J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conference on Programming Languages Design and Implementation, 1997.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....language. Unlike some of the applications to verification reported in [HJJ [BK95] which are essentially deductive in nature, we use similar tools for symbolic model checking. Although mona has also been used for automatic verification, for example of pointer programs with linear linked lists [JJKS97] such programs are not parametric. Acceleration There are several results on algorithmic verification of parameterized systems [SG92, AJ98, CGJ95] In most of these works the transitions are guarded by local conditions involving the local states of a fixed (unparameterized) number of ....

Jacob L. Jensen, Michael E. Joergensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In PLDI '97, 1997.

....the algorithm described in [5] since it avoids the cost of transitive closure. It also compares favorably with verification systems aimed at showing memory cleanness since it does not require loop invariants. Interestingly, SG R runs significantly faster than the verification system described in [13] on the programs we tried. For example, on the procedure swap shown in Fig. 1(c) the SG R algorithm runs in less than 0.01 seconds as opposed to 21. program description search.c searches for an element in a linked list null deref.c searches a linked list but with a typical error of not ....

....rotate.c performs a cyclic rotation when given pointers to the first and last elements swap.c swaps the first and second elements of a list, fails when the list is 1 element long (see Fig. 1) Table 1. Description of the analyzed programs. Some of these interesting programs are from LCLint [7] [13] and from first year students. They are all in the format shown in Fig. 1 and available at http: www.math.tau.ac.il nurr. We use two of the well known pointer analysis techniques to check cleanness and compare their cost and effectiveness to our new algorithm. The first technique is ....

[Article contains additional citation context not shown here]

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conf. on Prog. Lang. Design and Impl., 1997.

....algorithm, such as the flow insensitive points to analysis described in [27] before proceeding to our quite precise but expensive analysis. We will also look into reducing the storage requirements of our method by representing the predicate tables with BDDs [2] Verification systems such as [16] have an advantage over our method because they compute weakest preconditions. Information is propagated backwards, which may lead to a significant storage savings; however, as noted in the Introduction, verification systems require that loop invariants be supplied by the user. For erroneous ....

....however, as noted in the Introduction, verification systems require that loop invariants be supplied by the user. For erroneous programs, verification systems that use weakest preconditions can also produce counterexamples, which provides useful feedback to the programmer. However, the system in [16] cannot be used to establish the correctness of sorting algorithms, and is significantly slower than TVLA, even for proving memory cleanness properties. One possible explanation is that propagating formulae is more expensive than propagating structures. It is conceivable that our method could be ....

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conf. on Prog. Lang. Design and Impl., 1997.

....the capabilities of bounded structures [Deutsch 1992; 1994] 7. 2 The Use of Logic for Pointer Analysis Jensen et al. defined a decidable logic for describing properties of linked data structures, and showed how it could be used to verify properties of programs written in a subset of Pascal [Jensen et al. 1997]. Because of the methods on which their decision procedure is based, the logic is limited to the case of linked lists in which no sharing of common tails occurs. Known theoretical results imply that the work can be extended to handle programs that manipulate unshared trees. The method that has ....

....and Le Metayer are, in their present stage of development, mainly useful as a documentation notation for type definitions, function arguments, and function return values. In contrast, a decision precedure for Hoare triples over loop free code (without arithmetic) is known for the store logic of [Jensen et al. 1997]. Consequently, the work of [Jensen et al. 1997] can be used for verifying programs that contain loops when each loop is annotated with a loop invariant. The instantiations of our parametric shape analysis framework address yet another problem that of inferring shape annotations from a program ....

[Article contains additional citation context not shown here]

Jensen, J., Joergensen, M., N.Klarlund, and Schwartzbach., M. 1997. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conf. on Prog. Lang.

....of pre and post conditions from the programmer. The tool uses program verification to find violations of certain cleanness conditions, such as dereferencing NULL and array bound violations. The tool was originally designed for Modula3 and is currently being developed for Java. The algorithm of [30] is able to verify not only that a program is clean but also to show that it is correct with respect to a given partial specification. However, it depends on user provided loop invariants, it is applicable only to a subset of Pascal, and its complexity is non elementary, i.e. 2 2 2 Delta ....

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conference on Programming Languages Design and Implementation, 1997.

....we erroneously changed the loop header to check that c (instead of elem) is not NULL. As a result, if the value to be deleted does not exist in the linked list, the loop will not terminate correctly, yielding a dereference to the unallocated variable elem at statement s 2 . that The algorithm of [JJNS97] is able to verify not only that programs are clean but also to show that they are correct with respect to a given partial specification. However, it depends on user provided loop invariants, it is applicable to a subset of Pascal only, and its complexity is rather high. Fradet, Gaugne, and Le ....

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conference on Programming Languages Design and Implementation, 1997.

....two pointer variables will point to the same place (i.e. be aliases) 3] For a general overview of related undecidable and NP hard problems, see [4] 2 Definitions and the main result Comment. Our formal description of pointer data types is somewhat similar, e.g. to the formalism proposed in [2]. Definition 1. By a record type t, we mean a finite sequence t 1 : t F in which each t i is either a symbol d, or a symbol p. The total number F of elements in this sequence is called a number of fields. ffl If t i = d, we say that i th field is a data field. ffl If t i = p, we say that ....

J. L. Jensen, M. E. Jorgensen, N. Klarlund, and M. I. Schwartzbach, "Automatic verification of pointer programs using monadic second-order logic", ACM SIGPLAN Notices, 1997, Vol. 32, No. 5, pp. 226--234.

.... including static shape graphs [14, 15, 17, 12, 3, 23, 1, 19, 27, 21, 20, 22] path matrices [9, 11] graph types [16] and the ADDS annotation formalism [10] and several previously known formalisms have been exploited including graph grammars [6] and monadic second order logic [13]. For lack of a better term, we will use the phrase structure description formalisms to refer to such formalisms in a generic sense. In this paper, we define a new logic (called L r , for logic of reachability expressions ) and show that L r is suitable for describing properties of linked data ....

....to by c, we first reach a cell pointed to by prev and then the cell pointed to by elem. Remark. The routing expressions that we allow in path matrices are more general than the ones allowed in [9, 11] in the following way: We allow arbitrary alternations and not just carjcdr. We follow [13] in allowing pointer variable interrogations (e.g. prev, prev) in routing expressions. This comes in handy in cases where several paths depend on each other (cf. the pm[c; elem] entry in path matrix (7) The use of a less general language of routing expressions in [9, 11] was motivated by the ....

[Article contains additional citation context not shown here]

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conf. on Prog. Lang. Design and Impl., 1997.

....variables and projection. Additional call nodes with the same signature can then reuse the separately compiled automaton. Call nodes act as leaves with respect to DAGification. 4 Experimental results We have run a Mona formula, reverse, of size 50KB (an automatically generated formula from [3]) through our old Mona (using optimizations) and our new WS1S version with and without DAGification (# = 200) We also did the experiment on reverse2, a version of the formula where all defined predicates were replaced by macros. And, we have run a comparison on a formula representing a ....

J.L. Jensen, M.E. Jrgensen, N. Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN '97 Conference on Programming Language Design and Implementation,, pages 226--234. SIGPLAN, 1997.

....table. The niche for Mona applications contains those structures that are too large and complicated to describe by other means, yet not so large as to require infeasible computations. Happily, many interesting projects fit into this niche, including hardware verification [4, 1] pointer analysis [22, 16, 38], controller synthesis [44, 21] natural languages [39] parsing tools [13] software design descriptions [28] Presburger arithmetic [45] and verification of concurrent systems [31, 30, 23, 42, 46] There are a number of tools resembling Mona. Independent of the Mona project, the first ....

....translated to Mona code [42] Provided by Paritosh Pandya. html3 grammar.mona a tree logic encoding of the HTML 3.0 grammar annotated with 10 parse tree formulas [13] Provided by Niels Damgaard. reverse linear.mona verifies correctness of a C program reversing a pointer linked list [22]. search tree.mona verifies correctness of a C program deleting a node from a search tree [16] sliding window.mona verifies correctness of a sliding window network protocol [46] Provided by Mark Smith. szymanski acc.mona validation of the parameterized Szymanski problem using an ....

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In PLDI '97, 1997.

....to Horn clauses; but it is not a Turing complete language. 4 Applications We mention here two applications, where other symbolic methods are unlikely to be as efficient as the use of automata based reasoning. Decidable program logic for pointers In our first application, taken from [14], we indicate how Fido can be used as an assertional formalism about pointers and linked lists in programming languages. To us, a typical store looks like: x y z p List variables Pointer variable Free nodes Here, x,y, and z are list variables that denote linked lists, and p is a pointer ....

J.L. Jensen, M.E. Jrgensen, N. Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN '97 Conference on Programming Language Design and Implementation,, pages 226--

....full behavior of the program is not considered, and as heavyweight type checking, since properties well beyond the expressiveness of standard type systems can be checked. We have reported on our approach in two earlier works. In the first we introduce the basic technique applied to linear lists [24]. In the second we provide a generalization to tree shaped data structures and introduce a new encoding to make the analysis feasible [14] The current paper takes a leap forward in generalizing the class of data structures that can be considered, without sacrificing precision or e#ciency. Our new ....

....endless customized versions such as trees in which all leaves are linked in a cyclic list. Our framework is also designed to handle the common situation where a data structure invariant must be temporarily violated at some program points. Our contributions are: An extension of the results in [24, 14] to the whole class of graph types; 1 . a language for expressing data structures and operations along with correctness specifications; a full implementation exploiting intricate parts of the MONA tool to obtain an e#cient decision procedure, together with a range of non trivial examples. ....

[Article contains additional citation context not shown here]

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In Programming Language Design and Implementation, PLDI'97, 1997.

....[OR00] Properties expressible within WS1S can then be verified without user interaction. ISABELLE The combination of WS1S and higher order logic has been investigated using MONA as a WS1S oracle in the ISABELLE system [BF00a] 6 MONA 1.4 1. 3 Concepts and algorithms Program verification In [JJKS97] the MONA logic is used to encode the e#ect of executing loop free code with pointer operations on list shaped structures. The approach is based on [KS94] which employs transductions (a form of predicate transformation expressible by an automaton) and is extended to code containing loops using ....

Jakob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic secondorder logic. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI'97, 1997.

....full behavior of the program is not considered, and as heavyweight type checking, since properties well beyond the expressiveness of standard type systems can be checked. We have reported on our approach in two earlier works. In the first we introduce the basic technique applied to linear lists [25]. In the second we provide a generalization to tree shaped data structures and introduce a new encoding to make the analysis feasible [14] The current paper takes a leap forward in generalizing the class of data structures that can be considered, without sacrificing precision or e#ciency. Our new ....

....endless customized versions such as trees in which all leaves are linked in a cyclic list. Our framework is also designed to handle the common situation where a data structure invariant must be temporarily violated at some program points. Our contributions are: An extension of the results in [25, 14] to the whole class of graph types; a language for expressing data structures and operations along with correctness specifications; an full implementation exploiting intricate parts of the MONA tool to obtain an e#cient decision procedure, together with a range of non trivial examples. To ....

[Article contains additional citation context not shown here]

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In PLDI '97, 1997.

....behavior as formulas and then appeal to general theorem provers. All three approaches lead to tools that are either incomplete or unsound (or both) even for straight line code. In practice, this may be perfectly acceptable if a significant number of real errors are caught. In previous work [11], we suggest a di#erent balance point by using a less expressive program logic for which Hoare triples on loop free code is decidable when integer arithmetic is ignored. That work is restricted by allowing only a while language working on linear lists. In the present paper we extend our approach ....

....analyzing the first triple is used when analyzing the second. 3 Deciding Hoare Triples The generated Hoare triples and logical implications both the formula parts and the program parts can be encoded in the logic WS2S which is known to be decidable. This encoding method follows directly from [11] by generalizing from list structures to tree structures in the style of [16] The MONA tool provides an implementation of a decision procedure for WS2S, so in principle making a decision procedure for the present language requires no new ideas. As we show in the following, this method will ....

[Article contains additional citation context not shown here]

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic secondorder logic. In PLDI '97, 1997.

....table. The niche for Mona applications contains those structures that are too large and complicated to describe by other means, yet not so large as to require infeasible computations. Happily, many interesting projects fit into this niche, including hardware verification [2, 3] pointer analysis [16, 12], controller synthesis [25, 15] natural languages [23] parsing tools [10] Presburger arithmetic [26] and verification of concurrent systems [17, 1, 24, 27] 2 MONA, WS1S, and WS2S The first versions of Mona were based on a logic about finite strings, the monadic second order logic M2L(Str) ....

....translated to Mona code [24] Provided by Paritosh Pandya. html3 grammar.mona a tree logic encoding of the HTML 3.0 grammar annotated with 10 parse tree formulas [10] Provided by Niels Damgaard. reverse linear.mona verifies correctness of a C program reversing a pointer linked list [16]. search tree.mona verifies correctness of a C program deleting a node from a search tree [12] sliding window.mona verifies correctness of a sliding window network protocol [27] Provided by Mark Smith. szymanski acc.mona validation of the parameterized Szymanski problem using an ....

J.L. Jensen, M.E. Jrgensen, N. Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN '97 Conference on Programming Language Design and Implementation, , pages 226--234, 1997.

....behavior as formulas and then appeal to general theorem provers. All three approaches lead to tools that are either incomplete or unsound (or both) even for straight line code. In practice, this may be perfectly acceptable if a significant number of real errors are caught. In previous work [10], we suggest a di#erent balance point by using a less expressive program logic for which Hoare triples on loop free code is decidable when integer arithmetic is ignored. That work is restricted by allowing only a while language working on linear lists. In the present paper we extend our approach ....

....analyzing the first triple is used when analyzing the second. 3 Deciding Hoare Triples The generated Hoare triples and logical implications both the formula parts and the program parts can be encoded in the logic WS2S which is known to be decidable. This encoding method follows directly from [10] by generalizing from list structures to tree structures in the style of [15] The MONA tool provides an implementation of a decision procedure for WS2S, so in principle making a decision procedure for the present language requires no new ideas. As we show in the following, this method will ....

[Article contains additional citation context not shown here]

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In PLDI '97, 1997.

....by identifying an inherent regularity in the problem domain, thus reducing the problem to questions of regular string or tree languages. Successful applications today include verification of concurrent systems [9, 8] hardware verification [2] software engineering [10] and pointer verification [7]. Work in progress involves a graphical user interface for regular expressions extended with M2L and document logics for the WWW. The role of M2L in this approach is to provide an extraordinarily succinct notation for complicated regular sets. Our applications have demonstrated that this notation ....

....j RpcRet j Tau; type Comp = Event(next: Comp) j Empty; The property to be verified requires 12 pages of FIDO specification which translates into an M2L formula of size 500,000 characters. An entirely different use of FIDO allows us to verify many properties of PASCAL programs that use pointers [7]. By encoding a store as a string and using FIDO formulas to describe the effects of program statements, we can automatically verify some desirable properties. An example is the following program, which performs an in situ reversal of a linked list with colored elements: program reverse; type ....

J.L. Jensen, M.E. Jrgensen, N. Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In Proceedings of PLDI'97, 1997.

No context found.

J.L. Jensen, M.E. Joergensen, N.Klarlund, and M.I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In SIGPLAN Conference on Programming Languages Design and Implementation, 1997.

No context found.

J. L. Jensen, M. E. Jrgensen, N. Klarlund, and M. I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

J. Jensen, M. Jrgensen, M. Schwartzbach and N. Klarlund. Automatic verification of pointer programs using monadic second-order logic. In: PLDI, pp. 226--236. ACM Press, 1997.

No context found.

J. L. Jensen, M. E. Jrgensen, N. Klarlund, and M. I. Schwartzbach. Automatic verification of pointer programs using monadic second-order logic. In Conf. on Programming Language Design and Implementation (PLDI), pages 226--236, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jensen, J. L., M. E. Jrgensen, N. Klarlund and M. I. Schwartzbach, Automatic verification of pointer programs using monadic second order logic, in: Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

J. Jensen, M. Jrgensen, M. Schwartzbach and N. Klarlund. Automatic verification of pointer programs using monadic second-order logic. In: PLDI, pp. 226--236. ACM Press, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997. 6.4

No context found.

J. L. Jensen, M. E. Jrgensen, and N. Klarlund, M. I. Schwartzbach, "Automatic Verification of Pointer Programs using Monadic Second-Order Logic", SIGPLAN Conference on Programming Language Design and Implementation (PLDI 97), June 1997, pp. 226-234.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

Jacob L. Jensen, Michael E. Joergensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic secondorder logic. In PLDI '97, 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

No context found.

J. L. JENSEN, M. E. JRGENSEN, N. KLARLUND, AND M. I. SCHWARTZBACH, Automatic verification of pointer programs using monadic second-order logic, in Proc. ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '97, June 1997.

No context found.

Jacob L. Jensen, Michael E. Jrgensen, Nils Klarlund, and Michael I. Schwartzbach. Automatic verification of pointer programs using monadic second order logic. In Proc. ACM PLDI, Las Vegas, NV, 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC