Parametric shape analysis via 3-valued logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Boolean and Cartesian Abstraction for Model Checking C Programs
TACAS 2001 Proceedings of the 7th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
Program verification with interacting analysis plugins
Formal Aspects of Computing
Verification of Java Programs with Interacting Analysis Plugins
Electronic Notes in Theoretical Computer Science (ENTCS)
Counterexample driven refinement for abstract interpretation
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Falsifying Safety Properties Through Games on Over-approximating Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Verifying heap-manipulating programs in an SMT framework
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
Synthesis of circular compositional program proofs via abduction
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Hi-index | 0.00 |
We present Hector, a software tool for combining different abstraction methods to extract sound models of heap-manipulating imperative programs with recursion. Extracted models may be explored visually and model checked with a wide range of "propositional" temporal logic safety properties, where "propositions" are formulae of a first order logic with transitive closure and arithmetic (L). Hector uses techniques initiated in [4,5] to wrap up different abstraction methods as modular analysis plugins, and to exchange information about program state between plugins through formulae of L. This approach aims to achieve both (apparently conflicting) advantages of increased precision and modularity. When checking safety properties containing non-independent "propositions", our model checking algorithm gives greater precision than a naïve three-valued one since it maintains some dependencies.