Byte-Precise Verification of Low-Level List Manipulation

Dudka, Kamil; Peringer, Petr; Vojnar, Tomáš

doi:10.1007/978-3-642-38856-9_13

Cited by 36 publications

(51 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…[10,19]), give evidence for the relevance of our features for selecting verification tools: They mention language constructs, which-depending on whether they are fully, partially, or not modeled by a tool-constitute its strengths or weaknesses. We give a short survey of such language constructs in Table 1 and relate them to our features.…”

Section: Tool Developer Reportsmentioning

confidence: 99%

“…As an approach to software verification, portfolio solving brings interesting advantages: Extracted from the competition report [2] and tool papers [10,19] To choose the software metrics describing our benchmarks, we consider the zoo of techniques discussed above along with their target domains, our intuition as programmers, as well as the tool developer reports in their competition contributions. Table 1 exemplarily summarizes these reports for tools CBMC, Predator, CPAchecker and SMACK: the first column gives obstacles the tools' authors identified, the following columns show whether the feature is supported by respective tool, and the last column references the corresponding metrics, which we introduce in Sect.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Empirical software metrics for benchmarking of verification tools

Demyanova

Pani

Veith

et al. 2017

Form Methods Syst Des

View full text Add to dashboard Cite

We study empirical metrics for software source code, which can predict the performance of verification tools on specific types of software. Our metrics comprise variable usage patterns, loop patterns, as well as indicators of control-flow complexity and are extracted by simple data-flow analyses. We demonstrate that our metrics are powerful enough to devise a machine-learning based portfolio solver for software verification. We show that this portfolio solver would be the (hypothetical) overall winner of the international competition on software verification (SV-COMP) in three consecutive years (2014)(2015)(2016). This gives strong empirical evidence for the predictive power of our metrics and demonstrates the viability of portfolio solvers for software verification. Moreover, we demonstrate the flexibility of our algorithm for portfolio construction in novel settings: originally conceived for SV-COMP'14, the construction works just as well for SV-COMP'15 (considerably more verification tasks) and for SV-COMP'16 (considerably more candidate verification tools).

show abstract

Section: Tool Developer Reportsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Empirical software metrics for benchmarking of verification tools

Demyanova

Pani

Veith

et al. 2017

Form Methods Syst Des

View full text Add to dashboard Cite

show abstract

“…We further demonstrate that our method can simplify verification of pointer programs by separating the issue of shape analysis from that of verification of data-related properties. Namely, we first obtain shape invariants from a specialised shape analyser (Predator [7] in our case), use it within our method to transform the given pointer program into a container program, and then use a tool that specialises in verification of data-related properties of container programs (for which we use the J2BP tool [14,15]). …”

Section: Introductionmentioning

confidence: 99%

“…We say that the former objects are transformed into the latter ones, and we call the relationship a transformation relation. A transformation relation is normally not output by shape analysers, however, tools such as Predator [7] (based on SMGs), Slayer [1] (based on separation logic), or Forester [8] (based on automata) actually work with it at least implicitly when applying abstract transformers. We only need them to output it.…”

Section: Introductionmentioning

confidence: 99%

“…1(a) with lines annotated by the shape invariant in the round boxes on their right. The invariant is expressed in the form of so-called symbolic memory graphs (SMGs), the abstract domain of the shape analyser Predator [7], simplified to a bare minimum sufficient for exposing main concepts of our method. The basic abstract objects of SMGs are shown as the black circles in the figure.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

From Low-Level Pointers to High-Level Containers

Dudka

Holík

Peringer

et al. 2015

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We propose a method that transforms a C program manipulating containers using low-level pointer statements into an equivalent program where the containers are manipulated via calls of standard high-level container operations like push back or pop front. The input of our method is a C program annotated by a special form of shape invariants which can be obtained from current automatic shape analysers after a slight modification. The resulting program where the low-level pointer statements are summarized into high-level container operations is more understandable and (among other possible benefits) better suitable for program analysis since the burden of dealing with low-level pointer manipulations gets removed. We have implemented our approach and successfully tested it through a number of experiments with list-based containers, including experiments with simplification of program analysis by separating shape analysis from analysing data-related properties.

show abstract