9 research outputs found
The Complexity of Reachability in Affine Vector Addition Systems with States
Vector addition systems with states (VASS) are widely used for the formal
verification of concurrent systems. Given their tremendous computational
complexity, practical approaches have relied on techniques such as reachability
relaxations, e.g., allowing for negative intermediate counter values. It is
natural to question their feasibility for VASS enriched with primitives that
typically translate into undecidability. Spurred by this concern, we pinpoint
the complexity of integer relaxations with respect to arbitrary classes of
affine operations.
More specifically, we provide a trichotomy on the complexity of integer
reachability in VASS extended with affine operations (affine VASS). Namely, we
show that it is NP-complete for VASS with resets, PSPACE-complete for VASS with
(pseudo-)transfers and VASS with (pseudo-)copies, and undecidable for any other
class. We further present a dichotomy for standard reachability in affine VASS:
it is decidable for VASS with permutations, and undecidable for any other
class. This yields a complete and unified complexity landscape of reachability
in affine VASS. We also consider the reachability problem parameterized by a
fixed affine VASS, rather than a class, and we show that the complexity
landscape is arbitrary in this setting
Solvable Polynomial Ideals: The Ideal Reflection for Program Analysis
This paper presents a program analysis method that generates program
summaries involving polynomial arithmetic. Our approach builds on prior
techniques that use solvable polynomial maps for summarizing loops. These
techniques are able to generate all polynomial invariants for a restricted
class of programs, but cannot be applied to programs outside of this class --
for instance, programs with nested loops, conditional branching, unstructured
control flow, etc. There currently lacks approaches to apply these prior
methods to the case of general programs. This paper bridges that gap. Instead
of restricting the kinds of programs we can handle, our method abstracts every
loop into a model that can be solved with prior techniques, bringing to bear
prior work on solvable polynomial maps to general programs. While no method can
generate all polynomial invariants for arbitrary programs, our method
establishes its merit through a monotonicty result. We have implemented our
techniques, and tested them on a suite of benchmarks from the literature. Our
experiments indicate our techniques show promise on challenging verification
tasks requiring non-linear reasoning.Comment: Long version of an article to appear at the 51st ACM SIGPLAN
Symposium on Principles of Programming Languages (POPL 2024). This version is
a replacement of an earlier long version where typos have been fixed, DOI's
have been added to references when able, and a data availability statement
has been adde
Mapping programs to equations
Extracting the function of a program from a static analysis of its source code is a valuable capability in software engineering; at a time when there is increasing talk of using AI (Artificial Intelligence) to generate software from natural language specifications, it becomes increasingly important to determine the exact function of software as written, to figure out what AI has understood the natural language specification to mean. For all its criticality, the ability to derive the domain-to-range function of a program has proved to be an elusive goal, due primarily to the difficulty of deriving the function of iterative statements. Several automated tools obviate this difficulty by unrolling the loops; but this is clearly an imperfect solution, especially in light of the fact that loops capture most of the computing power of a program, are the locus of most of its complexity, and the source of most of its faults. This dissertation investigates a three-step process to map a program written in a C-like language into a function from inputs to outputs, or from initial states to final states. The semantics of iterative statements are captured (while loops, repeat loops, for loops), including nested iterative statements, by means of the concept of invariant relation; an invariant relation is a reflexive transitive relation that links program states separated by an arbitrary number of iterations.
But the function derived for large and complex programs may be too unwieldy to be useful, not unlike drinking from a fire hose. In order to enable the user to query the program at scale, four functions are proposed. We propose four functions: Assume(), which enables the user to make assumptions about program states or program parts; Capture(), which enables the user to capture the state of the program at some label of the function of some program part; Verify(), which enables the user to verify a unary assertion about the state of the program at some label, or a binary assertion about a program part; and Establish(), which is envisioned to use program repair techniques to modify the program so as to make a Verify() query return true
Computer Aided Verification
The open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency
Computer Aided Verification
The open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency
Recommended from our members
Loop Summarization with Rational Vector Addition Systems
This paper presents a technique for computing numerical loop summaries. The method synthesizes a rational vector addition system with resets ( â„š -VASR) that simulates the action of an input loop, and then uses the reachability relation of that â„š -VASR to over-approximate the behavior of the loop. The key technical problem solved in this paper is to automatically synthesize a â„š -VASR that is a best abstraction of a given loop in the sense that (1) it simulates the loop and (2) it is simulated by any other â„š -VASR that simulates the loop. Since our loop summarization scheme is based on computing the exact reachability relation of a best abstraction of a loop, we can make theoretical guarantees about its behavior. Moreover, we show experimentally that the technique is precise and performant in practice
Computer Aided Verification
This open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency