Solving shape-analysis problems in languages with destructive updating
ACM Transactions on Programming Languages and Systems (TOPLAS)
Simplification by Cooperating Decision Procedures
ACM Transactions on Programming Languages and Systems (TOPLAS)
Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ESP: path-sensitive program verification in polynomial time
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
TVLA: A System for Implementing Static Analyses
SAS '00 Proceedings of the 7th International Symposium on Static Analysis
Predicate Abstraction of ANSI-C Programs Using SAT
Formal Methods in System Design
Scalable error detection using boolean satisfiability
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Weakest-precondition of unstructured programs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Verifying properties of well-founded linked lists
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Beyond reachability: shape abstraction in the presence of pointer arithmetic
SAS'06 Proceedings of the 13th international conference on Static Analysis
The spec# programming system: an overview
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Shape analysis by predicate abstraction
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
A logic and decision procedure for predicate abstraction of heap-manipulating programs
VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
Data structure specifications via local equality axioms
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Reachability analysis for annotated code
Proceedings of the 2007 conference on Specification and verification of component-based systems: 6th Joint Meeting of the European Conference on Software Engineering and the ACM SIGSOFT Symposium on the Foundations of Software Engineering
Back to the future: revisiting precise program verification using SMT solvers
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Relational inductive shape analysis
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Unifying type checking and property checking for low-level code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Scalable Memory Model for Low-Level Code
VMCAI '09 Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation
Test Input Generation for Programs with Pointers
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Static and Precise Detection of Concurrency Errors in Systems Code Using SMT Solvers
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Region Analysis for Race Detection
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Automatic Inference of Frame Axioms Using Static Analysis
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
FM '09 Proceedings of the 2nd World Congress on Formal Methods
An abstract domain for analyzing heap-manipulating low-level software
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Verifying heap-manipulating programs in an SMT framework
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
Verification of equivalent-results methods
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
STORM: static unit checking of concurrent programs
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Staged concurrent program analysis
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Towards scalable modular checking of user-defined properties
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
To goto where no statement has gone before
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Context-bounded translations for concurrent software: an empirical evaluation
SPIN'10 Proceedings of the 17th international SPIN conference on Model checking software
Specification and verification: the Spec# experience
Communications of the ACM
Pest: from the lab to the classroom
Proceedings of the 1st Workshop on Developing Tools as Plug-ins
Generalizing the template polyhedral domain
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Automatically refining partial specifications for program verification
FM'11 Proceedings of the 17th international conference on Formal methods
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
A polymorphic intermediate verification language: design and logical encoding
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Modeling and analyzing the interaction of C and C++ strings
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Joogie: from Java through Jimple to Boogie
Proceedings of the 2nd ACM SIGPLAN International Workshop on State Of the Art in Java Program analysis
Automating separation logic using SMT
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Automatically refining partial specifications for heap-manipulating programs
Science of Computer Programming
| Hi-index | 0.02 |
Reasoning about heap-allocated data structures such as linked lists and arrays is challenging. The reachability predicate has proved to be useful for reasoning about the heap in type-safe languages where memory is manipulated by dereferencing object fields. Sound and precise analysis for such data structures becomes significantly more challenging in the presence of low-level pointer manipulation that is prevalent in systems software. In this paper, we give a novel formalization of the reachability predicate in the presence of internal pointers and pointer arithmetic. We have designed an annotation language for C programs that makes use of the new predicate. This language enables us to specify properties of many interesting data structures present in the Windows kernel. We present preliminary experience with a prototype verifier on a set of illustrative C benchmarks.