• Publications
  • Influence
Context-Bounded Model Checking of Concurrent Software
This paper proves that the problem of verifying a concurrent boolean program is decidable, even in the presence of unbounded parallelism, if the analysis is restricted to executions in which the number of context switches is bounded by an arbitrary constant.
Type-base flow analysis: from polymorphic subtyping to CFL-reachability
A novel approach to scalable implementation of type-based flow analysis with polymorphic subtyping with context-free language reachability techniques and develops a CFL-based algorithm for computing flow-information in time O(n³), where n is the size of the typed program.
Scalable context-sensitive flow analysis using instantiation constraints
This paper shows that a type graph (obtained via polymorphic typeinference) harbors explicit directional flow paths between functions and shows that flow information can be computed efficiently while considering only paths with well matched call-return sequences, even in the higher-order case.
Stuck-Free Conformance
It is proved that conformance is a precongruence on CCS processes, thereby supporting modular refinement and implementing conformance checking in a new software model checker, zing, and how it is used to find errors in distributed programs.
Zing: A Model Checker for Concurrent Software
The zing project is an effort to build a flexible and scalable model checking infrastructure for concurrent software. The project is divided into four components: (1) a modeling language for
Types as models: model checking message-passing programs
The system includes two novel components to achieve this end: a behavioral type-and-effect system for the π-calculus, which extracts sound models as types, and an assume-guarantee proof rule for carrying out compositional model checking on the types.
Conformance Checking for Models of Asynchronous Message Passing Software
The definition of stuckness and conformance capture important correctness conditions of message-passing software and are used to check that programs do not get stuck, waiting to receive or trying to send messages in vain.
The complexity of subtype entailment for simple types
  • F. Henglein, J. Rehof
  • Computer Science
    Proceedings of Twelfth Annual IEEE Symposium on…
  • 29 June 1997
The proof of coNP-completeness gives an improved algorithm for deciding entailment and puts a precise complexity-theoretic marker on the intuitive "exponential explosion" in the algorithm.
Constraint Automata and the Complexity of Recursive Subtype Entailment
This paper proves that nonstructural subtype entailment is PSPACE-hard, both for finite trees and infinite trees (recursive types) and for the structural ordering, when the order on trees is generated from a lattice of type constants.
Estimating the Impact of Scalable Pointer Analysis on Optimization
This paper describes alias frequency, a metric that measures the ability of a pointer analysis to determine that pairs of memory accesses in C programs cannot be aliases, and develops a new context-sensitive pointer analysis that also serves as a general engine for tracing the flow of values in C Programs.