The software toolchain includes static analyzers to check assertions about programs;
optimizing compilers to translate programs to machine language; operating systems and …

This paper describes a compositional shape analysis, where each procedure is analyzed
independently of its callers. The analysis uses an abstract domain based on a restricted …

Today's shared-memory parallel programming models are complex and error-prone. While
many parallel programs are intended to be deterministic, unanticipated thread interleavings …

Pointer safety faults in device drivers are one of the leading causes of crashes in operating
systems code. In principle, shape analysis tools can be used to prove the absence of this …

We propose a shape analysis that adapts to some of the complex composite data structures
found in industrial systems-level programs. Examples of such data structures include “cyclic …

We define (with machine-checked proofs in Coq) a modular operational semantics for
Concurrent C minor—a language with shared memory, spawnable threads, and first-class …

We present a resource oriented program logic that is able to reason about concurrent heap-
manipulating programs with unbounded numbers of dynamically-allocated locks and …

Device drivers rely on fine-grained locking to ensure safe access to shared data structures.
For human testers, concurrency makes such code notoriously hard to debug; for automated …

Concurrent Separation Logic (CSL) was originally advanced in papers of the authors
published in Theoretical Computer Science for John Reynolds's 70th Birthday Festschrift …

Incorrectness separation logic (ISL) was recently introduced as a theory of under-
approximate reasoning, with the goal of proving that compositional bug catchers find actual …