The complexity of propositional linear temporal logics
Journal of the ACM (JACM)
An analysis of the non-emptiness problem for classes of reversal-bounded multicounter machines
Journal of Computer and System Sciences
Minimum and maximum delay problems in real-time systems
Formal Methods in System Design - Special issue on computer-aided verification: special methods I
Theoretical Computer Science
Languages represented by Boolean formulas
Information Processing Letters
Journal of the ACM (JACM)
Reversal-Bounded Multicounter Machines and Their Decision Problems
Journal of the ACM (JACM)
Introduction to the Theory of Computation
Introduction to the Theory of Computation
The Science of Programming
Counter machines and verification Problems
Theoretical Computer Science
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Reachability Analysis of Pushdown Automata: Application to Model-Checking
CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
Model Checking CTL Properties of Pushdown Systems
FST TCS 2000 Proceedings of the 20th Conference on Foundations of Software Technology and Theoretical Computer Science
Binary Reachability Analysis of Pushdown Timed Automata with Dense Clocks
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Model checking LTL with regular valuations for pushdown systems
Information and Computation - TACS 2001
Reversal-Bounded Counter Machines Revisited
MFCS '08 Proceedings of the 33rd international symposium on Mathematical Foundations of Computer Science
Model-checking Timed Temporal Logics
Electronic Notes in Theoretical Computer Science (ENTCS)
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Properties of visibly pushdown transducers
MFCS'10 Proceedings of the 35th international conference on Mathematical foundations of computer science
Complexity bounds for the verification of real-time software
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
jMoped: a java bytecode checker based on moped
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
On the complexity of equational horn clauses
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
FOSSACS'10 Proceedings of the 13th international conference on Foundations of Software Science and Computational Structures
A practical and complete approach to predicate refinement
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
A Survey of Automated Techniques for Formal Software Verification
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
The complexity of reversal-bounded model-checking
FroCoS'11 Proceedings of the 8th international conference on Frontiers of combining systems
Formal Methods in System Design
Branching-Time model checking of parametric one-counter automata
FOSSACS'12 Proceedings of the 15th international conference on Foundations of Software Science and Computational Structures
A Perfect Model for Bounded Verification
LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
Synchronisation- and reversal-bounded analysis of multithreaded programs with counters
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Bounded context-switching and reentrant locking
FOSSACS'13 Proceedings of the 16th international conference on Foundations of Software Science and Computation Structures
| Hi-index | 0.00 |
Pushdown systems (PDS) naturally model sequential recursive programs. Numeric data types also often arise in real-world programs. We study the extension of PDS with unbounded counters, which naturally model numeric data types. Although this extension is Turingpowerful, reachability is known to be decidable when the number of reversals between incrementing and decrementing modes is bounded. In this paper, we (1) pinpoint the decidability/complexity of reachability and linear/branching time model checking over PDS with reversal-bounded counters (PCo), and (2) experimentally demonstrate the effectiveness of our approach in analysing software. We show reachability over PCo is NP-complete, while LTL is coNEXP-complete (coNP-complete for fixed formulas). In contrast, we prove that EF-logic over PCo is undecidable. Our NP upper bounds are by a direct poly-time reduction to satisfaction over existential Presburger formulas, allowing us to tap into highly optimized solvers like Z3. Although reversal-bounded analysis is incomplete for PDS with unbounded counters in general, our experiments suggest that some intricate bugs (e.g. from Linux device drivers) can be discovered with a small number of reversals. We also pinpoint the decidability/ complexity of various extensions of PCo, e.g., with discrete clocks.