap-manipulating programs make extensive use of complex heap objects like trees and lists. Testing such programs is challenging due to multiple reasons. Firstly, test inputs for such program are required to satisfy non-trivial constraints which must be specified precisely. Secondly, precisely encoding and solving path conditions in such programs are challenging and often expensive. In this work, we propose the first concolic testing engine called CSF for heap-manipulating programs based on separation logic. CSF effectively combines specification-based testing and concolic execution for test input generation. It is evaluated on a set of challenging heap-manipulating programs. The results show that CSF generates valid test inputs with high coverage efficiently. Furthermore, we show that CSF can be potentially used in combination with precondition inference tools to reduce the user effort

IPSE, a parasite-derived host immunomodulatory protein, is a potential therapeutic for hemorrhagic cystitis

Chemotherapy-induced hemorrhagic cystitis is characterized by bladder pain and voiding dysfunction caused by hemorrhage and inflammation. Novel therapeutic options to treat hemorrhagic cystitis are needed. We previously reported that systemic administration of the Schistosomiasis haematobium-derived protein H-IPSEH06 (IL-4-inducing principle from Schistosoma mansoni eggs), is superior to 3 doses of MESNA in alleviating hemorrhagic cystitis. Based on prior reports by others on S. mansoni IPSE (M-IPSE) and additional work by our group, we reasoned that H-IPSE mediates its effects on hemorrhagic cystitis by binding IgE on basophils and inducing IL-4 expression, promoting urothelial proliferation, and translocating to the nucleus to modulate expression of genes implicated in relieving bladder dysfunction. We speculated that local bladder injection of the S. haematobium IPSE ortholog IPSEH03, hereafter called H-IPSEH03, might be more efficacious in preventing hemorrhagic cystitis compared to systemic administration of IPSEH06. We report that H-IPSEH03, like M-IPSE and H-IPSEH06, activates IgE-bearing basophils in an NFAT reporter assay, indicating activation of the cytokine pathway. Further, H-IPSEH03 attenuates ifosfamide-induced increases in bladder wet weight in an IL-4-dependent fashion. H-IPSEH03 relieves hemorrhagic cystitis-associated allodynia and modulates voiding patterns in mice. Finally, H-IPSEH03 drives increased urothelial cell proliferation suggesting that IPSE induces bladder repair mechanisms. Taken together, H-IPSEH03 may be a potential novel therapeutic to treat hemorrhagic cystitis by basophil activation, attenuation of allodynia and promotion of urothelial cell proliferation

Effectiveness of cervical pessary compared to cervical cerclage with or without vaginal progesterone for the prevention of preterm birth in women with twin pregnancies and a short cervix : Study protocol for a two-by-two factorial randomised clinical trial

Peer reviewedPublisher PD

Therapeutic exploitation of IPSE, a urogenital parasite-derived host modulatory protein, for chemotherapy-induced hemorrhagic cystitis

Chemotherapy-induced hemorrhagic cystitis (CHC) can be difficult to manage. Prior work suggests IL-4 alleviates ifosfamide-induced hemorrhagic cystitis (IHC), but systemically administered IL-4 causes significant side effects. We hypothesized that the Schistosoma haematobium homolog of Interleukin-4-inducing principle from Schistosoma mansoni Eggs (H-IPSE), would reduce IHC and associated bladder pathology. IPSE binds IgE on basophils and mast cells, triggering IL-4 secretion by these cells. IPSE is also an “infiltrin”, translocating into the host nucleus to modulate gene transcription. Mice were administered IL-4, H-IPSE protein or its nuclear localization sequence (NLS) mutant with or without neutralizing anti-IL-4 antibody, or MESNA, followed by ifosfamide. Bladder tissue damage and hemoglobin content were measured. Spontaneous and evoked pain, urinary frequency and gene expression were assessed. Pain behaviors were interpreted in a blinded fashion. One dose of H-IPSE was superior to MESNA and IL-4 in suppressing bladder hemorrhage in an IL-4-and NLS-dependent fashion, and comparable to MESNA in dampening ifosfamide-triggered pain behaviors in an NLS-dependent manner. H-IPSE also accelerated urothelial repair following IHC. Our work represents the first therapeutic exploitation of a uropathogen-derived host modulatory molecule in a clinically relevant bladder disease model, and indicates that IPSE may be an alternative to MESNA for mitigating CHC