Papers by Florian Zuleger
Verification of Asynchronous Mobile-Robots in Partially-Known Environments
Lecture Notes in Computer Science, 2015
Extending ALCQIO with Trees
2015 30th Annual ACM/IEEE Symposium on Logic in Computer Science, 2015
Difference Constraints: An adequate Abstraction for Complexity Analysis of Imperative Programs
Difference constraints have been used for termination analysis in the literature, where they deno... more Difference constraints have been used for termination analysis in the literature, where they denote relational inequalities of the form x' <= y + c, and describe that the value of x in the current state is at most the value of y in the previous state plus some integer constant c. In this paper, we argue that the complexity of imperative programs typically arises from counter increments and resets, which can be modeled naturally by difference constraints. We present the first practical algorithm for the analysis of difference constraint programs and describe how C programs can be abstracted to difference constraint programs. Our approach contributes to the field of automated complexity and (resource) bound analysis by enabling automated amortized complexity analysis for a new class of programs and providing a conceptually simple program model that relates invariant- and bound analysis. We demonstrate the effectiveness of our approach through a thorough experimental comparison ...
The finite satisfiability problem of monadic second order logic is decidable only on classes of s... more The finite satisfiability problem of monadic second order logic is decidable only on classes of structures of bounded tree-width by the classic result of Seese (1991). We prove the following problem is decidable: Input: (i) A monadic second order logic sentence $\alpha$, and (ii) a sentence $\beta$ in the two-variable fragment of first order logic extended with counting quantifiers. The vocabularies of $\alpha$ and $\beta$ may intersect. Output: Is there a finite structure which satisfies $\alpha\land\beta$ such that the restriction of the structure to the vocabulary of $\alpha$ has bounded tree-width? (The tree-width of the desired structure is not bounded.) As a consequence, we prove the decidability of the satisfiability problem by a finite structure of bounded tree-width of a logic extending monadic second order logic with linear cardinality constraints of the form $|X_{1}|+\cdots+|X_{r}|<|Y_{1}|+\cdots+|Y_{s}|$, where the $X_{i}$ and $Y_{j}$ are monadic second order variable...
Lecture Notes in Computer Science, 2014
We present the first scalable bound analysis that achieves amortized complexity analysis. In cont... more We present the first scalable bound analysis that achieves amortized complexity analysis. In contrast to earlier work, our bound analysis is not based on general purpose reasoners such as abstract interpreters, software model checkers or computer algebra tools. Rather, we derive bounds directly from abstract program models, which we obtain from programs by comparatively simple invariant generation and symbolic execution techniques. As a result, we obtain an analysis that is more predictable and more scalable than earlier approaches. We demonstrate by a thorough experimental evaluation that our analysis is fast and at the same time able to compute bounds for challenging loops in a large real-world benchmark. Technically, our approach is based on lossy vector addition systems (VASS). Our bound analysis first computes a lexicographic ranking function that proves the termination of a VASS, and then derives a bound from this ranking function. Our methodology achieves amortized analysis based on a new insight how lexicographic ranking functions can be used for bound analysis.
Lecture Notes in Computer Science, 2009
... 218 J. Kinder, F. Zuleger, and H. Veith ... The set of states State := Loc × Val×Store is the... more ... 218 J. Kinder, F. Zuleger, and H. Veith ... The set of states State := Loc × Val×Store is the product of the location valuations Loc := {pc} → A, the variable valuations Val := V → Z and the store valuations Store := Z → Z. We refer to the part of a state that represents an element of Store ...
Lecture Notes in Computer Science, 2013
Termination proving has traditionally been based on the search for (possibly lexicographic) ranki... more Termination proving has traditionally been based on the search for (possibly lexicographic) ranking functions. In recent years, however, the discovery of termination proof techniques based on Ramsey's theorem have led to new automation strategies, e.g. size-change, or iterative reductions from termination to safety. In this paper we revisit the decision to use Ramsey-based termination arguments in the iterative approach. We describe a new iterative termination proving procedure that instead searches for lexicographic termination arguments. Using experimental evidence we show that this new method leads to dramatic speedups.
Empirical Software Metrics for Benchmarking of Verification Tools
Lecture Notes in Computer Science, 2015
We introduce an extension ALCQIO_{b,Re} of the description logic ALCQIO, a sub-logic of the two-v... more We introduce an extension ALCQIO_{b,Re} of the description logic ALCQIO, a sub-logic of the two-variable fragment of first order logic with counting quantifiers, with reachability assertions. ALCQIO_{b,Re}-formulae can define an unbounded number of trees. We show that finite implication of ALCQIO_{b,Re}-formulae is polynomial-time reducible to finite satisfiability of ALCQIO-formulae. As a consequence, we get that finite satisfiability and finite implication in ALCQIO_{b,Re} are NEXPTIME-complete. Description logics with transitive closure constructors have been studied before, but ALCQIO_{b,Re} is the first decidable description logic which allows at the same time nominals, inverse roles, counting quantifiers and transitive closures. ALCQIO_{b,Re} is well-suited for applications in software verification and shape analysis. Shape analysis requires expressive logics with reachability which have good computational properties. We show that ALCQIO_{b,Re} can describe complex data struct...
The verification community has studied dynamic data structures primarily in a bottom-up way by an... more The verification community has studied dynamic data structures primarily in a bottom-up way by analyzing pointers and the shapes induced by them. Recent work in fields such as separation logic has made significant progress in extracting shapes from program source code. Many real world programs however manipulate complex data whose structure and content is most naturally described by formalisms from object oriented programming and databases. In this paper, we attempt to bridge the conceptual gap between these two communities. Our approach is based on description logic, a widely used knowledge representation paradigm which gives a logical underpinning for diverse modeling frameworks such as UML and ER. We show how description logic can be used on top of an existing shape analysis to add content descriptions to the shapes. Technically, we assume that we have separation logic shape invariants obtained from a shape analysis tool, and requirements on the program data in terms of descripti...
Size-Change Abstraction and Max-Plus Automata
Lecture Notes in Computer Science, 2014
On the concept of variable roles and its use in software analysis
2013 Formal Methods in Computer-Aided Design, 2013
ABSTRACT Human written source code in imperative programming languages exhibits typical patterns ... more ABSTRACT Human written source code in imperative programming languages exhibits typical patterns for variable use such as flags, loop iterators, counters, indices, bitvectors etc. Although it is widely understood by practitioners that these variable roles are important for automated software analysis tools, they are not systematically studied by the formal methods community, and not well documented in the research literature. In this paper, we study the notion of variable roles on the example of basic types (int, float, char) in C. We propose a classification of the variables in a program by variable roles, and demonstrate that classical data flow analysis lends itself naturally both as a specification formalism and an analysis paradigm for this classification problem. We demonstrate the practical applicability of our method by predicting membership of source files to the different categories of the software verification competition SVCOMP 2013.
Shape and Content
Lecture Notes in Computer Science, 2014
Lecture Notes in Computer Science, 2011
The size-change abstraction (SCA) is an important program abstraction for termination analysis, w... more The size-change abstraction (SCA) is an important program abstraction for termination analysis, which has been successfully implemented in many tools for functional and logic programs. In this paper, we demonstrate that SCA is also a highly effective abstract domain for the bound analysis of imperative programs. We have implemented a bound analysis tool based on SCA for imperative programs. We abstract programs in a pathwise and context dependent manner, which enables our tool to analyze real-world programs effectively. Our work shows that SCA captures many of the essential ideas of previous termination and bound analysis and goes beyond in a conceptually simpler framework.
The reachability-bound problem
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014, 2014
Providing feedback on programming assignments manually is a tedious, error prone, and time-consum... more Providing feedback on programming assignments manually is a tedious, error prone, and time-consuming task. In this paper, we motivate and address the problem of generating feedback on performance aspects in introductory programming assignments. We studied a large number of functionally correct student solutions to introductory programming assignments and observed: (1) There are different algorithmic strategies, with varying levels of efficiency, for solving a given problem. These different strategies merit different feedback. The same algorithmic strategy can be implemented in countless different ways, which are not relevant for reporting feedback on the student program.
Uploads
Papers by Florian Zuleger