Having said so, typically NULL is represented as all bits set to 0 only. Well, usage of sizeof NULL is allowed but the exact size would depend on platform. If the pointer size of a platform is 4 bytes, the output of the above program would be 4.
But if pointer size on a platform is 8 bytes, the output of the above program would be 8. Skip to content. Change Language. Related Articles. Table of Contents. Improve Article. Save Article. Like Article. The example of a is. Take a step-up from those "Hello World" programs. We define the degree of a clause of the form 1 to be the natural number k, i. The degree of a TA-like monadic Datalog program is the maximal degree of its clauses.
Besides the model-theoretic semantics from section 2. For simplicity, we will define the proof- theoretic semantics only for TA-like monadic Datalog programs P. Let A be an EDB, i. We say that a list of facts q 1 a1 ,. A proof tree T for P w. A is an ordered tree where each node is labeled by a fact. Depending on the situation, we call a node n which is labeled by p a an a-node, a p-node or a p a -node. For each p a -node n in T with k sons n1 ,.
P and A. The proof- resp. Note that for all facts p a , we can w. Here, an atom dll u expresses that u points to a doubly linked list whose last element is pointed by lst; note that lst unlike u is a logical constant.
The corresponding doubly linked circular list can also be defined, as was shown in figure 1. In the last example, general i. Note that all these monadic Datalog programs are TA-like and intersection-free, even if they are appear together in one initial condition provided that the predicate next is renamed to list next, dll next, ring next and gtrees next, respec- tively.
This is done by showing the small model property for these formulas: Every satisfiable formula has a model of size bounded by a function depending only on the formula.
Before we prove this we recall some definitions and lemmas. Finite model property. The proof of the following well-known lemma can be found in [7], for instance. Lemma 4. Corollary 5. Let u and v be variables. A 1-literal resp. In bounded branching structures, we can get a tighter bound on the number of inhabited types. Lemma 6. Pumping Lemma. With the bound, the small model theo- rem follows easily. Lemma 7. The first node on that path, the root of T , is a constant node, i.
Choose such a segment of non-constant nodes which is of maximal length, i. Note that the four elements d, e, d 0 and e0 are pairwise distinct because they are not interpreting constants, and in a proof tree of an intersection-free Datalog program such elements cannot repeat on a path.
The nodes m, n, m0 and n0 are non-constant nodes and there is no constant node between them. The 2-types of the elements d, e and d 0 , e0 coincide, i. The nodes n and n0 are labeled by the same IDB-predicate q.
The node m does not have an e0 -son. We do the same replacement in all proof trees in T at all q e -nodes, i. Call the resulting set of trees T 0. Note that these replacements necessarily happen below p d -nodes because every q e -node is a son of a p d -node.
Below we will check that the new trees in T 0 are valid proof trees, which basically involves checking that the above clause C is satisfied at p d -nodes. Call the updated model B.
The interpretation of the constants does not change, i. That is, B relates d and e0 in the same way than A relates d and e, otherwise the interpretations do not differ. Note that the element e is no longer in B since it does not interpret a constant and has been eliminated from all proof trees.
The latter is case because all q e - nodes have been eliminated, and no tree in T contains any other e-node since P is intersection-free. Also, the element d 0 is no longer in B. To see this, let a0 , a1 ,.
Let r1 ,. We have to show that the new model B satisfies the functionality restriction. Assume that s is a binary predicate. There are two such cases. By construction of B, we have sA d, e and sA d, b. By construction, we have s A e, d and sA e0 , b.
However, since hd, ei and hd0 , e0 i inhabit the same 2-type, we have also s A e0 , d0. Next, we have to show that B satisfies the non-sharing restriction. Assume that s is a binary predicate occurring in P. Potentially there are two such cases, but we will show that each one leads to a contradiction. By construction of B, we have sA d, e and sA b, e0.
Due to non-sharing in A, e0 must interpret a constant, which contradicts n 0 being a non-constant node.
By construction, we have sA e, d and sA b, d. Due to non-sharing in A, d must interpret a constant, which contradicts m being a non-constant node. Now assume that s1 , s2 are two distinct binary predicates occurring in P.
As s1 and s2 are symmetric in the non-sharing restriction, there are two such cases. This contradicts n being a non-constant node. However, since hd, ei 0 0 and hd , e i inhabit the same 2-type, we have also s A 0 0 1 d , e , which 0 due to non-sharing in A implies that e must interpret a constant.
This contradicts n0 being a non-constant node. By construction of B, we have s1 e, d. In any case, d must interpret a constant due to non-sharing in A. This contradicts m being a non-constant node. The first equality holds because A and B agree on the relations between e 0 and constants and between e0 and itself. Finally, we have to show that the new trees in T 0 are in fact valid proof trees proving the query atoms in Q.
Note that the roots of T and T 0 are the same, so if T 0 is a valid proof tree it will prove the same query atom as T. Because A and B only differ in the relations between the elements d and e0 , in order to show that T 0 is a proof tree for P w.
B, it suffices to check those d-nodes in T 0 which have an e0 -son. If T 0 does not contain a d-node there is nothing to check, so assume that T 0 contains a d-node. This implies that T contains a d-node, which is a p d -node because P is intersection-free.
Let q1 a1 ,. As T is a proof tree, the list of facts q1 a1 ,. Hence for showing that T 0 is a valid proof tree, we have to prove that the list of facts q1 a1 ,. It follows that we inherit rjB d, aj from rjA d, aj because A and B agree on the relations between d and aj.
Obviously, the above modifications of the model A and the proof trees in T can be performed as long as there is a proof tree whose depth is greater than 2. This ends the proof of Lemma 7.
Theorem 8. By the lemmas 7 and 6, a satisfiable formula has a model A where the proof trees for the query atoms are bounded by a function singly exponential in the size of the formula, so their size is at most doubly exponential.
By the observation following Lemma 4, the model A can be reduced to a model B consisting only of interpretations of the constants and elements occurring in the proof trees.
The double ex- ponential complexity originates from two sources, the exponential bound on the number of inhabited 2-types and the linear degree of the Datalog program, lead- ing to proof trees of exponential depth and double exponential size. In common situations, however, the complexity of bounded model checking can be improved significantly. Theorem 9. Thus, Lemma 7 yields a polynomial depth bound for proof trees, which implies a singly exponential bound on the size of the models. If the degree of P is 1, the polynomial depth bound implies a polynomial size bound.
Functionality and non-sharing restrictions ensure that all initial conditions in our examples are bounded branching formulas. The models of the initial conditions for lists singly or doubly linked, circular or not and singly linked trees binary or general are all 1-branching, whereas the models of the initial conditions for doubly linked binary trees are 2-branching.
Thus for all these data structures, bounded model checking can be done in NE XP T IME , even if the program manipulates all these data structures simultaneously. Moreover, if a program works on list data structures only then bounded model checking can be done in NPT IME , which is the optimal worst-case complexity for BMC of list manipulating programs.
Dynamically allocated heap memory and properties such as sharing, cyclic- ity, and reachability in the heap have been formalized in various logical languages. Abstraction from possibly unbounded state space to a finite model has been studied in [15, 23, 25].
These approaches use the framework of abstract interpreta- tion to over-approximate the set of reachable states. Stack Overflow for Teams — Collaborate and share knowledge with a private group.
Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Asked 11 years, 3 months ago. Active 1 year ago. Viewed k times. Improve this question. RobertS supports Monica Cellio Bryan Marble Bryan Marble 3, 4 4 gold badges 25 25 silver badges 29 29 bronze badges. Having a consistent style is sometimes more important than which style you pick.
Mark: Consistency is always the most important factor of your style. I don't agree with the statement above that consistency is what matters. This has nothing to do with consistency; not the Good sort anyway.
This is the area where we should let programmers express their own style. If there's a person that doesn't immediately understand either form then they should stop reading code right away and consider a career change.
I'll say more than that: If there's a cosmetics consistency you can't automatically enforce with a script then remove it. The cost of draining human moral is WAY more important than those stupid decisions people make in a meeting.
Show 9 more comments. Active Oldest Votes. Improve this answer. RBerteig RBerteig One important thing to note: until recently, I was in favor of writing "if ptr " instead of "if ptr! But I just found out that comparison raises resp. So if you want to check a pointer, better to do "if ptr! It is always a null pointer constant though.
It can never evaluate to true. The expression! Show 3 more comments. Use it. Add a comment. In C C is a different beast. Deduplicator M2tM M2tM 4, 32 32 silver badges 41 41 bronze badges. You said 0 is preferable, but NULL must be zero.
This is a good point, I neglected to mention it and I'm improving my answer by suggesting it. Show 2 more comments. I use if ptr , but this is completely not worth arguing about. One comment, though: If you plan to recognize the error and not continue executing the function i.
It could work or not. Mark Ransom Mark Ransom k 40 40 gold badges silver badges bronze badges. But I suppose a good naming convention makes this argument moot.
Daniel Hershcovich Daniel Hershcovich 3, 2 2 gold badges 27 27 silver badges 35 35 bronze badges. If the reader is so lost about levels of indirection, I'm not sure he isn't a safety-hazard as a programmer. Peter Mortensen Derek Derek They never use this style themselves.
Settle down, folks. They are obviously less famous as their initials aren't even capitalized. Actually, I use both variants. I know this can lead to the discussion "should a function have only one exit point" Most of the time, you check the pointer, then do what you want and then resolve the error case.
0コメント