Results 1  10
of
63
Types and HigherOrder Recursion Schemes for Verification of HigherOrder Programs
, 2009
"... We propose a new verification method for temporal properties of higherorder functional programs, which takes advantage of Ong’s recent result on the decidability of the modelchecking problem for higherorder recursion schemes (HORS’s). A program is transformed to an HORS that generates a tree repr ..."
Abstract

Cited by 63 (14 self)
 Add to MetaCart
We propose a new verification method for temporal properties of higherorder functional programs, which takes advantage of Ong’s recent result on the decidability of the modelchecking problem for higherorder recursion schemes (HORS’s). A program is transformed to an HORS that generates a tree representing all the possible event sequences of the program, and then the HORS is modelchecked. Unlike most of the previous methods for verification of higherorder programs, our verification method is sound and complete. Moreover, this new verification framework allows a smooth integration of abstract model checking techniques into verification of higherorder programs. We also present a typebased verification algorithm for HORS’s. The algorithm can deal with only a fragment of the properties expressed by modal μcalculus, but the algorithm and its correctness proof are (arguably) much simpler than those of Ong’s gamesemanticsbased algorithm. Moreover, while the HORS model checking problem is nEXPTIME in general, our algorithm is linear in the size of HORS, under the assumption that the sizes of types and specifications are bounded by a constant.
Collapsible Pushdown Automata and Recursion Schemes
 23RD ANNUAL IEEE SYMPOSIUM ON LOGIC IN COMPUTER SCIENCE
, 2008
"... Collapsible pushdown automata (CPDA) are a new kind of higherorder pushdown automata in which every symbol in the stack has a link to a stack situated somewhere below it. In addition to the higherorder stack operations push i and pop i, CPDA have an important operation called collapse, whose effec ..."
Abstract

Cited by 54 (17 self)
 Add to MetaCart
Collapsible pushdown automata (CPDA) are a new kind of higherorder pushdown automata in which every symbol in the stack has a link to a stack situated somewhere below it. In addition to the higherorder stack operations push i and pop i, CPDA have an important operation called collapse, whose effect is to “collapse ” a stack s to the prefix as indicated by the link from the topmost symbol of s. Our first result is that CPDA are equiexpressive with recursion schemes as generators of (possibly infinite) ranked trees. In one direction, we give a simple algorithm that transforms an ordern CPDA to an ordern recursion scheme that generates the same tree, uniformly for all n ≥ 0. In the other direction, using ideas from game semantics, we give an effective transformation of ordern recursion schemes (not assumed
A robust class of contextsensitive languages
 In LICS
, 2007
"... We define a new class of languages defined by multistack automata that forms a robust subclass of contextsensitive languages, with decidable emptiness and closure under boolean operations. This class, called multistack visibly pushdown languages (MVPLs), is defined using multistack pushdown auto ..."
Abstract

Cited by 43 (7 self)
 Add to MetaCart
(Show Context)
We define a new class of languages defined by multistack automata that forms a robust subclass of contextsensitive languages, with decidable emptiness and closure under boolean operations. This class, called multistack visibly pushdown languages (MVPLs), is defined using multistack pushdown automata with two restrictions: (a) the pushdown automaton is visible, i.e. the input letter determines the operation on the stacks, and (b) any computation of the machine can be split into�stages, where in each stage, there is at most one stack that is popped. MVPLs are an extension of visibly pushdown languages that captures noncontext free behaviors, and has applications in analyzing abstractions of multithreaded recursive programs, significantly enlarging the search space that can be explored for them. We show that MVPLs are closed under boolean operations, and problems such as emptiness and inclusion are decidable. We characterize MVPLs using monadic secondorder logic over appropriate structures, and exhibit a Parikh theorem for them. 1.
A type system equivalent to the modal mucalculus model checking of higherorder recursion schemes
 IN: PROCEEDINGS OF LICS
, 2009
"... The model checking of higherorder recursion schemes has important applications in the verification of higherorder programs. Ong has previously shown that the modal mucalculus model checking of trees generated by ordern recursion scheme is nEXPTIME complete, but his algorithm and its correctness ..."
Abstract

Cited by 41 (12 self)
 Add to MetaCart
The model checking of higherorder recursion schemes has important applications in the verification of higherorder programs. Ong has previously shown that the modal mucalculus model checking of trees generated by ordern recursion scheme is nEXPTIME complete, but his algorithm and its correctness proof were rather complex. We give an alternative, typebased verification method: Given a modal mucalculus formula, we can construct a type system in which a recursion scheme is typable if, and only if, the (possibly infinite, ranked) tree generated by the scheme satisfies the formula. The model checking problem is thus reduced to a type checking problem. Our typebased approach yields a simple verification algorithm, and its correctness proof (constructed without recourse to game semantics) is comparatively easy to understand. Furthermore, the algorithm is polynomialtime in the size of the recursion scheme, assuming that the formula and the largest order and arity of nonterminals of the recursion scheme are fixed.
ModelChecking HigherOrder Functions
, 2009
"... We propose a novel typebased model checking algorithm for higherorder recursion schemes. As shown by Kobayashi, verification problems of higherorder functional programs can easily be translated into model checking problems of recursion schemes. Thus, the model checking algorithm serves as a basis ..."
Abstract

Cited by 28 (13 self)
 Add to MetaCart
We propose a novel typebased model checking algorithm for higherorder recursion schemes. As shown by Kobayashi, verification problems of higherorder functional programs can easily be translated into model checking problems of recursion schemes. Thus, the model checking algorithm serves as a basis for verification of higherorder functional programs. To our knowledge, this is the first practical algorithm for model checking recursion schemes: all the previous algorithms always suffer from the nEXPTIME bottleneck, not only in the worst case, and there was no implementation of the algorithms. We have implemented a model checker for recursion schemes based on the proposed algorithm, and applied it to verification of functional programs, including reachability, flow analysis and resource usage verification problems. According to our experiments, the model checker is surprisingly fast: it could automatically verify a number of small but tricky higherorder functional programs in less than a second.
HigherOrder MultiParameter Tree Transducers . . .
, 2010
"... We introduce higherorder, multiparameter, tree transducers (HMTTs, for short), which are kinds of higherorder tree transducers that take input trees and output a (possibly infinite) tree. We study the problem of checking whether the tree generated by a given HMTT conforms to a given output specif ..."
Abstract

Cited by 26 (10 self)
 Add to MetaCart
We introduce higherorder, multiparameter, tree transducers (HMTTs, for short), which are kinds of higherorder tree transducers that take input trees and output a (possibly infinite) tree. We study the problem of checking whether the tree generated by a given HMTT conforms to a given output specification, provided that the input trees conform to input specifications (where both input/output specifications are regular tree languages). HMTTs subsume higherorder recursion schemes and ordinary tree transducers, so that their verification has a number of potential applications to verification of functional programs using recursive data structures, including resource usage verification, string analysis, and exact typechecking of XMLprocessing programs. We propose a sound but incomplete verification algorithm for the HMTT verification problem: the algorithm reduces the verification problem to a modelchecking problem for higherorder recursion schemes extended with finite data domains, and then uses (an extension of) Kobayashi’s algorithm for modelchecking recursion schemes. While the algorithm is incomplete (indeed, as we show in the paper, the verification problem is undecidable in general), it is sound and complete for a subclass of HMTTs called linear HMTTs. We have applied our HMTT verification algorithm to various program verification problems and obtained promising results.
A finite semantics of simplytyped lambda terms for infinite runs of automata
 Procedings of the 20th international Workshop on Computer Science Logic (CSL ’06), volume 4207 of Lecture Notes in Computer Science
, 2006
"... Vol. 3 (3:1) 2007, pp. 1–23 ..."
(Show Context)
Symbolic backwardsreachability analysis for higherorder pushdown systems
 IN FOSSACS
, 2007
"... Higherorder pushdown systems (PDSs) generalise pushdown systems through the use of higherorder stacks; that is, a nested “stack of stacks ” structure. These systems may be used to model higherorder programs and are closely related to the Caucal hierarchy of infinite graphs and safe higherorder ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
(Show Context)
Higherorder pushdown systems (PDSs) generalise pushdown systems through the use of higherorder stacks; that is, a nested “stack of stacks ” structure. These systems may be used to model higherorder programs and are closely related to the Caucal hierarchy of infinite graphs and safe higherorder recursion schemes. We generalise higherorder PDSs to higherorder Alternating PDSs (APDSs) and consider the backwardsreachability problem over these systems. This builds on and extends previous work into pushdown systems and contextfree higherorder processes in a nontrivial manner. In particular, we show that the set of configurations from which a regular set of higherorder APDS configurations is reachable is regular and computable in nEXPTIME. In fact, the problem is nEXPTIMEcomplete. We show that this work has several applications in the verification of higherorder PDSs, such as lineartime modelchecking, alternationfree µcalculus modelchecking and the computation of winning regions of reachability games.
Unsafe grammars and panic automata
 In ICALP, volume 3580 of LNCS
, 2005
"... Abstract. We show that the problem of checking if an infinite tree generated by a higherorder grammar of level 2 (hyperalgebraic) satisfies a given µcalculus formula (or, equivalently, if it is accepted by an alternating parity automaton) is decidable, actually 2Exptimecomplete. Consequently, ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We show that the problem of checking if an infinite tree generated by a higherorder grammar of level 2 (hyperalgebraic) satisfies a given µcalculus formula (or, equivalently, if it is accepted by an alternating parity automaton) is decidable, actually 2Exptimecomplete. Consequently, the monadic secondorder theory of any hyperalgebraic tree is decidable, so that the safety restriction can be removed from our previous decidability result. The last result has been independently obtained by Aehlig, de Miranda and Ong. Our proof goes via a characterization of possibly unsafe secondorder grammars by a new variant of higherorder pushdown automata, which we call panic automata. In addition to the standard pop1 and pop2 operations, these automata have an option of a destructive move called panic. The modelchecking problem is then reduced to the problem of deciding the winner in a parity game over a suitable 2nd order pushdown system.