Results 1 - 10
of
84
The Pointer Assertion Logic Engine
- Proc. ACM PLDI
, 2001
"... We present a new framework for verifying partial specifications of programs in order to catch type and memory errors and check data structure invariants. Our technique can verify a large class of data structures, namely all those that can be expressed as graph types. Earlier versions were restricted ..."
Abstract
-
Cited by 156 (3 self)
- Add to MetaCart
We present a new framework for verifying partial specifications of programs in order to catch type and memory errors and check data structure invariants. Our technique can verify a large class of data structures, namely all those that can be expressed as graph types. Earlier versions were restricted to simple special cases such as lists or trees. Even so, our current implementation is as fast as the previous specialized tools. Programs are annotated with partial specifications expressed in Pointer Assertion Logic, a new notation for expressing properties of the program store. We work in the logical tradition by encoding the programs and partial specifications as formulas in monadic second-order logic. Validity of these formulas is checked by the MONA tool, which also can provide explicit counterexamples to invalid formulas. To make verification decidable, the technique requires explicit loop and function call invariants. In return, the technique is highly modular: every statement of a given program is analyzed only once. The main target applications are safety-critical data-type algorithms, where the cost of annotating a program with invariants is justified by the value of being able to automatically verify complex properties of the program.
Generalized typestate checking for data structure consistency
- In 6th International Conference on Verification, Model Checking and Abstract Interpretation
, 2005
"... Abstract. We present an analysis to verify abstract set specifications for programs sets. In our approach, each module may encapsulate several data structures and use membership in abstract sets to characterize how objects participate in its data structures. Each module’s specification uses set alge ..."
Abstract
-
Cited by 47 (28 self)
- Add to MetaCart
(Show Context)
Abstract. We present an analysis to verify abstract set specifications for programs sets. In our approach, each module may encapsulate several data structures and use membership in abstract sets to characterize how objects participate in its data structures. Each module’s specification uses set algebra formulas to characterize the effects of its operations on the abstract sets. The program may define abstract set membership in a variety of ways; arbitrary analyses (potentially with multiple analyses applied to different modules in the same program) may verify the corresponding set specifications. The analysis we present in this paper verifies set specifications by constructing and verifying set algebra formulas whose validity implies the validity of the set specifications. We have implemented our analysis and annotated several programs (75-2500 lines of code) with set specifications. We found that our original analysis algorithm did not scale; this paper describes several optimizations that improve the scalability of our analysis. It also presents experimental data comparing the original and optimized versions of our analysis.
Modular Data Structure Verification
- EECS DEPARTMENT, MASSACHUSETTS INSTITUTE OF TECHNOLOGY
, 2007
"... This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java ..."
Abstract
-
Cited by 43 (20 self)
- Add to MetaCart
This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java programs with dynamically allocated data structures. Developers write Jahob specifications in classical higher-order logic (HOL); Jahob reduces the verification problem to deciding the validity of HOL formulas. I present a new method for proving HOL formulas by combining automated reasoning techniques. My method consists of 1) splitting formulas into individual HOL conjuncts, 2) soundly approximating each HOL conjunct with a formula in a more tractable fragment and 3) proving the resulting approximation using a decision procedure or a theorem prover. I present three concrete logics; for each logic I show how to use it to approximate HOL formulas, and how to decide the validity of formulas in this logic. First, I present an approximation of HOL based on a translation to first-order logic, which enables the use of existing resolution-based theorem provers. Second, I present an approximation of HOL based on field constraint analysis, a new technique that enables
Verifying a file system implementation
- In Sixth International Conference on Formal Engineering Methods (ICFEM’04), volume 3308 of LNCS
, 2004
"... ..."
(Show Context)
Qualitative Spatio-Temporal Representation and Reasoning: A Computational Perspective
- Exploring Artifitial Intelligence in the New Millenium
, 2001
"... this paper argues for the rich world of representation that lies between these two extremes." Levesque and Brachman (1985) 1 Introduction Time and space belong to those few fundamental concepts that always puzzled scholars from almost all scientific disciplines, gave endless themes to science ..."
Abstract
-
Cited by 39 (12 self)
- Add to MetaCart
this paper argues for the rich world of representation that lies between these two extremes." Levesque and Brachman (1985) 1 Introduction Time and space belong to those few fundamental concepts that always puzzled scholars from almost all scientific disciplines, gave endless themes to science fiction writers, and were of vital concern to our everyday life and commonsense reasoning. So whatever approach to AI one takes [ Russell and Norvig, 1995 ] , temporal and spatial representation and reasoning will always be among its most important ingredients (cf. [ Hayes, 1985 ] ). Knowledge representation (KR) has been quite successful in dealing separately with both time and space. The spectrum of formalisms in use ranges from relatively simple temporal and spatial databases, in which data are indexed by temporal and/or spatial parameters (see e.g. [ Srefik, 1995; Worboys, 1995 ] ), to much more sophisticated numerical methods developed in computational geom
The Design Space of Type Checkers for XML Transformation Languages
, 2004
"... We survey work on statically type checking XML transformations, covering a wide range of notations and ambitions. The concept of type may vary from idealizations of DTD to full-blown XML Schema or even more expressive formalisms. The notion of transformation may vary from clean and simple transd ..."
Abstract
-
Cited by 38 (6 self)
- Add to MetaCart
We survey work on statically type checking XML transformations, covering a wide range of notations and ambitions. The concept of type may vary from idealizations of DTD to full-blown XML Schema or even more expressive formalisms. The notion of transformation may vary from clean and simple transductions to domain-specific languages or integration of XML in general-purpose programming languages. Type annotations can be either explicit or implicit, and type checking ranges from exact decidability to pragmatic approximations. We characterize
Field constraint analysis
- In Proc. Int. Conf. Verification, Model Checking, and Abstract Interpratation
, 2006
"... ..."
(Show Context)
Modular pluggable analyses for data structure consistency.
- IEEE Transactions on Software Engineering,
, 2006
"... ..."
(Show Context)
An algorithm for deciding BAPA: Boolean Algebra with Presburger Arithmetic
- In 20th International Conference on Automated Deduction, CADE-20
, 2005
"... Abstract. We describe an algorithm for deciding the first-order multisorted theory BAPA, which combines 1) Boolean algebras of sets of uninterpreted elements (BA) and 2) Presburger arithmetic operations (PA). BAPA can express the relationship between integer variables and cardinalities of a priory u ..."
Abstract
-
Cited by 29 (12 self)
- Add to MetaCart
(Show Context)
Abstract. We describe an algorithm for deciding the first-order multisorted theory BAPA, which combines 1) Boolean algebras of sets of uninterpreted elements (BA) and 2) Presburger arithmetic operations (PA). BAPA can express the relationship between integer variables and cardinalities of a priory unbounded finite sets, and supports arbitrary quantification over sets and integers. Our motivation for BAPA is deciding verification conditions that arise in the static analysis of data structure consistency properties. Data structures often use an integer variable to keep track of the number of elements they store; an invariant of such a data structure is that the value of the integer variable is equal to the number of elements stored in the data structure. When the data structure content is represented by a set, the resulting constraints can be captured in BAPA. BAPA formulas with quantifier alternations arise when verifying programs with annotations containing quantifiers, or when proving simulation relation conditions for refinement and equivalence of program fragments. Furthermore, BAPA constraints can be used for proving the termination of programs that manipulate data structures, and have applications in constraint databases. We give a formal description of a decision procedure for BAPA, which implies the decidability of BAPA. We analyze our algorithm and obtain an elementary upper bound on the running time, thereby giving the first complexity bound for BAPA. Because it works by a reduction to PA, our algorithm yields the decidability of a combination of sets of uninterpreted elements with any decidable extension of PA. Our algorithm can also be used to yield an optimal decision procedure for BA through a reduction to PA with bounded quantifiers. We have implemented our algorithm and used it to discharge verification conditions in the Jahob system for data structure consistency checking of Java programs; our experience with the algorithm is promising. 1
