We propose a bounded model checking procedure for programs manipulating dynamically allocated pointer structures. Our procedure checks whether a program execution of length n ends in an error (e.g., a NULL dereference) by testing if the weakest precondition of the error condition together with the initial condition of the program (e.g., program variable x points to a circular list) is satisfiable. We express error conditions as formulas in the 2-variable fragment of the Bernays-Schoenfinkel class with equality. We show that this fragment is closed under computing weakest preconditions. We express the initial conditions by unary relations which are defined by monadic Datalog programs. Our main contribution is a small model theorem for the 2-...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
We say a program is data-independent with respect to a data type X if the operations it can perform ...
We propose a bounded model checking procedure for programs manipulating dynamically allocated pointe...
We propose a bounded model checking procedure for programs manipulating dynamically allocated pointe...
We present a technique for automatic verification of pointer programs based on a decision procedure ...
Software model checkers are able to exhaustively explore different bounded program executions arisin...
AbstractWe define a new decidable logic for expressing and checking invariants of programs that mani...
We define a new decidable logic for expressing and checking invariants of programs that manipulate d...
Abstract. A main idea underlying bounded model checking is to limit the length of the potential coun...
A given Datalog program is bounded if its depth of recursion is independent of the input database. D...
AbstractA given Datalog program is bounded if its depth of recursion is independent of the input dat...
We present a novel approach to the verification of concurrent pointer– manipulating programs which o...
This paper presents our results in study of verifiaction of infinite state space systems. We deal mo...
Containment of monadic datalog programs over data trees (labelled trees with an equivalence relation...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
We say a program is data-independent with respect to a data type X if the operations it can perform ...
We propose a bounded model checking procedure for programs manipulating dynamically allocated pointe...
We propose a bounded model checking procedure for programs manipulating dynamically allocated pointe...
We present a technique for automatic verification of pointer programs based on a decision procedure ...
Software model checkers are able to exhaustively explore different bounded program executions arisin...
AbstractWe define a new decidable logic for expressing and checking invariants of programs that mani...
We define a new decidable logic for expressing and checking invariants of programs that manipulate d...
Abstract. A main idea underlying bounded model checking is to limit the length of the potential coun...
A given Datalog program is bounded if its depth of recursion is independent of the input database. D...
AbstractA given Datalog program is bounded if its depth of recursion is independent of the input dat...
We present a novel approach to the verification of concurrent pointer– manipulating programs which o...
This paper presents our results in study of verifiaction of infinite state space systems. We deal mo...
Containment of monadic datalog programs over data trees (labelled trees with an equivalence relation...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
Concurrent data structure algorithms have traditionally been designed using locks to regulate the be...
We say a program is data-independent with respect to a data type X if the operations it can perform ...