Simplification by Cooperating Decision Procedures
ACM Transactions on Programming Languages and Systems (TOPLAS)
A Discipline of Programming
High Integrity Software: The SPARK Approach to Safety and Security
High Integrity Software: The SPARK Approach to Safety and Security
Formal certification of a compiler back-end or: programming a compiler with a proof assistant
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Types, bytes, and separation logic
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Unifying type checking and property checking for low-level code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formal Verification of C Systems Code
Journal of Automated Reasoning
Formal Verification of a Reader-Writer Lock Implementation in C
Electronic Notes in Theoretical Computer Science (ENTCS)
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Boogie: a modular reusable verifier for object-oriented programs
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
The spec# programming system: an overview
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
VCC: A Practical System for Verifying Concurrent C
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
Formal Verification of a Reader-Writer Lock Implementation in C
Electronic Notes in Theoretical Computer Science (ENTCS)
HOL-Boogie--An Interactive Prover-Backend for the Verifying C Compiler
Journal of Automated Reasoning
Reasoning about Memory Layouts
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Automated verification of a small hypervisor
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
A precise memory model for low-level bounded model checking
SSV'10 Proceedings of the 5th international conference on Systems software verification
Reasoning about memory layouts
Formal Methods in System Design
Heaps and data structures: a challenge for automated provers
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Shape analysis of low-level c with overlapping structures
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Local verification of global invariants in concurrent programs
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Automatically verifying typing constraints for a data processing language
CPP'11 Proceedings of the First international conference on Certified Programs and Proofs
LLBMC: bounded model checking of C and C++ programs using a compiler IR
VSTTE'12 Proceedings of the 4th international conference on Verified Software: theories, tools, experiments
File systems deserve verification too!
Proceedings of the Seventh Workshop on Programming Languages and Operating Systems
| Hi-index | 0.00 |
Verification for OO programs typically starts from a strongly typed object model in which distinct objects/fields are guaranteed not to overlap. This model simplifies verification by eliminating all ''uninteresting'' aliasing and allowing the use of more efficient frame axioms. Unfortunately, this model is unsound and incomplete for languages like C, where ''objects'' can overlap almost arbitrarily. Sound verification for C therefore typically starts from an untyped memory model, where memory is just an array of bytes. The untyped model, however, adds substantial annotation burden, and reasoning in the untyped model is computationally expensive. We propose a sound, typed semantics for C that provides the annotational and computational advantages of the typed object model while remaining sound and complete for C. We maintain a predicate identifying where the ''valid'' objects are, and introduce invariants and proof obligations that guarantee that the valid objects are suitably antialiased, and that (almost) all objects appearing in the program are valid. We describe the implementation of this approach in VCC (a sound verifier for C being used to verify the Microsoft Hypervisor) and the resulting performance gains.