Bounded Model Checking of Recursive Programs with Pointers in K

We present an adaptation of model-based verification, via model checking pushdown systems, to semantics-based verification. First we introduce the algebraic notion of pushdown system specifications (PSS) and adapt a model checking algorithm for this new notion. We instantiate pushdown system specifications in the \(\mathbb{K}\) framework by means of Shylock, a relevant PSS example. We show why \(\mathbb{K}\) is a suitable environment for the pushdown system specifications and we give a methodology for defining the PSS in \(\mathbb{K}\). Finally, we give a parametric \(\mathbb{K}\) specification for model checking pushdown system specifications based on the adapted model checking algorithm for PSS.

[1]  Thomas Reps,et al.  WPDS++: A C++ library for weighted pushdown systems , 2005 .

[2]  Grigore Rosu,et al.  K-Maude: A Rewriting Based Tool for Semantics of Programming Languages , 2010, WRLA.

[3]  Frank S. de Boer,et al.  Interacting via the Heap in the Presence of Recursion , 2012, ICE.

[4]  Dexter Kozen,et al.  Kleene algebra with tests , 1997, TOPL.

[5]  Patrick Cousot,et al.  Abstract Interpretation and Application to Logic Programs , 1992, J. Log. Program..

[6]  Alexandra Silva,et al.  A Decision Procedure for Bisimilarity of Generalized Regular Expressions , 2010, SBMF.

[7]  Ahmed Bouajjani,et al.  Context-Bounded Analysis of Multithreaded Programs with Dynamic Linked Structures , 2007, CAV.

[8]  José Meseguer,et al.  The Maude LTL Model Checker , 2004, WRLA.

[9]  Grigore Rosu,et al.  Circular coinductive rewriting , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[10]  G. Rosu,et al.  Matching Logic Rewriting: Unifying Operational and Axiomatic Semantics in a Practical and Generic Framework , 2011 .

[11]  Javier Esparza,et al.  A BDD-Based Model Checker for Recursive Programs , 2001, CAV.

[12]  Grigore Rosu,et al.  Towards a Unified Theory of Operational and Axiomatic Semantics , 2012, ICALP.

[13]  Grigore Rosu,et al.  An overview of the K semantic framework , 2010, J. Log. Algebraic Methods Program..

[14]  José Meseguer,et al.  Equational abstractions , 2008, Theor. Comput. Sci..

[15]  Stefan Schwoon,et al.  Model checking pushdown systems , 2002 .

[16]  Antoni Mazurkiewicz,et al.  CONCUR '97: Concurrency Theory , 1997, Lecture Notes in Computer Science.

[17]  Chucky Ellison,et al.  An executable formal semantics of C with applications , 2011, POPL '12.

[18]  José Meseguer,et al.  The Rewriting Logic Semantics Project , 2006, SOS@ICALP.

[19]  Reinhard Wilhelm,et al.  A semantics for procedure local heaps and its abstractions , 2005, POPL '05.

[20]  Javier Esparza,et al.  Reachability Analysis of Pushdown Automata: Application to Model-Checking , 1997, CONCUR.