Verifying Programs with Dynamic 1-Selector-Linked Structures in Regular Model Checking

We address the problem of automatic verification of programs withdynamic data structures. We consider the case of sequential,non-recursive programs manipulating 1-selector-linked structures suchas traditional linked lists (possibly sharing their tails) and circularlists. We propose an automata-based approach for a symbolicverification of such programs using the regular model checkingframework. Given a program, the configurations of the memory aresystematically encoded as words over a suitable finite alphabet,potentially infinite sets of configurations are represented byfinite-state automata, and statements of the program are automaticallytranslated into finite-state transducers defining regular relationsbetween configurations. Then, abstract regular model checkingtechniques are applied in order to automatically check safetyproperties concerning the shape of the computed configurations orrelating the input and output configurations. For this particularpurpose, we introduce new techniques for the computation ofabstractions of the set of reachable configurations and to refine theseabstractions if spurious counterexamples are detected.  Finally,we present experimental results showing the applicability of theapproach and its efficiency.