Bounded Model Checking Using Satisfiability Solving
Formal Methods in System Design
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
From symptom to cause: localizing errors in counterexample traces
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Applying SAT Methods in Unbounded Symbolic Model Checking
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Analysis of modular arithmetic
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Inferring Congruence Equations Using SAT
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
On Computing Constraint Abduction Answers
LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
A few billion lines of code later: using static analysis to find bugs in the real world
Communications of the ACM
Filtering false alarms of buffer overflow analysis using SMT solvers
Information and Software Technology
Z-ranking: using statistical analysis to counter the impact of static analysis approximations
SAS'03 Proceedings of the 10th international conference on Static analysis
Automatically refining abstract interpretations
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Automatic abstraction for intervals using Boolean formulae
SAS'10 Proceedings of the 17th international conference on Static analysis
Transfer function synthesis without quantifier elimination
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Existential quantification as incremental SAT
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Abduction of linear arithmetic constraints
ICLP'05 Proceedings of the 21st international conference on Logic Programming
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Taming false alarms from a domain-unaware c analyzer by a bayesian statistical post analysis
SAS'05 Proceedings of the 12th international conference on Static Analysis
Understanding the origin of alarms in ASTRÉE
SAS'05 Proceedings of the 12th international conference on Static Analysis
Counterexample driven refinement for abstract interpretation
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Sound non-statistical clustering of static analysis alarms
VMCAI'12 Proceedings of the 13th international conference on Verification, Model Checking, and Abstract Interpretation
Inferring Sufficient Conditions with Backward Polyhedral Under-Approximations
Electronic Notes in Theoretical Computer Science (ENTCS)
ALLQBF solving by computational learning
ATVA'12 Proceedings of the 10th international conference on Automated Technology for Verification and Analysis
FESA: fold- and expand-based shape analysis
CC'13 Proceedings of the 22nd international conference on Compiler Construction
| Hi-index | 0.00 |
Abstract interpretation for proving safety properties summarizes concrete traces into abstract states, thereby trading the ability to distinguish traces for tractability. Given a violation of a safety property, it is thus unclear which trace led to the violation. Moreover, since part of the abstract state is over-approximate, such a trace may not exist at all. We propose a novel backward analysis that is based on abduction of propositional Boolean logic and that only generates legitimate traces that reveal actual defects. The key to tractability lies in modifying an existing projection algorithm to stop prematurely with an under-approximation and by combining various algorithmic techniques to handle loops finitely.