Lecture Notes in Computer Science 11427

Commenced Publication in 1973Founding and Former Series Editors:Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

Editorial Board Members

David Hutchison, UKJosef Kittler, UKFriedemann Mattern, SwitzerlandMoni Naor, IsraelBernhard Steffen, GermanyDoug Tygar, USA

Takeo Kanade, USAJon M. Kleinberg, USAJohn C. Mitchell, USAC. Pandu Rangan, IndiaDemetri Terzopoulos, USA

Advanced Research in Computing and Software ScienceSubline of Lecture Notes in Computer Science

Subline Series Editors

Giorgio Ausiello, University of Rome ‘La Sapienza’, Italy

Vladimiro Sassone, University of Southampton, UK

Subline Advisory Board

Susanne Albers, TU Munich, GermanyBenjamin C. Pierce, University of Pennsylvania, USABernhard Steffen, University of Dortmund, GermanyDeng Xiaotie, Peking University, Beijing, ChinaJeannette M. Wing, Microsoft Research, Redmond, WA, USA

More information about this series at http://www.springer.com/series/7407

Tomáš Vojnar • Lijun Zhang (Eds.)

Tools and Algorithmsfor the Constructionand Analysis of Systems25th International Conference, TACAS 2019Held as Part of the European Joint Conferenceson Theory and Practice of Software, ETAPS 2019Prague, Czech Republic, April 6–11, 2019Proceedings, Part I

EditorsTomáš VojnarBrno University of TechnologyBrno, Czech Republic

Lijun ZhangChinese Academy of SciencesBeijing, China

ISSN 0302-9743 ISSN 1611-3349 (electronic)Lecture Notes in Computer ScienceISBN 978-3-030-17461-3 ISBN 978-3-030-17462-0 (eBook)https://doi.org/10.1007/978-3-030-17462-0

LNCS Sublibrary: SL1 – Theoretical Computer Science and General Issues

© The Editor(s) (if applicable) and The Author(s) 2019, corrected publication 2019. This book is an openaccess publication.Open Access This book is licensed under the terms of the Creative Commons Attribution 4.0 InternationalLicense (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distributionand reproduction in any medium or format, as long as you give appropriate credit to the original author(s) andthe source, provide a link to the Creative Commons license and indicate if changes were made.The images or other third party material in this book are included in the book’s Creative Commons license,unless indicated otherwise in a credit line to the material. If material is not included in the book’s CreativeCommons license and your intended use is not permitted by statutory regulation or exceeds the permitted use,you will need to obtain permission directly from the copyright holder.The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoes not imply, even in the absence of a specific statement, that such names are exempt from the relevantprotective laws and regulations and therefore free for general use.The publisher, the authors and the editors are safe to assume that the advice and information in this book arebelieved to be true and accurate at the date of publication. Neither the publisher nor the authors or the editorsgive a warranty, expressed or implied, with respect to the material contained herein or for any errors oromissions that may have been made. The publisher remains neutral with regard to jurisdictional claims inpublished maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AGThe registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

ETAPS Foreword

Welcome to the 22nd ETAPS! This is the first time that ETAPS took place in the CzechRepublic in its beautiful capital Prague.

ETAPS 2019 was the 22nd instance of the European Joint Conferences on Theoryand Practice of Software. ETAPS is an annual federated conference established in1998, and consists of five conferences: ESOP, FASE, FoSSaCS, TACAS, and POST.Each conference has its own Program Committee (PC) and its own Steering Committee(SC). The conferences cover various aspects of software systems, ranging from theo-retical computer science to foundations to programming language developments,analysis tools, formal approaches to software engineering, and security.

Organizing these conferences in a coherent, highly synchronized conference pro-gram enables participation in an exciting event, offering the possibility to meet manyresearchers working in different directions in the field and to easily attend talks ofdifferent conferences. ETAPS 2019 featured a new program item: the MentoringWorkshop. This workshop is intended to help students early in the program with adviceon research, career, and life in the fields of computing that are covered by the ETAPSconference. On the weekend before the main conference, numerous satellite workshopstook place and attracted many researchers from all over the globe.

ETAPS 2019 received 436 submissions in total, 137 of which were accepted,yielding an overall acceptance rate of 31.4%. I thank all the authors for their interest inETAPS, all the reviewers for their reviewing efforts, the PC members for their con-tributions, and in particular the PC (co-)chairs for their hard work in running this entireintensive process. Last but not least, my congratulations to all authors of the acceptedpapers!

ETAPS 2019 featured the unifying invited speakers Marsha Chechik (University ofToronto) and Kathleen Fisher (Tufts University) and the conference-specific invitedspeakers (FoSSaCS) Thomas Colcombet (IRIF, France) and (TACAS) CormacFlanagan (University of California at Santa Cruz). Invited tutorials were provided byDirk Beyer (Ludwig Maximilian University) on software verification and CesareTinelli (University of Iowa) on SMT and its applications. On behalf of the ETAPS2019 attendants, I thank all the speakers for their inspiring and interesting talks!

ETAPS 2019 took place in Prague, Czech Republic, and was organized by CharlesUniversity. Charles University was founded in 1348 and was the first university inCentral Europe. It currently hosts more than 50,000 students. ETAPS 2019 was furthersupported by the following associations and societies: ETAPS e.V., EATCS (EuropeanAssociation for Theoretical Computer Science), EAPLS (European Association forProgramming Languages and Systems), and EASST (European Association of Soft-ware Science and Technology). The local organization team consisted of Jan Vitek andJan Kofron (general chairs), Barbora Buhnova, Milan Ceska, Ryan Culpepper, VojtechHorky, Paley Li, Petr Maj, Artem Pelenitsyn, and David Safranek.

The ETAPS SC consists of an Executive Board, and representatives of theindividual ETAPS conferences, as well as representatives of EATCS, EAPLS, andEASST. The Executive Board consists of Gilles Barthe (Madrid), Holger Hermanns(Saarbrücken), Joost-Pieter Katoen (chair, Aachen and Twente), Gerald Lüttgen(Bamberg), Vladimiro Sassone (Southampton), Tarmo Uustalu (Reykjavik andTallinn), and Lenore Zuck (Chicago). Other members of the SC are: Wil van der Aalst(Aachen), Dirk Beyer (Munich), Mikolaj Bojanczyk (Warsaw), Armin Biere (Linz),Luis Caires (Lisbon), Jordi Cabot (Barcelona), Jean Goubault-Larrecq (Cachan),Jurriaan Hage (Utrecht), Rainer Hähnle (Darmstadt), Reiko Heckel (Leicester),Panagiotis Katsaros (Thessaloniki), Barbara König (Duisburg), Kim G. Larsen(Aalborg), Matteo Maffei (Vienna), Tiziana Margaria (Limerick), Peter Müller(Zurich), Flemming Nielson (Copenhagen), Catuscia Palamidessi (Palaiseau),Dave Parker (Birmingham), Andrew M. Pitts (Cambridge), Dave Sands (Gothenburg),Don Sannella (Edinburgh), Alex Simpson (Ljubljana), Gabriele Taentzer (Marburg),Peter Thiemann (Freiburg), Jan Vitek (Prague), Tomas Vojnar (Brno), Heike Wehrheim(Paderborn), Anton Wijs (Eindhoven), and Lijun Zhang (Beijing).

I would like to take this opportunity to thank all speakers, attendants, organizersof the satellite workshops, and Springer for their support. I hope you all enjoy theproceedings of ETAPS 2019. Finally, a big thanks to Jan and Jan and their localorganization team for all their enormous efforts enabling a fantastic ETAPS in Prague!

February 2019 Joost-Pieter KatoenETAPS SC Chair

ETAPS e.V. President

vi ETAPS Foreword

Preface

TACAS 2019 was the 25th edition of the International Conference on Tools andAlgorithms for the Construction and Analysis of Systems conference series.TACAS 2019 was part of the 22nd European Joint Conferences on Theory and Practiceof Software (ETAPS 2019). The conference was held at the Orea Hotel Pyramida inPrague, Czech Republic, during April 8–11, 2019.

Conference Description. TACAS is a forum for researchers, developers, and usersinterested in rigorously based tools and algorithms for the construction and analysis ofsystems. The conference aims to bridge the gaps between different communities withthis common interest and to support them in their quest to improve the utility, relia-bility, flexibility, and efficiency of tools and algorithms for building systems. TACAS2019 solicited four types of submissions:

– Research papers, identifying and justifying a principled advance to the theoreticalfoundations for the construction and analysis of systems, where applicable sup-ported by experimental validation.

– Case-study papers, reporting on case studies and providing information about thesystem being studied, the goals of the study, the challenges the system poses toautomated analysis, research methodologies and approaches used, the degree towhich goals were attained, and how the results can be generalized to other problemsand domains.

– Regular tool papers, presenting a new tool, a new tool component, or novelextensions to an existing tool, with an emphasis on design and implementationconcerns, including software architecture and core data structures, practicalapplicability, and experimental evaluations.

– Tool-demonstration papers (short), focusing on the usage aspects of tools.

Paper Selection. This year, 164 papers were submitted to TACAS, among which119 were research papers, 10 case-study papers, 24 regular tool papers, and 11 weretool-demonstration papers. After a rigorous review process, with each paper reviewedby at least three Program Committee members, followed by an online discussion, theProgram Committee accepted 29 research papers, 2 case-study papers, 11 regular toolpapers, and 8 tool-demonstration papers (50 papers in total).

Artifact-Evaluation Process. The main novelty of TACAS 2019 was that, for thefirst time, artifact evaluation was compulsory for all regular tool papers and tooldemonstration papers. For research papers and case-study papers, artifact evaluationwas optional. The artifact evaluation process was organized as follows:

– Regular tool papers and tool demonstration papers. The authors of the 35submitted papers of these categories of papers were required to submit an artifactalongside their paper submission. Each artifact was evaluated independently bythree reviewers. Out of the 35 artifact submissions, 28 were successfully evaluated,which corresponds to an acceptance rate of 80%. The AEC used a two-phase

reviewing process: Reviewers first performed an initial check to see whether theartifact was technically usable and whether the accompanying instructions wereconsistent, followed by a full evaluation of the artifact. The main criterion forartifact acceptance was consistency with the paper, with completeness and docu-mentation being handled in a more lenient manner as long as the artifact was usefuloverall. The reviewers were instructed to check whether results are consistent withwhat is described in the paper. Inconsistencies were to be clearly pointed out andexplained by the authors. In addition to the textual reviews, reviewers also proposeda numeric value about (potentially weak) acceptance/rejection of the artifact. Afterthe evaluation process, the results of the artifact evaluation were summarized andforwarded to the discussion of the papers, so as to enable the reviewers of the papersto take the evaluation into account. In all but three cases, tool papers whose artifactsdid not pass the evaluation were rejected.

– Research papers and case-study papers. For this category of papers, artifactevaluation was voluntary. The authors of each of the 25 accepted papers wereinvited to submit an artifact immediately after the acceptance notification. Owing tothe short time available for the process and acceptance of the artifact not beingcritical for paper acceptance, there was only one round of evaluation for thiscategory, and every artifact was assigned to two reviewers. The artifacts wereevaluated using the same criteria as for tool papers. Out of the 18 submitted artifactsof this phase, 15 were successfully evaluated (83% acceptance rate) and wereawarded the TACAS 2019 AEC badge, which is added to the title page of therespective paper if desired by the authors.

TOOLympics. TOOLympics 2019 was part of the celebration of the 25th anniver-sary of the TACAS conference. The goal of TOOLympics is to acknowledge theachievements of the various competitions in the field of formal methods, and tounderstand their commonalities and differences. A total of 24 competitions joinedTOOLympics and were presented at the event. An overview and competition reports of11 competitions are included in the third volume of the TACAS 2019 proceedings,which are dedicated to the 25th anniversary of TACAS. The extra volume contains areview of the history of TACAS, the TOOLympics papers, and the papers of the annualCompetition on Software Verification.

Competition on Software Verification. TACAS 2019 also hosted the 8th Interna-tional Competition on Software Verification (SV-COMP), chaired and organized byDirk Beyer. The competition again had high participation: 31 verification systems withdevelopers from 14 countries were submitted for the systematic comparative evalua-tion, including three submissions from industry. The TACAS proceedings includes thecompetition report and short papers describing 11 of the participating verificationsystems. These papers were reviewed by a separate program committee (PC); eachof the papers was assessed by four reviewers. Two sessions in the TACAS program(this year as part of the TOOLympics event) were reserved for the presentation of theresults: the summary by the SV-COMP chair and the participating tools by thedeveloper teams in the first session, and the open jury meeting in the second session.

Acknowledgments. We would like to thank everyone who helped to make TACAS2019 successful. In particular, we would like to thank the authors for submitting their

viii Preface

papers to TACAS 2019. We would also like to thank all PC members, additionalreviewers, as well as all members of the artifact evaluation committee (AEC) for theirdetailed and informed reviews and, in the case of the PC and AEC members, also fortheir discussions during the virtual PC and AEC meetings. We also thank the SteeringCommittee for their advice. Special thanks go to the Organizing Committee of ETAPS2019 and its general chairs, Jan Kofroň and Jan Vitek, to the chair of the ETAPS 2019executive board, Joost-Pieter Katoen, and to the publication team at Springer.

March 2019 Tomáš Vojnar (PC Chair)Lijun Zhang (PC Chair)

Marius Mikucionis (Tools Chair)Radu Grosu (Use-Case Chair)Dirk Beyer (SV-COMP Chair)

Ondřej Lengál (AEC Chair)Ernst Moritz Hahn (AEC Chair)

Preface ix

Organization

Program Committee

Parosh Aziz Abdulla Uppsala University, SwedenDirk Beyer LMU Munich, GermanyArmin Biere Johannes Kepler University Linz, AustriaAhmed Bouajjani IRIF, Paris Diderot University, FrancePatricia Bouyer LSV, CNRS/ENS Cachan, Université Paris Saclay,

FranceYu-Fang Chen Academia Sinica, TaiwanMaria Christakis MPI-SWS, GermanyAlessandro Cimatti Fondazione Bruno Kessler, ItalyRance Cleaveland University of Maryland, USALeonardo de Moura Microsoft Research, USAParasara Sridhar Duggirala University of North Carolina at Chapel Hill, USAPierre Ganty IMDEA Software Institute, SpainRadu Grosu Vienna University of Technology, AustriaOrna Grumberg Technion – Israel Institute of Technology, IsraelKlaus Havelund NASA/Caltech Jet Propulsion Laboratory, USAHolger Hermanns Saarland University, GermanyFalk Howar TU Dortmund, GermanyMarieke Huisman University of Twente, The NetherlandsRadu Iosif Verimag, CNRS/University of Grenoble Alpes,

FranceJoxan Jaffar National University of Singapore, SingaporeStefan Kiefer University of Oxford, UKJan Kretinsky Technical University of Munich, GermanySalvatore La Torre Università degli studi di Salerno, ItalyKim Guldstrand Larsen Aalborg University, DenmarkAnabelle McIver Macquarie University, AustraliaRoland Meyer TU Braunschweig, GermanyMarius Mikučionis Aalborg University, DenmarkSebastian A. Mödersheim Technical University of Denmark, DenmarkDavid Parker University of Birmingham, UKCorina Pasareanu CMU/NASA Ames Research Center, USASanjit Seshia University of California, Berkeley, USABernhard Steffen TU Dortmund, GermanyJan Strejcek Masaryk University, Czech RepublicZhendong Su ETH Zurich, SwitzerlandMeng Sun Peking University, China

Michael Tautschnig Queen Mary University of London/Amazon WebServices, UK

Tomáš Vojnar (Co-chair) Brno University of Technology, Czech RepublicThomas Wies New York University, USALijun Zhang (Co-chair) Institute of Software, Chinese Academy

of Sciences, ChinaFlorian Zuleger Vienna University of Technology, Austria

Program Committee and Jury—SV-COMP

Dirk Beyer (Chair) LMU Munich, GermanyPeter Schrammel (Representing

2LS)University of Sussex, UK

Jera Hensel (RepresentingAProVE)

RWTH Aachen, Germany

Michael Tautschnig(Representing CBMC)

Amazon Web Services, UK

Kareem Khazem (RepresentingCBMC-Path)

University College London, UK

Vadim Mutilin (RepresentingCPA-BAM-BnB)

ISP RAS, Russia

Pavel Andrianov (RepresentingCPA-Lockator)

ISP RAS, Russia

Marie-Christine Jakobs(Representing CPA-Seq)

LMU Munich, Germany

Omar Alhawi (RepresentingDepthK)

University of Manchester, UK

Vladimír Štill (RepresentingDIVINE-Explicit)

Masaryk University, Czechia

Henrich Lauko (RepresentingDIVINE-SMT)

Masaryk University, Czechia

Mikhail R. Gadelha(RepresentingESBMC-Kind)

University of Southampton, UK

Philipp Ruemmer(Representing JayHorn)

Uppsala University, Sweden

Lucas Cordeiro (RepresentingJBMC)

University of Manchester, UK

Cyrille Artho (RepresentingJPF)

KTH, Denmark

Omar Inverso (RepresentingLazy-CSeq)

Gran Sasso Science Inst., Italy

Herbert Rocha (RepresentingMap2Check)

Federal University of Roraima, Brazil

Cedric Richter (RepresentingPeSCo)

University of Paderborn, Germany

xii Organization

Eti Chaudhary (RepresentingPinaka)

IIT Hyderabad, India

Veronika Šoková (RepresentingPredatorHP)

BUT, Brno, Czechia

Franck Cassez (RepresentingSkink)

Macquarie University, Australia

Zvonimir Rakamaric(Representing SMACK)

University of Utah, USA

Willem Visser (RepresentingSPF)

Stellenbosch University, South Africa

Marek Chalupa (RepresentingSymbiotic)

Masaryk University, Czechia

Matthias Heizmann(Representing UAutomizer)

University of Freiburg, Germany

Alexander Nutz (RepresentingUKojak)

University of Freiburg, Germany

Daniel Dietsch (RepresentingUTaipan)

University of Freiburg, Germany

Priyanka Darke (RepresentingVeriAbs)

Tata Consultancy Services, India

R. K. Medicherla (RepresentingVeriFuzz)

Tata Consultancy Services, India

Pritom Rajkhowa (RepresentingVIAP)

Hong Kong UST, China

Liangze Yin (RepresentingYogar-CBMC)

NUDT, China

Haining Feng (RepresentingYogar-CBMC-Par.)

National University of Defense Technology, China

Artifact Evaluation Committee (AEC)

Pranav Ashok TU Munich, GermanyMarek Chalupa Masaryk University, Czech RepublicGabriele Costa IMT Lucca, ItalyMaryam Dabaghchian University of Utah, USABui Phi Diep Uppsala, SwedenDaniel Dietsch University of Freiburg, GermanyTom van Dijk Johannes Kepler University, AustriaTomáš Fiedor Brno University of Technology, Czech RepublicDaniel Fremont UC Berkeley, USAOndřej Lengál (Co-chair) Brno University of Technology, Czech RepublicErnst Moritz Hahn (Co-chair) Queen’s University Belfast, UKSam Huang University of Maryland, USAMartin Jonáš Masaryk University, Czech RepublicSean Kauffman University of Waterloo, CanadaYong Li Chinese Academy of Sciences, China

Organization xiii

Le Quang Loc Teesside University, UKRasool Maghareh National University of Singapore, SingaporeTobias Meggendorfer TU Munich, GermanyMalte Mues TU Dortmund, GermanyTuan Phong Ngo Uppsala, SwedenChris Novakovic University of Birmingham, UKThai M. Trinh Advanced Digital Sciences Center, Illinois

at Singapore, SingaporeWytse Oortwijn University of Twente, The NetherlandsAleš Smrčka Brno University of Technology, Czech RepublicDaniel Stan Saarland University, GermanyIlina Stoilkovska TU Wien, AustriaMing-Hsien Tsai Academia Sinica, TaiwanJan Tušil Masaryk University, Czech RepublicPedro Valero IMDEA, SpainMaximilian Weininger TU Munich, Germany

Additional Reviewers

Aiswarya, C.Albarghouthi, AwsAminof, BenjaminAmérico, ArthurAshok, PranavAtig, Mohamed FaouziBacci, GiovanniBainczyk, AlexanderBarringer, HowardBasset, NicolasBensalem, SaddekBerard, BeatriceBesson, FrédéricBiewer, SebastianBogomolov, SergiyBollig, BenediktBozga, MariusBozzano, MarcoBrazdil, TomasCaulfield, BenjaminChaudhuri, SwaratCheang, KevinChechik, MarshaChen, Yu-FangChin, Wei-NganChini, Peter

Ciardo, GianfrancoCohen, LironCordeiro, LucasCyranka, JacekČadek, PavelDarulova, EvaDegorre, AldricDelbianco, Germán AndrésDelzanno, GiorgioDevir, NuritDierl, SimonDragoi, CezaraDreossi, TommasoDutra, RafaelEilers, MarcoEl-Hokayem, AntoineFaella, MarcoFahrenberg, UliFalcone, YliesFox, GereonFreiberger, FelixFremont, DanielFrenkel, HadarFriedberger, KarlheinzFrohme, MarkusFu, Hongfei

xiv Organization

Furbach, FlorianGaravel, HubertGhosh, BineetGhosh, ShromonaGondron, SebastienGopinath, DivyaGossen, FrederikGoyal, ManishGraf-Brill, AlexanderGriggio, AlbertoGu, TianxiaoGuatto, AdrienGutiérrez, ElenaHahn, Ernst MoritzHansen, MikkelHartmanns, ArndHasani, RaminHavlena, VojtěchHe, KangliHe, PinjiaHess, Andreas ViktorHeule, MarijnHo, MarkHo, Nhut MinhHolik, LukasHsu, Hung-WeiInverso, OmarIrfan, AhmedIslam, Md. ArifulItzhaky, ShacharJakobs, Marie-ChristineJaksic, StefanJasper, MarcJensen, Peter GjølJonas, MartinKaminski, Benjamin LucienKarimi, AbelKatelaan, JensKauffman, SeanKaufmann, IsabellaKhoo, Siau-ChengKiesl, BenjaminKim, EricKlauck, MichaelaKong, HuiKong, Zhaodan

Kopetzki, DawidKrishna, SiddharthKrämer, JuliaKukovec, JureKumar, RahulKöpf, BorisLange, MartinLe Coent, AdrienLemberger, ThomasLengal, OndrejLi, YiLin, Hsin-HungLluch Lafuente, AlbertoLorber, FlorianLu, JianchaoLukina, AnnaLång, MagnusMaghareh, RasoolMahyar, HamidrezaMarkey, NicolasMathieson, LukeMauritz, MalteMayr, RichardMechtaev, SergeyMeggendorfer, TobiasMicheli, AndreaMichelmore, RhiannonMonteiro, Pedro T.Mover, SergioMu, ChunyanMues, MalteMuniz, MarcoMurano, AnielloMurtovi, AlnisMuskalla, SebastianMutluergil, Suha OrhunNeumann, ElisabethNgo, Tuan PhongNickovic, DejanNies, GillesNoller, YannicNorman, GethinNowack, MartinOlmedo, FedericoPani, ThomasPetri, Gustavo

Organization xv

Piazza, CarlaPoli, FedericoPoulsen, Danny BøgstedPrabhakar, PavithraQuang Trung, TaRanzato, FrancescoRasmussen, CameronRatasich, DeniseRavanbakhsh, HadiRay, RajarshiReger, GilesReynolds, AndrewRigger, ManuelRodriguez, CesarRothenberg, Bat-ChenRoveri, MarcoRydhof Hansen, RenéRüthing, OliverSadeh, GalSaivasan, PrakashSanchez, CesarSangnier, ArnaudSchlichtkrull, AndersSchwoon, StefanSeidl, MartinaShi, XiaomuShirmohammadi, MahsaShoukry, YasserSighireanu, MihaelaSoudjani, SadeghSpießl, MartinSrba, Jiri

Srivas, MandayamStan, DanielStoilkovska, IlinaStojic, IvanSu, TingSummers, Alexander J.Tabuada, PauloTacchella, ArmandoTang, EnyiTian, ChunTonetta, StefanoTrinh, Minh-ThaiTrtík, MarekTsai, Ming-HsienValero, Pedrovan der Berg, FrearkVandin, AndreaVazquez-Chanlatte, MarcellViganò, LucaVilladsen, JørgenWang, ShuaiWang, ShulingWeininger, MaximilianWendler, PhilippWolff, SebastianWüstholz, ValentinXu, XiaoZeljić, AleksandarZhang, FuyuanZhang, QirunZhang, Xiyue

xvi Organization

Contents – Part I

SAT and SMT I

Decomposing Farkas Interpolants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Martin Blicha, Antti E. J. Hyvärinen, Jan Kofroň,and Natasha Sharygina

Parallel SAT Simplification on GPU Architectures . . . . . . . . . . . . . . . . . . . 21Muhammad Osama and Anton Wijs

Encoding Redundancy for Satisfaction-Driven Clause Learning. . . . . . . . . . . 41Marijn J. H. Heule, Benjamin Kiesl, and Armin Biere

WAPS: Weighted and Projected Sampling . . . . . . . . . . . . . . . . . . . . . . . . . 59Rahul Gupta, Shubham Sharma, Subhajit Roy,and Kuldeep S. Meel

SAT and SMT II

Building Better Bit-Blasting for Floating-Point Problems . . . . . . . . . . . . . . . 79Martin Brain, Florian Schanda, and Youcheng Sun

The Axiom Profiler: Understanding and DebuggingSMT Quantifier Instantiations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Nils Becker, Peter Müller, and Alexander J. Summers

On the Empirical Time Complexity of Scale-Free 3-SATat the Phase Transition. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Thomas Bläsius, Tobias Friedrich, and Andrew M. Sutton

Modular and Efficient Divide-and-Conquer SAT Solver on Top of thePainless Framework. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Ludovic Le Frioux, Souheib Baarir, Julien Sopena, and Fabrice Kordon

SAT Solving and Theorem Proving

Quantitative Verification of Masked Arithmetic ProgramsAgainst Side-Channel Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Pengfei Gao, Hongyi Xie, Jun Zhang, Fu Song, and Taolue Chen

Incremental Analysis of Evolving Alloy Models . . . . . . . . . . . . . . . . . . . . . 174Wenxi Wang, Kaiyuan Wang, Milos Gligoric, and Sarfraz Khurshid

Extending a Brainiac Prover to Lambda-Free Higher-Order Logic . . . . . . . . . 192Petar Vukmirović, Jasmin Christian Blanchette, Simon Cruanes,and Stephan Schulz

Verification and Analysis

LCV: A Verification Tool for Linear Controller Software. . . . . . . . . . . . . . . 213Junkil Park, Miroslav Pajic, Oleg Sokolsky, and Insup Lee

Semantic Fault Localization and Suspiciousness Ranking . . . . . . . . . . . . . . . 226Maria Christakis, Matthias Heizmann, Muhammad Numair Mansur,Christian Schilling, and Valentin Wüstholz

Computing Coupled Similarity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244Benjamin Bisping and Uwe Nestmann

Reachability Analysis for Termination and Confluence of Rewriting . . . . . . . 262Christian Sternagel and Akihisa Yamada

Model Checking

VoxLogicA: A Spatial Model Checker for Declarative Image Analysis . . . . 281Gina Belmonte, Vincenzo Ciancia, Diego Latella, and Mieke Massink

On Reachability in Parameterized Phaser Programs . . . . . . . . . . . . . . . . . . . 299Zeinab Ganjei, Ahmed Rezine, Ludovic Henrio, Petru Eles,and Zebo Peng

Abstract Dependency Graphs and Their Application to Model Checking . . . . 316Søren Enevoldsen, Kim Guldstrand Larsen, and Jiří Srba

Tool Demos

nonreach – A Tool for Nonreachability Analysis . . . . . . . . . . . . . . . . . . . . 337Florian Meßner and Christian Sternagel

The Quantitative Verification Benchmark Set . . . . . . . . . . . . . . . . . . . . . . . 344Arnd Hartmanns, Michaela Klauck, David Parker, Tim Quatmann,and Enno Ruijters

ILAng: A Modeling and Verification Platform for SoCsUsing Instruction-Level Abstractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351

Bo-Yuan Huang, Hongce Zhang, Aarti Gupta, and Sharad Malik

METACSL: Specification and Verification of High-Level Properties. . . . . . . . . 358Virgile Robles, Nikolai Kosmatov, Virgile Prevosto, Louis Rilling,and Pascale Le Gall

xviii Contents – Part I

ROLL 1.0: x-Regular Language Learning Library . . . . . . . . . . . . . . . . . . . 365Yong Li, Xuechao Sun, Andrea Turrini, Yu-Fang Chen, and Junnan Xu

Symbolic Regex Matcher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372Olli Saarikivi, Margus Veanes, Tiki Wan, and Eric Xu

COMPASS 3.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379Marco Bozzano, Harold Bruintjes, Alessandro Cimatti,Joost-Pieter Katoen, Thomas Noll, and Stefano Tonetta

Debugging of Behavioural Models with CLEAR. . . . . . . . . . . . . . . . . . . . . 386Gianluca Barbon, Vincent Leroy, and Gwen Salaün

Machine Learning

Omega-Regular Objectives in Model-Free Reinforcement Learning . . . . . . . . 395Ernst Moritz Hahn, Mateo Perez, Sven Schewe, Fabio Somenzi,Ashutosh Trivedi, and Dominik Wojtczak

Verifiably Safe Off-Model Reinforcement Learning . . . . . . . . . . . . . . . . . . . 413Nathan Fulton and André Platzer

Correction to: WAPS: Weighted and Projected Sampling . . . . . . . . . . . . . . C1Rahul Gupta, Shubham Sharma, Subhajit Roy, and Kuldeep S. Meel

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

Contents – Part I xix

Contents – Part II

Concurrent and Distributed Systems

Checking Deadlock-Freedom of Parametric Component-Based Systems . . . . . 3Marius Bozga, Radu Iosif, and Joseph Sifakis

The mCRL2 Toolset for Analysing Concurrent Systems: Improvementsin Expressivity and Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Olav Bunte, Jan Friso Groote, Jeroen J. A. Keiren, Maurice Laveaux,Thomas Neele, Erik P. de Vink, Wieger Wesselink, Anton Wijs,and Tim A. C. Willemse

Automatic Analysis of Consistency Properties of Distributed TransactionSystems in Maude. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Si Liu, Peter Csaba Ölveczky, Min Zhang, Qi Wang, and José Meseguer

Multi-core On-The-Fly Saturation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Tom van Dijk, Jeroen Meijer, and Jaco van de Pol

Monitoring and Runtime Verification

Specification and Efficient Monitoring Beyond STL . . . . . . . . . . . . . . . . . . 79Alexey Bakhirkin and Nicolas Basset

VYPR2: A Framework for Runtime Verification of PythonWeb Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Joshua Heneage Dawes, Giles Reger, Giovanni Franzoni,Andreas Pfeiffer, and Giacomo Govi

Constraint-Based Monitoring of Hyperproperties . . . . . . . . . . . . . . . . . . . . . 115Christopher Hahn, Marvin Stenger, and Leander Tentrup

Hybrid and Stochastic Systems

Tail Probabilities for Randomized Program Runtimes via Martingalesfor Higher Moments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Satoshi Kura, Natsuki Urabe, and Ichiro Hasuo

Computing the Expected Execution Time of Probabilistic Workflow Nets . . . 154Philipp J. Meyer, Javier Esparza, and Philip Offtermatt

Shepherding Hordes of Markov Chains . . . . . . . . . . . . . . . . . . . . . . . . . . . 172Milan Češka, Nils Jansen, Sebastian Junges, and Joost-Pieter Katoen

Optimal Time-Bounded Reachability Analysis for Concurrent Systems . . . . . 191Yuliya Butkova and Gereon Fox

Synthesis

Minimal-Time Synthesis for Parametric Timed Automata . . . . . . . . . . . . . . . 211Étienne André, Vincent Bloemen, Laure Petrucci, and Jaco van de Pol

Environmentally-Friendly GR(1) Synthesis . . . . . . . . . . . . . . . . . . . . . . . . . 229Rupak Majumdar, Nir Piterman, and Anne-Kathrin Schmuck

StocHy: Automated Verification and Synthesis of Stochastic Processes . . . . . 247Nathalie Cauchi and Alessandro Abate

Synthesis of Symbolic Controllers: A Parallelizedand Sparsity-Aware Approach. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265

Mahmoud Khaled, Eric S. Kim, Murat Arcak, and Majid Zamani

Symbolic Verification

iRank: A Variable Order Metric for DEDS Subject to Linear Invariants . . . . . . 285Elvio Gilberto Amparore, Gianfranco Ciardo, Susanna Donatelli,and Andrew Miner

Binary Decision Diagrams with Edge-Specified Reductions . . . . . . . . . . . . . 303Junaid Babar, Chuan Jiang, Gianfranco Ciardo, and Andrew Miner

Effective Entailment Checking for Separation Logic with InductiveDefinitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319

Jens Katelaan, Christoph Matheja, and Florian Zuleger

Safety and Fault-Tolerant Systems

Digital Bifurcation Analysis of TCP Dynamics . . . . . . . . . . . . . . . . . . . . . . 339Nikola Beneš, Luboš Brim, Samuel Pastva, and David Šafránek

Verifying Safety of Synchronous Fault-Tolerant Algorithmsby Bounded Model Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

Ilina Stoilkovska, Igor Konnov, Josef Widder, and Florian Zuleger

Measuring Masking Fault-Tolerance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375Pablo F. Castro, Pedro R. D’Argenio, Ramiro Demasi,and Luciano Putruele

xxii Contents – Part II

PhASAR: An Inter-procedural Static Analysis Framework for C/C++ . . . . . . 393Philipp Dominik Schubert, Ben Hermann, and Eric Bodden

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

Contents – Part II xxiii