Results 1  10
of
11
Termination Analysis of Java Bytecode
"... The state of the art in termination analysis includes advanced techniques developed for logic and functional programming [12, 4, 9, 11, 10] and imperative languages [2, 5, 8, 6, 10], as well as for term rewriting systems [10]. In [6, 5] tools for proving termination of large industrial code are pres ..."
Abstract

Cited by 30 (15 self)
 Add to MetaCart
The state of the art in termination analysis includes advanced techniques developed for logic and functional programming [12, 4, 9, 11, 10] and imperative languages [2, 5, 8, 6, 10], as well as for term rewriting systems [10]. In [6, 5] tools for proving termination of large industrial code are presented. However, termination of lowlevel languages, such as Java bytecode, has received little
Complete sequent calculi for induction and infinite descent
 Proceedings of LICS22
, 2007
"... This paper compares two different styles of reasoning with inductively defined predicates, each style being encapsulated by a corresponding sequent calculus proof system. The first system supports traditional proof by induction, with induction rules formulated as sequent rules for introducing induct ..."
Abstract

Cited by 18 (6 self)
 Add to MetaCart
This paper compares two different styles of reasoning with inductively defined predicates, each style being encapsulated by a corresponding sequent calculus proof system. The first system supports traditional proof by induction, with induction rules formulated as sequent rules for introducing inductively defined predicates on the left of sequents. We show this system to be cutfree complete with respect to a natural class of Henkin models; the eliminability of cut follows as a corollary. The second system uses infinite (nonwellfounded) proofs to represent arguments by infinite descent. In this system, the left rules for inductively defined predicates are simple casesplit rules, and an infinitary, global condition on proof trees is required to ensure soundness. We show this system to be cutfree complete with respect to standard models, and again infer the eliminability of cut. The second infinitary system is unsuitable for formal reasoning. However, it has a natural restriction to proofs given by regular trees, i.e. to those proofs representable by finite graphs. This restricted “cyclic ” system subsumes the first system for proof by induction. We conjecture that the two systems are in fact equivalent, i.e., that proof by induction is equivalent to regular proof by infinite descent.
Automatic Numeric Abstractions for HeapManipulating Programs
, 2010
"... We present a logic for relating heapmanipulating programs to numeric abstractions. These numeric abstractions are expressed as simple imperative programs over integer variables and have the property that termination and safety of the numeric program ensures termination and safety of the original, h ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
We present a logic for relating heapmanipulating programs to numeric abstractions. These numeric abstractions are expressed as simple imperative programs over integer variables and have the property that termination and safety of the numeric program ensures termination and safety of the original, heapmanipulating program. We have implemented an automated version of this abstraction process and present experimental results for programs involving a variety of data structures.
A Termination Analyser for Java Bytecode Based on PathLength
"... It is important to prove that supposedly terminating programs actually terminate, particularly if those programs must be run on critical systems or downloaded into a client such as a mobile phone. Although termination of computer programs is generally undecidable, it is possible and useful to prove ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
It is important to prove that supposedly terminating programs actually terminate, particularly if those programs must be run on critical systems or downloaded into a client such as a mobile phone. Although termination of computer programs is generally undecidable, it is possible and useful to prove termination of a large, nontrivial subset of the terminating programs. In this paper we present our termination analyser for sequential Java bytecode, based on a program property called pathlength. We describe the analyses which are needed before the pathlength can be computed, such as sharing, cyclicity and aliasing. Then we formally define the pathlength analysis and prove it correct w.r.t. a reference denotational semantics of the bytecode. We show that a constraint logic program PCLP can be built from the result of the pathlength analysis of a Java bytecode program P and formally prove that if PCLP terminates then also P terminates. Hence a termination prover for constraint logic programs can be applied to prove the termination of P. We conclude with some discussion of the possibilities and limitations of our approach. Ours is the first existing termination analyser for Java bytecode dealing with generic data structures dynamically allocated on the heap and which does not require any help or annotation on the part of the user.
Verifying Executable ObjectOriented Specifications with Separation Logic
"... Abstract. Specifications of ObjectOriented programs conventionally employ Boolean expressions of the programming language for assertions. Programming errors can be discovered by checking at runtime whether an assertion, such as a precondition or class invariant, holds. In this work, we show how sep ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract. Specifications of ObjectOriented programs conventionally employ Boolean expressions of the programming language for assertions. Programming errors can be discovered by checking at runtime whether an assertion, such as a precondition or class invariant, holds. In this work, we show how separation logic can be used to verify that these executable specifications will always hold at runtime. Both the program and its executable assertions are verified with respect to separation logic specifications. A novel notion called relative purity embraces historically problematic sideeffects in executable specifications, and verification boils down to proving connecting implications. Even modelbased specifications can be verified. The framework is also wellsuited to separation logic proof tools and now implemented in jStar. Numerous automatically verified examples illustrate the framework’s use and utility.
Automated Termination Proofs for Java Programs with Cyclic Data
, 2012
"... In earlier work, we developed a technique to prove termination of Java programs automatically: first, Java programs are automatically transformed to term rewrite systems (TRSs) and then, existing methods and tools are used to prove termination of the resulting TRSs. In this paper, we extend our tech ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
In earlier work, we developed a technique to prove termination of Java programs automatically: first, Java programs are automatically transformed to term rewrite systems (TRSs) and then, existing methods and tools are used to prove termination of the resulting TRSs. In this paper, we extend our technique in order to prove termination of algorithms on cyclic data such as cyclic lists or graphs automatically. We implemented our technique in the tool AProVE and performed extensive experiments to evaluate its practical applicability.
A Primer on Separation Logic (and Automatic Program Verification and Analysis)
"... Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis. ..."
Abstract
 Add to MetaCart
Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis.
An Integrated Logic for Termination and NonTermination Reasoning
"... Abstract. We propose a logical framework for specifying and proving assertions about program termination and nontermination. Although program termination has been well studied, it is usually added as an external component to a specification logic. Here we propose to integrate termination requiremen ..."
Abstract
 Add to MetaCart
Abstract. We propose a logical framework for specifying and proving assertions about program termination and nontermination. Although program termination has been well studied, it is usually added as an external component to a specification logic. Here we propose to integrate termination requirements directly into our specification logic, as temporal constraints for each execution phase of every method. Our temporal constraints can specify a strict decrease in some bounded measure for termination proofs or the unreachability of method exit for nontermination proofs. The reasoning on these temporal constraints is supported by a novel temporal entailment procedure. Furthermore, our terminationenhanced logic can leverage on richer specification logics to help conduct more intricate termination reasoning for programs with heap manipulation or multiple terminating phases. Through a seamless integration into the specification logics, we expect our termination reasoning to benefit from any future improvements to our logics, and viceversa. With an experimental evaluation, we report on the usability and practicality of our approach for capturing both termination and nontermination reasoning for an existing verification system. 1
pointer programs. Cyclic Abduction of Inductively Defined Safety and Termination Preconditions
, 2013
"... We describe a new method, called cyclic abduction, for automatically inferring safety and/or termination preconditions for heapmanipulating while programs, expressed as inductive definitions in separation logic. Cyclic abduction essentially works by searching for a cyclic proof of memory safety and ..."
Abstract
 Add to MetaCart
We describe a new method, called cyclic abduction, for automatically inferring safety and/or termination preconditions for heapmanipulating while programs, expressed as inductive definitions in separation logic. Cyclic abduction essentially works by searching for a cyclic proof of memory safety and/or termination, abducing definitional clauses of the precondition as necessary in order to advance the proof search process. This is achieved via a suite of heuristically guided automatic tactics. We have implemented our cyclic abduction procedure as an automatic tool, Caber, that automatically infers the correct safety and termination preconditions for a range of common small programs manipulating lists and trees, and can also abduce the definitions of more exotic data structures such as cyclic or segmented lists, or trees of linked lists. To our knowledge, cyclic abduction is the first technique for automatically abducing such inductive definitions from
A Specification Logic for Termination Reasoning
"... Abstract. We propose a logical framework for specifying and proving assertions about program termination. Although termination of programs has been well studied, it is usually added as an external component to the specification logic. Here we propose to integrate termination requirements directly in ..."
Abstract
 Add to MetaCart
Abstract. We propose a logical framework for specifying and proving assertions about program termination. Although termination of programs has been well studied, it is usually added as an external component to the specification logic. Here we propose to integrate termination requirements directly into our specification logic, as temporal constraints for each phase of every method. Our temporal constraints can specify a strict decrease in a bounded measure for termination proofs and the unreachability of method exit for nontermination proofs. Furthermore, our terminationinfused logic can leverage richer specification logics to help conduct more complex termination reasoning for programs with structural specification, heap manipulation, exception handling, and multiple phases. We expect our termination reasoning to directly benefit from any future improvements to our specification mechanism because it is fully integrated into our specification logic. Through an experimental evaluation, we report on the usability and practicality of a verification system, based on separation logic, that has been enhanced with our termination constraints. 1