3,441 research outputs found
Interacting via the Heap in the Presence of Recursion
Almost all modern imperative programming languages include operations for
dynamically manipulating the heap, for example by allocating and deallocating
objects, and by updating reference fields. In the presence of recursive
procedures and local variables the interactions of a program with the heap can
become rather complex, as an unbounded number of objects can be allocated
either on the call stack using local variables, or, anonymously, on the heap
using reference fields. As such a static analysis is, in general, undecidable.
In this paper we study the verification of recursive programs with unbounded
allocation of objects, in a simple imperative language for heap manipulation.
We present an improved semantics for this language, using an abstraction that
is precise. For any program with a bounded visible heap, meaning that the
number of objects reachable from variables at any point of execution is
bounded, this abstraction is a finitary representation of its behaviour, even
though an unbounded number of objects can appear in the state. As a
consequence, for such programs model checking is decidable.
Finally we introduce a specification language for temporal properties of the
heap, and discuss model checking these properties against heap-manipulating
programs.Comment: In Proceedings ICE 2012, arXiv:1212.345
Explicit Model Checking of Very Large MDP using Partitioning and Secondary Storage
The applicability of model checking is hindered by the state space explosion
problem in combination with limited amounts of main memory. To extend its
reach, the large available capacities of secondary storage such as hard disks
can be exploited. Due to the specific performance characteristics of secondary
storage technologies, specialised algorithms are required. In this paper, we
present a technique to use secondary storage for probabilistic model checking
of Markov decision processes. It combines state space exploration based on
partitioning with a block-iterative variant of value iteration over the same
partitions for the analysis of probabilistic reachability and expected-reward
properties. A sparse matrix-like representation is used to store partitions on
secondary storage in a compact format. All file accesses are sequential, and
compression can be used without affecting runtime. The technique has been
implemented within the Modest Toolset. We evaluate its performance on several
benchmark models of up to 3.5 billion states. In the analysis of time-bounded
properties on real-time models, our method neutralises the state space
explosion induced by the time bound in its entirety.Comment: The final publication is available at Springer via
http://dx.doi.org/10.1007/978-3-319-24953-7_1
Safety Verification of Phaser Programs
We address the problem of statically checking control state reachability (as
in possibility of assertion violations, race conditions or runtime errors) and
plain reachability (as in deadlock-freedom) of phaser programs. Phasers are a
modern non-trivial synchronization construct that supports dynamic parallelism
with runtime registration and deregistration of spawned tasks. They allow for
collective and point-to-point synchronizations. For instance, phasers can
enforce barriers or producer-consumer synchronization schemes among all or
subsets of the running tasks. Implementations %of these recent and dynamic
synchronization are found in modern languages such as X10 or Habanero Java.
Phasers essentially associate phases to individual tasks and use their runtime
values to restrict possible concurrent executions. Unbounded phases may result
in infinite transition systems even in the case of programs only creating
finite numbers of tasks and phasers. We introduce an exact gap-order based
procedure that always terminates when checking control reachability for
programs generating bounded numbers of coexisting tasks and phasers. We also
show verifying plain reachability is undecidable even for programs generating
few tasks and phasers. We then explain how to turn our procedure into a sound
analysis for checking plain reachability (including deadlock freedom). We
report on preliminary experiments with our open source tool
Validating specifications of dynamic systems using automated reasoning techniques
In this paper, we propose a new approach to validating formal specifications of observable behavior of discrete dynamic systems. By observable behavior we mean system behavior as observed by users or other systems in the environment of the system. Validation of a formal specification of an informal domain tries to answer the question whether the specification actually describes the intended domain. This differs from the verification problem, which deals with the correspondence between formal objects, e.g. between a formal specification of a system and an implementation of it. We consider formal specifications of object-oriented dynamic systems that are subject to static and dynamic integrity constraints. To validate that such a specification expresses the intended behavior, we propose to use a tool that can answer reachability queries. In a reachability query we ask whether the system can evolve from one state into another without violating the integrity constraints. If the query is answered positively, the system should exhibit an example path between the states; if the answer is negative, the system should explain why this is so. An example path produced by the tool can be used to produce scenarios for presentations of system behavior, but can also be used as a basis for acceptance testing. In this paper, we discuss the use of planning and theoremproving techniques to answer such queries, and illustrate the use of reachability queries in the context of information system development
Reachability Analysis of Time Basic Petri Nets: a Time Coverage Approach
We introduce a technique for reachability analysis of Time-Basic (TB) Petri
nets, a powerful formalism for real- time systems where time constraints are
expressed as intervals, representing possible transition firing times, whose
bounds are functions of marking's time description. The technique consists of
building a symbolic reachability graph relying on a sort of time coverage, and
overcomes the limitations of the only available analyzer for TB nets, based in
turn on a time-bounded inspection of a (possibly infinite) reachability-tree.
The graph construction algorithm has been automated by a tool-set, briefly
described in the paper together with its main functionality and analysis
capability. A running example is used throughout the paper to sketch the
symbolic graph construction. A use case describing a small real system - that
the running example is an excerpt from - has been employed to benchmark the
technique and the tool-set. The main outcome of this test are also presented in
the paper. Ongoing work, in the perspective of integrating with a
model-checking engine, is shortly discussed.Comment: 8 pages, submitted to conference for publicatio
The Complexity of Model Checking Higher-Order Fixpoint Logic
Higher-Order Fixpoint Logic (HFL) is a hybrid of the simply typed
\lambda-calculus and the modal \lambda-calculus. This makes it a highly
expressive temporal logic that is capable of expressing various interesting
correctness properties of programs that are not expressible in the modal
\lambda-calculus.
This paper provides complexity results for its model checking problem. In
particular we consider those fragments of HFL built by using only types of
bounded order k and arity m. We establish k-fold exponential time completeness
for model checking each such fragment. For the upper bound we use fixpoint
elimination to obtain reachability games that are singly-exponential in the
size of the formula and k-fold exponential in the size of the underlying
transition system. These games can be solved in deterministic linear time. As a
simple consequence, we obtain an exponential time upper bound on the expression
complexity of each such fragment.
The lower bound is established by a reduction from the word problem for
alternating (k-1)-fold exponential space bounded Turing Machines. Since there
are fixed machines of that type whose word problems are already hard with
respect to k-fold exponential time, we obtain, as a corollary, k-fold
exponential time completeness for the data complexity of our fragments of HFL,
provided m exceeds 3. This also yields a hierarchy result in expressive power.Comment: 33 pages, 2 figures, to be published in Logical Methods in Computer
Scienc
- …