Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
Weakest-precondition of unstructured programs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Back to the future: revisiting precise program verification using SMT solvers
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Unifying type checking and property checking for low-level code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Hi-index | 0.00 |
In this paper, we describe a few challenges that accompany SMT-based precise verification of systems code (device drivers, file systems) written in low-level languages such as C/C++. First, the presence of pointer arithmetic and untrusted casts make type checking difficult; we show how to formalize C type safety checking and exploit the types for disambiguation of addresses in the heap. Second, the prevalence of explicit manipulation of pointers in data structures using dereference and address arithmetic precludes abstract reasoning about data structures.We provide an expressive and efficient theory for reasoning about linked lists, which comprise most data structures in systems code. We discuss extensions to standard SMT solvers to tackle these issues in the context of the HAVOC verifier.