Abstract
Higher-order recursion schemes (HORS) have recently received much attention as a useful abstraction of higher-order functional programs with a number of new verification techniques employing HORS model-checking as their centrepiece. This paper contributes to the ongoing quest for a truly scalable model-checker for HORS by offering a different, automata theoretic perspective. We introduce the first practical model-checking algorithm that acts on a generalisation of pushdown automata equi-expressive with HORS called collapsible pushdown systems (CPDS). At its core is a substantial modification of a recently studied saturation algorithm for CPDS. In particular it is able to use information gathered from an approximate forward reachability analysis to guide its backward search. Moreover, we introduce an algorithm that prunes the CPDS prior to model-checking and a method for extracting counter-examples in negative instances. We compare our tool with the state-of-the-art verification tools for HORS and obtain encouraging results. In contrast to some of the main competition tackling the same problem, our algorithm is fixed-parameter tractable, and we also offer significantly improved performance over the only previously published tool of which we are aware that also enjoys this property. The tool and additional material are available from http://cshore.cs.rhul.ac.uk.
- M. F. Atig. Global model checking of ordered multi-pushdown systems. In FSTTCS, 2010.Google Scholar
- T. Ball and S. K. Rajamani. The SLAM project: Debugging system software via static analysis. In POPL, 2002. Google Scholar
Digital Library
- M. Benois. Parties rationnelles du groupe libre. Comptes-Rendus de l'Acamdemie des Sciences de Paris, Série A, 269:1188--1190, 1969.Google Scholar
- A. Bouajjani, J. Esparza, and O. Maler. Reachability analysis of pushdown automata: Application to model-checking. In CONCUR, 1997. Google Scholar
Digital Library
- A. Bouajjani and A. Meyer. Symbolic Reachability Analysis of Higher-Order Context-Free Processes. In FSTTCS, 2004. Google Scholar
Digital Library
- C. H. Broadbent, A. Carayol, C.-H. L. Ong, and O. Serre. Recursion schemes and logical reflection. In LICS, 2010. Google Scholar
Digital Library
- C. H. Broadbent, A. Carayol, M. Hague, and O. Serre. A saturation method for collapsible pushdown systems. In ICALP, 2012. Google Scholar
Digital Library
- T. Cachat. Games on Pushdown Graphs and Extensions. PhD thesis, RWTH Aachen, 2003.Google Scholar
- T. Cachat. Higher order pushdown automata, the Caucal hierarchy of graphs and parity games. In ICALP, 2003. Google Scholar
Digital Library
- A. Carayol and O. Serre. Collapsible pushdown automata and labeled recursion schemes: Equivalence, safety and effective selection. In LICS, 2012. Google Scholar
Digital Library
- A. Carayol, M. Hague, A. Meyer, C.-H. L. Ong, and O. Serre. Winning Regions of Higher-Order Pushdown Games. In LICS, 2008. Google Scholar
Digital Library
- J. Esparza, D. Hansel, P. Rossmanith, and S. Schwoon. Efficient algorithms for model checking pushdown systems. In CAV, 2000. Google Scholar
Digital Library
- A. Finkel, B. Willems, and P. Wolper. A direct symbolic approach to model checking pushdown systems. In INFINITY, 1997.Google Scholar
- M. Hague and C.-H. L. Ong. Symbolic backwards-reachability analysis for higher-order pushdown systems. Logical Methods in Computer Science, 4(4), 2008.Google Scholar
- M. Hague and C.-H. L. Ong. Analysing mu-calculus properties of pushdown systems. In SPIN, 2010. Google Scholar
Digital Library
- M. Hague, A. S. Murawski, C.-H. L. Ong, and O. Serre. Collapsible pushdown automata and recursion schemes. In LICS, 2008. Google Scholar
Digital Library
- D. Hopkins and C.-H. L. Ong. Homer: A higher-order observational equivalence model checker. In CAV, 2009. Google Scholar
Digital Library
- D. Hopkins, A. S. Murawski, and C.-H. L. Ong. Hector: An equivalence checker for a higher-order fragment of ml. In CAV, 2012. Google Scholar
Digital Library
- R. Jhala, R. Majumdar, and A. Rybalchenko. Hmc: Verifying functional programs using abstract interpreters. In CAV, 2011. Google Scholar
Digital Library
- N. D. Jones and S. S. Muchnick. Even simple programs are hard to analyze. J. ACM, 24:338--350, April 1977. Google Scholar
Digital Library
- T. Knapik, D. Niwinski, P. Urzyczyn, and I. Walukiewicz. Unsafe grammars and panic automata. In ICALP, 2005. Google Scholar
Digital Library
- N. Kobayashi. Types and higher-order recursion schemes for verification of higher-order programs. In POPL, 2009. Google Scholar
Digital Library
- N. Kobayashi. Model-checking higher-order functions. In PPDP, 2009. Google Scholar
Digital Library
- N. Kobayashi. Higher-order model checking: From theory to practice. In LICS, 2011. Google Scholar
Digital Library
- N. Kobayashi. A practical linear time algorithm for trivial automata model checking of higher-order recursion schemes. In FOSSACS, 2011. Google Scholar
Digital Library
- N. Kobayashi. GTRECS2: A model checker for recursion schemes based on games and types. A tool available at http://www-kb.is.s.u-tokyo.ac.jp/~koba/gtrecs2/, 2012.Google Scholar
- N. Kobayashi, R. Sato, and H. Unno. Predicate abstraction and cegar for higher-order model checking. In PLDI, 2011. Google Scholar
Digital Library
- R. P. Neatherway, S. J. Ramsay, and C.-H. L. Ong. A traversal-based algorithm for higher-order model checking. In ICFP, 2012. Google Scholar
Digital Library
- C.-H. L. Ong. On model-checking trees generated by higher-order recursion schemes. In LICS, 2006. Google Scholar
Digital Library
- C.-H. L. Ong and S. J. Ramsay. Verifying higher-order functional programs with pattern-matching algebraic data types. In POPL, 2011. Google Scholar
Digital Library
- T. W. Reps, S. Schwoon, S. Jha, and D. Melski. Weighted pushdown systems and their application to interprocedural dataflow analysis. Sci. Comput. Program., 58(1-2):206--263, 2005. Google Scholar
Digital Library
- S. Salvati and I. Walukiewicz. Recursive schemes, krivine machines, and collapsible pushdown automata. In RP, 2012. Google Scholar
Digital Library
- S. Schwoon. Model-checking Pushdown Systems. PhD thesis, Technical University of Munich, 2002.Google Scholar
- M. Sharir and A. Pnueli. Two approaches to interprocedural data flow analysis, chapter 7, pages 189--234. Prentice-Hall, 1981.Google Scholar
- O. Shivers. Control-Flow Analysis of Higher-Order Languages. PhD thesis, Carnegie-Mellon University, 1991. Google Scholar
Digital Library
- D. Suwimonteerabuth, S. Schwoon, and J. Esparza. Efficient algorithms for alternating pushdown systems with an application to the computation of certificate chains. In ATVA, 2006. Google Scholar
Digital Library
- D. Suwimonteerabuth, J. Esparza, and S. Schwoon. Symbolic contextbounded analysis of multithreaded java programs. In SPIN, 2008. Google Scholar
Digital Library
- H. Unno, N. Tabuchi, and N. Kobayashi. Verification of treeprocessing programs via higher-order model checking. In APLAS, 2010. Google Scholar
Digital Library
- D. Vardoulakis. CFA2: Pushdown-Flow Analysis for Higher-Order Languages. PhD thesis, Northeastern University, Boston, 2012. Google Scholar
Digital Library
- D. Vardoulakis and O. Shivers. Pushdown flow analysis of first-class control. In ICFP, 2011. Google Scholar
Digital Library
Index Terms
C-SHORe: a collapsible approach to higher-order verification
Recommendations
C-SHORe: a collapsible approach to higher-order verification
ICFP '13: Proceedings of the 18th ACM SIGPLAN international conference on Functional programmingHigher-order recursion schemes (HORS) have recently received much attention as a useful abstraction of higher-order functional programs with a number of new verification techniques employing HORS model-checking as their centrepiece. This paper ...
Efficient on-the-fly model-checking for regular alternation-free mu-calculus
Special issure on formal methods for industrial critical systems (FMICS 2000)Model-checking is a successful technique for automatically verifying concurrent finite-state systems. When designing a model-checker, a good compromise must be made between the expressive power of the property description formalism, the complexity of ...
Formal Analysis and Verification of a Multimedia Messaging Service Protocol
CSO '11: Proceedings of the 2011 Fourth International Joint Conference on Computational Sciences and Optimizationthis paper reports about the formal analysis and verification of a Multimedia Messaging Service Protocol (MMS) used by NOKIA in its products. We started with the Timed Automata models of the MMS protocol, and then we performed verifications by model-...







Comments