202,272 research outputs found
A decidable class of verification conditions for programs with higher order store
Recent years have seen a surge in techniques and tools for automatic and
semi-automatic static checking of imperative heap-manipulating programs. At the
heart of such tools are algorithms for automatic logical reasoning, using heap
description formalisms such as separation logic. In this paper we work towards
extending these static checking techniques to languages with procedures as first
class citizens. To do this, we first identify a class of entailment problems which arise naturally as verification conditions during the static checking of higher order heap-manipulating programs. We then present a decision procedure
for this class and prove its correctness. Entailments in our class combine
simple symbolic heaps, which are descriptions of the heap using a subset of
separation logic, with (limited use of) nested Hoare triples to specify
properties of higher order procedures
On Verifying Complex Properties using Symbolic Shape Analysis
One of the main challenges in the verification of software systems is the
analysis of unbounded data structures with dynamic memory allocation, such as
linked data structures and arrays. We describe Bohne, a new analysis for
verifying data structures. Bohne verifies data structure operations and shows
that 1) the operations preserve data structure invariants and 2) the operations
satisfy their specifications expressed in terms of changes to the set of
objects stored in the data structure. During the analysis, Bohne infers loop
invariants in the form of disjunctions of universally quantified Boolean
combinations of formulas. To synthesize loop invariants of this form, Bohne
uses a combination of decision procedures for Monadic Second-Order Logic over
trees, SMT-LIB decision procedures (currently CVC Lite), and an automated
reasoner within the Isabelle interactive theorem prover. This architecture
shows that synthesized loop invariants can serve as a useful communication
mechanism between different decision procedures. Using Bohne, we have verified
operations on data structures such as linked lists with iterators and back
pointers, trees with and without parent pointers, two-level skip lists, array
data structures, and sorted lists. We have deployed Bohne in the Hob and Jahob
data structure analysis systems, enabling us to combine Bohne with analyses of
data structure clients and apply it in the context of larger programs. This
report describes the Bohne algorithm as well as techniques that Bohne uses to
reduce the ammount of annotations and the running time of the analysis
On bisimulation and model-checking for concurrent systems with partial order semantics
EP/G012962/1In concurrency theory—the branch of (theoretical) computer science that studies the logical
and mathematical foundations of parallel computation—there are two main formal ways of
modelling the behaviour of systems where multiple actions or events can happen independently
and at the same time: either with interleaving or with partial order semantics.
On the one hand, the interleaving semantics approach proposes to reduce concurrency to the
nondeterministic, sequential computation of the events the system can perform independently.
On the other hand, partial order semantics represent concurrency explicitly by means of an
independence relation on the set of events that the system can execute in parallel; following
this approach, the so-called ‘true concurrency’ approach, independence or concurrency is a
primitive notion rather than a derived concept as in the interleaving framework.
Using interleaving or partial order semantics is, however, more than a matter of taste. In
fact, choosing one kind of semantics over the other can have important implications—both
from theoretical and practical viewpoints—as making such a choice can raise different issues,
some of which we investigate here. More specifically, this thesis studies concurrent systems
with partial order semantics and focuses on their bisimulation and model-checking problems;
the theories and techniques herein apply, in a uniform way, to different classes of Petri nets,
event structures, and transition system with independence (TSI) models.
Some results of this work are: a number of mu-calculi (in this case, fixpoint extensions of
modal logic) that, in certain classes of systems, induce exactly the same identifications as some
of the standard bisimulation equivalences used in concurrency. Secondly, the introduction of
(infinite) higher-order logic games for bisimulation and for model-checking, where the players
of the games are given (local) monadic second-order power on the sets of elements they are
allowed to play. And, finally, the formalization of a new order-theoretic concurrent game
model that provides a uniform approach to bisimulation and model-checking and bridges some
mathematical concepts in order theory with the more operational world of games.
In particular, we show that in all cases the logic games for bisimulation and model-checking
developed in this thesis are sound and complete, and therefore, also determined—even when
considering models of infinite state systems; moreover, these logic games are decidable in the
finite case and underpin novel decision procedures for systems verification.
Since the mu-calculi and (infinite) logic games studied here generalise well-known fixpoint
modal logics as well as game-theoretic decision procedures for analysing concurrent systems
with interleaving semantics, this thesis provides some of the groundwork for the design of a
logic-based, game-theoretic framework for studying, in a uniform manner, several concurrent
systems regardless of whether they have an interleaving or a partial order semantics
New results on rewrite-based satisfiability procedures
Program analysis and verification require decision procedures to reason on
theories of data structures. Many problems can be reduced to the satisfiability
of sets of ground literals in theory T. If a sound and complete inference
system for first-order logic is guaranteed to terminate on T-satisfiability
problems, any theorem-proving strategy with that system and a fair search plan
is a T-satisfiability procedure. We prove termination of a rewrite-based
first-order engine on the theories of records, integer offsets, integer offsets
modulo and lists. We give a modularity theorem stating sufficient conditions
for termination on a combinations of theories, given termination on each. The
above theories, as well as others, satisfy these conditions. We introduce
several sets of benchmarks on these theories and their combinations, including
both parametric synthetic benchmarks to test scalability, and real-world
problems to test performances on huge sets of literals. We compare the
rewrite-based theorem prover E with the validity checkers CVC and CVC Lite.
Contrary to the folklore that a general-purpose prover cannot compete with
reasoners with built-in theories, the experiments are overall favorable to the
theorem prover, showing that not only the rewriting approach is elegant and
conceptually simple, but has important practical implications.Comment: To appear in the ACM Transactions on Computational Logic, 49 page
- …