Back to the future revisiting precise program verification using SMT solvers

ACM SIGPLAN Notices

Volumn 43, Issue 1, 2008, Pages 171-182

  Lahiri, Shuvendu K ^a   Qadeer, Shaz ^a  

^a MICROSOFT RESEARCH   (United States)

Author keywords

Decision procedures; Heap manipulating programs; Linked lists; Reachability; SMT solvers; Software verification

Indexed keywords

DECISION PROCEDURES; HEAP-MANIPULATING PROGRAMS; LINKED LISTS; REACHABILITY; SMT SOLVERS; SOFTWARE VERIFICATION;

COMPUTER SOFTWARE; FORMAL LOGIC; SOFTWARE PROTOTYPING;

VERIFICATION;

EID: 57349179388     PISSN: 15232867     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (36)

1. I. Balaban, A. Pnueli, and L. D. Zuck. Shape analysis by predicate abstraction. In Verification, Model checking, and Abstract Interpretation (VMCAI '05), LNCS 3385, pages 164-180, 2005.
2. T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In Programming Language Design and Implementation (PLDI '01), pages 203-213, 2001.
3. M. Barnett and K. R. M. Leino. Weakest-precondition of unstructured programs. In Program Analysis For Software Tools and Engineering (PASTE '05), pages 82-87, 2005.
4. M. Barnett, K. R. M. Leino, and W. Schulte. The Spec# programming system: An overview. In Construction and Analysis of Safe, Secure and Interoperable Smart Devices, LNCS 3362, pages 49-69, 2005.
5. J. Berdine, C. Calcagno, B. Cook, D. Distefano, P. O'Hearn, T. Wies, and H. Yang. Shape analysis for composite data structures. In Computer Aided Verification (CAV '07), LNCS 4590, pages 178-192, 2007.
6. J. Berdine, C. Calcagno, and P. W. O'Hearn. A decidable fragment of separation logic. In FSTTCS '04: Foundations of Software Technology and Theoretical Computer Science, LNCS 3328, pages 97-109, 2004.
7. E. Börger, E. Grädel, and Y. Gurevich. The Classical Decision Problem. Springer-Verlag, 1997.
8. S. Chatterjee, S. K. Lahiri, S. Qadeer, and Z. Rakamarić. A reachability predicate for analyzing low-level software. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS '07), LNCS 4424, pages 19-33, 2007.
9. E. M. Clarke, O. Grumberg, S. Jha, Y Lu, and H. Veith. Counterexample-guided abstraction refinement. In Computer Aided Verification (CAV '00), LNCS 1855, pages 154-169, 2000.
10. L. de Moura and N. Bjorner. Efficient Incremental E-matching for SMT Solvers. In Conference on Automated Deduction (CADE '07), LNCS 4603, pages 183-198, 2007.
11. R. DeLine and K. R. M. Leino. Boogie PL: A typed procedural language for checking object-oriented programs. Technical Report MSR-TR-2005-70, Microsoft Research, 2005.
12. D. Detlefs, G. Nelson, and J. B. Saxe. Simplify: a theorem prover for program checking. J. ACM, 52(3):365-473, 2005.
13. E.W. Dijkstra. A Discipline of Programming. Prentice-Hall, 1976.
14. D. Distefano, P. W. O'Hearn, and H. Yang. A local shape analysis based on separation logic. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS '06), LNCS 3920, pages 287-302, 2006.
15. B. Dutertre and L. M. de Moura. A Fast Linear-Arithmetic Solver for DPLL(T). In Computer Aided Verification (CAV '06), LNCS 4144, pages 81-94, 2006.
16. C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In Programming Language Design and Implementation (PLDI'02), pages 234-245, 2002.
17. P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In Programming Language Design and Implementation (PLDI '05), pages 213-223. ACM, 2005.
18. S. Graf and H. Saïdi. Construction of abstract state graphs with PVS. In Computer-Aided Verification (CAV '97), LNCS 1254, pages 72-83, June 1997.
19. T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In Principles of Programming Languages (POPL '02), pages 58-70, 2002.
20. V. Kuncak and M. C. Rinard. Decision procedures for set-valued fields. Electr. Notes Theor. Comput. Sci., 131:51-62, 2005.
21. R. P. Kurshan. Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach. Princeton University Press, 1995.
22. S. K. Lahiri and S. Qadeer. Verifying properties of well-founded linked lists. In Principles of Programming Languages (POPL '06), pages 115-126, 2006.
23. S. K. Lahiri and S. Qadeer. Back to the Future: Revisiting Precise Program Verification using SMT Solvers. Technical Report MSR-TR-2007-88, Microsoft Research, 2007a.
24. S. K. Lahiri and S. Qadeer. A decision procedure for well-founded reachability. Technical Report MSR-TR-2007-43, Microsoft Research, 2007b.
25. T. Lev-Ami, N. Immerman, T. W. Reps, S. Sagiv, S. Srivastava, and G. Yorsh. Simulating reachability using first-order logic with applications to verification of linked data structures. In Conference on Automated Deduction (CADE '05), LNCS 3632, pages 99-115, 2005.
26. T. Lev-Ami and S. Sagiv. TVLA: A system for implementing static analyses. In Static Analysis Symposium (SAS '00), LNCS 1824, pages 280-301, 2000.
27. S. McPeak and G. C. Necula. Data structure specifications via local equality axioms. In Computer-Aided Verification (CAV '05), LNCS 3576, pages 476-490, 2005.
28. Anders Møller and Michael I. Schwartzbach. The pointer assertion logic engine. In Programming Language Design and Implementation (PLDI '01), pages 221-231, 2001.
29. Muh. Available at http://muh.sourceforge.net/.
30. G. Nelson and D. C. Oppen. Simplification by cooperating decision procedures. ACM Transactions on Programming Languages and Systems (TOPLAS), 2(1):245-257, 1979.
31. Greg Nelson. Verifying reachability invariants of linked structures. In Principles of Programming Languages (POPL '83), pages 38-47, 1983.
32. Z. Rakamarić, J. Bingham, and A. J. Hu. An inference-rule-based decision procedure for verification of heap-manipulating programs with mutable data and cyclic data structures. In Verification, Model Checking, and Abstract Interpretation (VMCAI '06), LNCS 4349, pages 106-121, 2007.
33. S. Ranise and C. G. Zarba. A theory of singly-linked lists and its extensible decision procedure. In Software Engineering and Formal Methods (SEFM '06), pages 206-215, 2006.
34. J. C. Reynolds. Separation logic: A logic for shared mutable data structures. In Logic in Computer Science (LICS '02), pages 55-74, 2002.
35. Satisfiability Modulo Theories Library (SMT-LIB). Available at http://goedel.cs.uiowa.edu/smtlib/.
36. G. Yorsh, A. M. Rabinovich, M. Sagiv, A. Meyer, and A. Bouajjani. A logic of reachable patterns in linked data-structures. In Foundations of Software Science and Computation Structures (FoSSaCS '06), LNCS 3921, pages 94-110, 2006.