Computer-aided verification of coordinating processes: the automata-theoretic approach
Computer-aided verification of coordinating processes: the automata-theoretic approach
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Race checking by context inference
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
KISS: keep it simple and sequential
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Iterative context bounding for systematic testing of multithreaded programs
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Model checking concurrent linux device drivers
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Dataflow analysis for concurrent programs using datarace detection
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Reducing Concurrent Analysis Under a Context Bound to Sequential Analysis
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Efficient Modeling of Concurrent Systems in BMC
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Symbolic Context-Bounded Analysis of Multithreaded Java Programs
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Unifying type checking and property checking for low-level code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Scalable Memory Model for Low-Level Code
VMCAI '09 Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation
Semantic Reduction of Thread Interleavings in Concurrent Programs
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
A reachability predicate for analyzing low-level software
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
SPADE: verification of multithreaded dynamic and recursive programs
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Interprocedural analysis of concurrent programs under a context bound
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Boogie: a modular reusable verifier for object-oriented programs
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Context-Bounded model checking of concurrent software
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Bounded model checking of concurrent programs
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Symbolic model checking for asynchronous boolean programs
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Reducing Context-Bounded Concurrent Reachability to Sequential Reachability
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Staged concurrent program analysis
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Scalable SMT-based verification of GPU kernel functions
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Context-bounded translations for concurrent software: an empirical evaluation
SPIN'10 Proceedings of the 17th international SPIN conference on Model checking software
Improved device driver reliability through hardware verification reuse
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Compositionality entails sequentializability
TACAS'11/ETAPS'11 Proceedings of the 17th international conference on Tools and algorithms for the construction and analysis of systems: part of the joint European conferences on theory and practice of software
On sequentializing concurrent programs
SAS'11 Proceedings of the 18th international conference on Static analysis
Context-bounded model checking of LTL properties for ANSI-C software
SEFM'11 Proceedings of the 9th international conference on Software engineering and formal methods
Underspecified harnesses and interleaved bugs
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Sound predictive race detection in polynomial time
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The language theory of bounded context-switching
LATIN'10 Proceedings of the 9th Latin American conference on Theoretical Informatics
GKLEE: concolic verification and test generation for GPUs
Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming
Timing analysis of interrupt-driven programs under context bounds
Proceedings of the International Conference on Formal Methods in Computer-Aided Design
Trace-Based symbolic analysis for atomicity violations
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
A lightweight technique for distributed and incremental program verification
VSTTE'12 Proceedings of the 4th international conference on Verified Software: theories, tools, experiments
Symbolic consistency checking of OpenMp parallel programs
Proceedings of the 13th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, Tools and Theory for Embedded Systems
Detecting fair non-termination in multithreaded programs
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
A solver for reachability modulo theories
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Predicting null-pointer dereferences in concurrent programs
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Asynchronous programs with prioritized task-buffers
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Bounded-Interference sequentialization for testing concurrent programs
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Hi-index | 0.00 |
Context-bounded analysis is an attractive approach to verification of concurrent programs. Bounding the number of contexts executed per thread not only reduces the asymptotic complexity, but also the complexity increases gradually from checking a purely sequential program. Lal and Reps [14] provided a method for reducing the context-bounded verification of a concurrent boolean program to the verification of a sequential boolean program, thereby allowing sequential reasoning to be employed for verifying concurrent programs. In this work, we adapt the encoding to work for systems programs written in C with the heap and accompanying low-level operations such as pointer arithmetic and casts. Our approach is completely automatic: we use a verification condition generator and SMT solvers, instead of a boolean model checker, in order to avoid manual extraction of boolean programs and false alarms introduced by the abstraction. We demonstrate the use of field slicing for improving the scalability and (in some cases) coverage of our checking. We evaluate our tool Storm on a set of real-world Windows device drivers, and has discovered a bug that could not be detected by extensive application of previous tools.