Verifying heap-manipulating programs in an SMT framework

Authors:
Zvonimir Rakamarić;Roberto Bruttomesso;Alan J. Hu;Alessandro Cimatti
Affiliations:
Department of Computer Science, University of British Columbia, Canada;ITC-IRST, Povo, Trento, Italy;Department of Computer Science, University of British Columbia, Canada;ITC-IRST, Povo, Trento, Italy
Venue:
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
Year:
2007

Citing 34
Cited 7

Automatic verification of pointer programs using monadic second-order logic

Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation
Simplification by Cooperating Decision Procedures

ACM Transactions on Programming Languages and Systems (TOPLAS)
Automatic predicate abstraction of C programs

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
The pointer assertion logic engine

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Lazy abstraction

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Extended static checking for Java

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Verifying reachability invariants of linked structures

POPL '83 Proceedings of the 10th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Decidable Logic for Describing Linked Data Structures

ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
TVLA: A System for Implementing Static Analyses

SAS '00 Proceedings of the 7th International Symposium on Static Analysis
Construction of Abstract State Graphs with PVS

CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Techniques for program verification

Techniques for program verification
Predicate Abstraction of ANSI-C Programs Using SAT

Formal Methods in System Design
Model Checking C Programs Using F-SOFT

ICCD '05 Proceedings of the 2005 International Conference on Computer Design
Verifying properties of well-founded linked lists

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Theory of Singly-Linked Lists and its Extensible Decision Procedure

SEFM '06 Proceedings of the Fourth IEEE International Conference on Software Engineering and Formal Methods
Efficient theory combination via boolean search

Information and Computation - Special issue: Combining logical systems
An inference-rule-based decision procedure for verification of heap-manipulating programs with mutable data and cyclic data structures

VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
A reachability predicate for analyzing low-level software

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Combined satisfiability modulo parametric theories

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Hector: software model checking with cooperating analysis plugins

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Structural abstraction of software verification conditions

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Configurable software verification: concretizing the convergence of model checking and program analysis

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Delayed theory combination vs. nelson-oppen for satisfiability modulo theories: a comparative analysis

LPAR'06 Proceedings of the 13th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
A logic of reachable patterns in linked data-structures

FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
The spec# programming system: an overview

CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Shape analysis by predicate abstraction

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Predicate abstraction and canonical abstraction for singly-linked lists

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
SMT techniques for fast predicate abstraction

CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Lazy shape analysis

CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
A logic and decision procedure for predicate abstraction of heap-manipulating programs

VMCAI'06 Proceedings of the 7th international conference on Verification, Model Checking, and Abstract Interpretation
Efficient satisfiability modulo theories via delayed theory combination

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Data structure specifications via local equality axioms

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Simulating reachability using first-order logic with applications to verification of linked data structures

CADE' 20 Proceedings of the 20th international conference on Automated Deduction
The MathSAT 3 system

CADE' 20 Proceedings of the 20th international conference on Automated Deduction

The MathSAT 4 SMT Solver

CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Separation Logic Verification of C Programs with an SMT Solver

Electronic Notes in Theoretical Computer Science (ENTCS)
Decidable logics combining heap structures and data

Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient decision procedures for heaps using STRAND

SAS'11 Proceedings of the 18th international conference on Static analysis
Recursive proofs for inductive tree data-structures

POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Natural proofs for structure, data, and separation

Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Invariants synthesis over a combined domain for automated program verification

Theories of Programming and Formal Methods

Quantified Score

Hi-index	0.00

Visualization

Abstract

Automated software verification has made great progress recently, and a key enabler of this progress has been the advances in efficient, automated decision procedures suitable for verification (Boolean satisfiability solvers and satisfiability-modulo-theories (SMT) solvers). Verifying general software, however, requires reasoning about unbounded, linked, heap-allocated data structures, which in turn motivates the need for a logical theory for such structures that includes unbounded reachability. So far, none of the available SMT solvers supports such a theory. In this paper, we present our integration of a decision procedure that supports unbounded heap reachability into an available SMT solver. Using the extended SMT solver, we can efficiently verify examples of heap-manipulating programs that we could not verify before.