Results 1  10
of
25
Fast Acceleration of Ultimately Periodic Relations
, 2010
"... Computing transitive closures of integer relations is the key to finding precise invariants of integer programs. In this paper, we describe an efficient algorithm for computing the transitive closures of difference bounds, octagonal and finite monoid affine relations. On the theoretical side, this ..."
Abstract

Cited by 26 (4 self)
 Add to MetaCart
(Show Context)
Computing transitive closures of integer relations is the key to finding precise invariants of integer programs. In this paper, we describe an efficient algorithm for computing the transitive closures of difference bounds, octagonal and finite monoid affine relations. On the theoretical side, this framework provides a common solution to the acceleration problem, for all these three classes of relations. In practice, according to our experiments, the new method performs up to four orders of magnitude better than the previous ones, making it a promising approach for the verification of integer programs.
What else is decidable about integer arrays?
"... Abstract. We introduce a new decidable logic for reasoning about infinite arrays of integers. The logic is in the ∃ ∗ ∀ ∗ firstorder fragment and allows (1) Presburger constraints on existentially quantified variables, (2) difference constraints as well as periodicity constraints on universally ..."
Abstract

Cited by 17 (3 self)
 Add to MetaCart
Abstract. We introduce a new decidable logic for reasoning about infinite arrays of integers. The logic is in the ∃ ∗ ∀ ∗ firstorder fragment and allows (1) Presburger constraints on existentially quantified variables, (2) difference constraints as well as periodicity constraints on universally quantified indices, and (3) difference constraints on values. In particular, using our logic, one can express constraints on consecutive elements of arrays (e.g. ∀i. 0 ≤ i < n → a[i+1] = a[i]−1) as well as periodic facts (e.g. ∀i. i ≡2 0 → a[i] = 0). The decision procedure follows the automatatheoretic approach: we translate formulae into a special class of Büchi counter automata such that any model of a formula corresponds to an accepting run of the automaton, and vice versa. The emptiness problem for this class of counter automata is shown to be decidable, as a consequence of earlier results on counter automata with a flat control structure and transitions based on difference constraints. We show interesting program properties expressible in our logic, and give an example of invariant verification for programs that handle integer arrays. 1
Reachability in Succinct and Parametric OneCounter Automata
"... Abstract. Onecounter automata are a fundamental and widelystudied class of infinitestate systems. In this paper we consider onecounter automata with counter updates encoded in binary—which we refer to as the succinct encoding. It is easily seen that the reachability problem for this class of mac ..."
Abstract

Cited by 16 (7 self)
 Add to MetaCart
(Show Context)
Abstract. Onecounter automata are a fundamental and widelystudied class of infinitestate systems. In this paper we consider onecounter automata with counter updates encoded in binary—which we refer to as the succinct encoding. It is easily seen that the reachability problem for this class of machines is in PSpace and is NPhard. One of the main results of this paper is to show that this problem is in fact in NP, and is thus NPcomplete. We also consider parametric onecounter automata, in which counter updates be integervalued parameters. The reachability problem asks whether there are values for the parameters such that a final state can be reached from an initial state. Our second main result shows decidability of the reachability problem for parametric onecounter automata by reduction to existential Presburger arithmetic with divisibility. 1
Deciding conditional termination
 IN PROC. TACAS18
, 2012
"... This paper addresses the problem of conditional termination, which is that of defining the set of initial configurations from which a given program terminates. First we define the dual set, of initial configurations, from which a nonterminating execution exists, as the greatest fixpoint of the pr ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
This paper addresses the problem of conditional termination, which is that of defining the set of initial configurations from which a given program terminates. First we define the dual set, of initial configurations, from which a nonterminating execution exists, as the greatest fixpoint of the preimage of the transition relation. This definition enables the representation of this set, whenever the closed form of the relation of the loop is definable in a logic that has quantifier elimination. This entails the decidability of the termination problem for such loops. Second, we present effective ways to compute the weakest precondition for nontermination for difference bounds and octagonal (nondeterministic) relations, by avoiding complex quantifier eliminations. We also investigate the existence of linear ranking functions for such loops. Finally, we study the class of linear affine relations and give a method of underapproximating the termination precondition for a nontrivial subclass of affine relations. We have performed preliminary experiments on transition systems modeling reallife systems, and have obtained encouraging results.
Automatic Verification of Integer Array Programs
, 2009
"... Abstract. We provide a verification technique for a class of programs working on integer arrays of finite, but not a priori bounded length. We use the logic of integer arrays SIL [13] to specify pre and postconditions of programs and their parts. Effects of nonlooping parts of code are computed s ..."
Abstract

Cited by 11 (2 self)
 Add to MetaCart
Abstract. We provide a verification technique for a class of programs working on integer arrays of finite, but not a priori bounded length. We use the logic of integer arrays SIL [13] to specify pre and postconditions of programs and their parts. Effects of nonlooping parts of code are computed syntactically on the level of SIL. Loop preconditions derived during the computation in SIL are converted into counter automata (CA). Loops are automatically translated— purely on the syntactical level—to transducers. Precondition CA and transducers are composed, and the composition overapproximated by flat automata with difference bound constraints, which are next converted back into SIL formulae, thus inferring postconditions of the loops. Finally, validity of postconditions specified by the user in SIL may be checked as entailment is decidable for SIL. 1
Proving Termination of Tree Manipulating Programs
"... Abstract. We consider the termination problem of programs manipulating treelike dynamic data structures. Our approach is based on a counterexample guided abstraction refinement loop. We use abstract regular tree modelchecking to infer invariants of the program. Then, we translate the program to a ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We consider the termination problem of programs manipulating treelike dynamic data structures. Our approach is based on a counterexample guided abstraction refinement loop. We use abstract regular tree modelchecking to infer invariants of the program. Then, we translate the program to a counter automaton (CA) which simulates it. If the CA can be shown to terminate using existing techniques, the program terminates. If not, we analyse the possible counterexample given by a CA termination checker and either conclude that the program does not terminate, or else refine the abstraction and repeat. We show that the spuriousness problem for lassoshaped counterexamples is decidable in some nontrivial cases. We applied the method successfully on several interesting case studies. 1
A Logic of Singly Indexed Arrays
"... Abstract. We present a logic interpreted over integer arrays, which allows difference bound comparisons between array elements situated within a constant sized window. It is shown that the satisfiability problem for the logic is undecidable for the class of formulae with quantifier prefix {∃,∀} ∗ ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We present a logic interpreted over integer arrays, which allows difference bound comparisons between array elements situated within a constant sized window. It is shown that the satisfiability problem for the logic is undecidable for the class of formulae with quantifier prefix {∃,∀} ∗ ∀ ∗ ∃ ∗ ∀ ∗. For formulae with quantifier prefixes in the ∃ ∗ ∀ ∗ fragment, decidability is established by an automatatheoretic argument. For each formula in the ∃ ∗ ∀ ∗ fragment we can build a flat counter automaton with difference bound transition rules (FCADBM) whose traces correspond to the models of the formula. The construction is modular, following the syntax of the formula. Decidability of the ∃ ∗ ∀ ∗ fragment of the logic is a consequence of the fact that reachability of a control state is decidable for FCADBM. 1
Model Checking Succinct and Parametric OneCounter Automata
"... We investigate the decidability and complexity of various model checking problems over onecounter automata. More specifically, we consider succinct onecounter automata, in which additive updates are encoded in binary, as well as parametric onecounter automata, in which additive updates may be gi ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
(Show Context)
We investigate the decidability and complexity of various model checking problems over onecounter automata. More specifically, we consider succinct onecounter automata, in which additive updates are encoded in binary, as well as parametric onecounter automata, in which additive updates may be given as unspecified parameters. We fully determine the complexity of model checking these automata against CTL, LTL, and modal µcalculus specifications.
BranchingTime Model Checking of Parametric OneCounter Automata
"... Abstract. We study the computational complexity of model checking EF logic and modal logic on parametric onecounter automata (POCA). A POCA is a onecounter automaton whose counter updates are either integer values encoded in binary or integervalued parameters. Given a formula and a configuration o ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We study the computational complexity of model checking EF logic and modal logic on parametric onecounter automata (POCA). A POCA is a onecounter automaton whose counter updates are either integer values encoded in binary or integervalued parameters. Given a formula and a configuration of a POCA, the modelchecking problem asks whether the formula is true in this configuration for all possible valuations of the parameters. We show that this problem is undecidable for EF logic via reduction from Hilbert’s tenth problem, however for modal logic we prove PSPACEcompleteness. Obtaining the PSPACE upper bound involves analysing systems of linear Diophantine inequalities of exponential size that admit solutions of polynomial size. Finally, we show that model checking EF logic on POCA without parameters is PSPACEcomplete. 1
When ModelChecking Freeze LTL over Counter Machines Becomes Decidable. Research report, LSV, ENS Cachan,
, 2010
"... Abstract. We study the decidability status of modelchecking freeze LTL over various subclasses of counter machines for which the reachability problem is known to be decidable (reversalbounded counter machines, vector additions systems with states, flat counter machines, onecounter machines). In ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We study the decidability status of modelchecking freeze LTL over various subclasses of counter machines for which the reachability problem is known to be decidable (reversalbounded counter machines, vector additions systems with states, flat counter machines, onecounter machines). In freeze LTL, a register can store a counter value and at some future position an equality test can be done between a register and a counter value. Herein, we complete an earlier work started on onecounter machines by considering other subclasses of counter machines, and especially the class of reversalbounded counter machines. This gives us the opportuniy to provide a systematic classification that distinguishes determinism vs. nondeterminism and we consider subclasses of formulae by restricting the set of atomic formulae or/and the polarity of the occurrences of the freeze operators, leading to the flat fragment.