35,041 Hits in 6.0 sec

Symbolic Detection of Assertion Dependencies for Bounded Model Checking [chapter]

Grigory Fedyukovich, Andrea Callia D'Iddio, Antti E. J. Hyvärinen, Natasha Sharygina
2015 Lecture Notes in Computer Science  
We present an algorithm which uses a SAT solver on a bounded symbolic encoding of the program to reveal the implication relationships among spatially close assertions for use in a variety of bounded model  ...  The analyses may generate thousands of redundant assertions often causing problems later in the chain, including scalability issues for automatic tools or a prohibitively large amount of information for  ...  Maurizio Talamo from the Tor Vergata University of Rome, for strongly encouraging this collaboration.  ... 
doi:10.1007/978-3-662-46675-9_13 fatcat:zmnsjkvi3jhdldjwh4rsqjnoiu

Verifying CUDA programs using SMT-based context-bounded model checking

Phillipe Pereira, Higo Albuquerque, Hendrio Marques, Isabela Silva, Celso Carvalho, Lucas Cordeiro, Vanessa Santos, Ricardo Ferreira
2016 Proceedings of the 31st Annual ACM Symposium on Applied Computing - SAC '16  
ESBMC-GPU uses an operational model for the verification, i.e., an abstract representation of the standard CUDA libraries that conservatively approximates their semantics.  ...  Experimental results show that ESBMC-GPU is able to detect more properties violations, while keeping lower rates of false results.  ...  First, we extend benefits of SMT-Based Context-Bounded Model Checking for CUDA programs, in the context of parallel programming for GPUs, to detect more failures than other existing approaches, while keeping  ... 
doi:10.1145/2851613.2851830 dblp:conf/sac/PereiraAMSCCSF16 fatcat:75chbors35ennj57mmfq4frg3m

The bounded model checker LLBMC

Stephan Falke, Florian Merz, Carsten Sinz
2013 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE)  
LLBMC employs bounded model checking using an SMT-solver for the theory of bitvectors and arrays and thus achieves precision down to the level of single bits.  ...  The two main features of LLBMC that distinguish it from other bounded model checking tools for C/C++ are (i) its bit-precise memory model, which makes it possible to support arbitrary type conversions  ...  A recent tool that combines features of symbolic execution and bounded model checking and targets C programs is LAV [21] .  ... 
doi:10.1109/ase.2013.6693138 dblp:conf/kbse/FalkeMS13 fatcat:cky4sjccb5bzjj4yly3o25bhsi

Concurrent Bounded Model Checking

Quoc-Sang Phan, Pasquale Malacaria, Corina S. Pǎsǎreanu
2015 Software engineering notes  
We introduce a methodology, based on symbolic execution, for Concurrent Bounded Model Checking. In our approach, we translate a program into a formula in a disjunctive form.  ...  for satisfiability checks.  ...  Concurrent Bounded Model Checking Our method for concurrent bounded model checking is illustrated in Fig. 4 .  ... 
doi:10.1145/2693208.2693240 fatcat:tcnde262b5eg7lod2blkutn2ku

From Program to Logic: An Introduction [chapter]

Patrice Godefroid, Shuvendu K. Lahiri
2012 Lecture Notes in Computer Science  
We review, compare and discuss several approaches for representing programs by logic formulas, such as symbolic model checking, bounded model checking, verification-condition generation, and symbolicexecution-based  ...  Bounded Model Checking Bounded Model Checking using SAT solvers is another approach for representing programs using logic formulas [6] .  ...  In that case, bounded model checking is neither sound for program verification nor sound for bug finding.  ... 
doi:10.1007/978-3-642-35746-6_2 fatcat:flkhpzas5nhdph5py3vyopyv5i

ESBMC-GPU A context-bounded model checking tool to verify CUDA programs

Felipe R. Monteiro, Erickson H. da S. Alves, Isabela S. Silva, Hussama I. Ismail, Lucas C. Cordeiro, Eddie B. de Lima Filho
2018 Science of Computer Programming  
, array out-of-bounds violations, assertive statements, pointer safety, and the use of specific CUDA features.  ...  The Compute Unified Device Architecture (CUDA) is a programming model used for exploring the advantages of graphics processing unit (GPU) devices, through parallelization and specialized functions and  ...  Marques-Silva, SMT-Based Bounded Model Checking for Embedded ANSI-C Software, IEEE Trans. Software Eng. 38 (2012) 957-974, URL[4] P. Pereira, H. Albuquerque, H.  ... 
doi:10.1016/j.scico.2017.09.005 fatcat:k72fp665cnefze5al5jp2sthk4

LLBMC: Bounded Model Checking of C and C++ Programs Using a Compiler IR [chapter]

Florian Merz, Stephan Falke, Carsten Sinz
2012 Lecture Notes in Computer Science  
Bounded model checking (BMC) of C and C++ programs is challenging due to the complex and intricate syntax and semantics of these programming languages.  ...  In contrast to many other tools, LLBMC uses a flat, bit-precise memory model. It can thus precisely model, e.g., memory-based re-interpret casts as used in C and static/dynamic casts as used in C++.  ...  Related Work Bounded model checking of hardware was introduced by Biere et al. in 1999 [3] as an alternative to symbolic model checking using binary decision diagrams (BDDs) [6] .  ... 
doi:10.1007/978-3-642-27705-4_12 fatcat:bsf4admwzvblziefh6mn4ha2xa

Wolf – Bug Hunter for Concurrent Software Using Formal Methods [chapter]

Sharon Barner, Ziv Glazberg, Ishai Rabinovitz
2005 Lecture Notes in Computer Science  
According to our experiments, these methods complement explicit exploration methods of software model checking.  ...  Wolf is a "push-button" model checker for concurrent C programs developed in IBM Haifa. It automatically generates both the model and the specification directly from the C code.  ...  We believe that bug-hunting for hard to detect bugs is worthwhile for our costumers.  ... 
doi:10.1007/11513988_16 fatcat:r526i3bzxzcj5kkpgqbr3v7um4

Verifying SystemC using stateful symbolic simulation

Vladimir Herdt, Hoang M. Le, Rolf Drechsler
2015 Proceedings of the 52nd Annual Design Automation Conference on - DAC '15  
In this paper, we propose a novel stateful symbolic simulation approach for SystemC. For the efficient detection of revisited symbolic states, we apply symbolic subsumption checking.  ...  The reason is that they are based on stateless model checking and thus unable to avoid revisiting states in a cycle.  ...  For the efficient detection of revisited symbolic states, we employ symbolic subsumption checking, inspired by [1] .  ... 
doi:10.1145/2744769.2744927 dblp:conf/dac/HerdtLD15 fatcat:yyxapj3ktveiveg4lj5cla2tay

Loopfrog: A Static Analyzer for ANSI-C Programs

Daniel Kroening, Natasha Sharygina, Stefano Tonetta, Aliaksei Tsitovich, Christoph M. Wintersteiger
2009 2009 IEEE/ACM International Conference on Automated Software Engineering  
We present LOOPFROG, a static analyzer that combines the best of both worlds: the precision of model checking and the performance of abstract interpretation.  ...  Practical software verification is dominated by two major classes of techniques. The first is model checking, which provides total precision, but suffers from the state space explosion problem.  ...  During preprocessing, LOOPFROG detected 204 potential buffer overflows and inserted an assertion for each of them in the model. Loop summarization took 14.4 seconds.  ... 
doi:10.1109/ase.2009.35 dblp:conf/kbse/KroeningSTTW09 fatcat:poe2zpq2d5cszia5ivp2mmmi3q

Verifying Safety Properties of a PowerPC− Microprocessor Using Symbolic Model Checking without BDDs [chapter]

Armin Biere, Edmund Clarke, Richard Raimi, Yunshan Zhu
1999 Lecture Notes in Computer Science  
In [1] Bounded Model Checking with the aid of satisfiability solving (SAT) was introduced as an alternative to symbolic model checking with BDDs.  ...  In this paper we show how bounded model checking can take advantage of specialized optimizations. We present a bounded version of the cone of influence reduction.  ...  Bounded Model Checking for Safety Properties In bounded model checking [1] the user specifies a number of time steps, k, for searching from initial states.  ... 
doi:10.1007/3-540-48683-6_8 fatcat:uuljdrnw6val3gj6rmzd6mawba

Modeling and verification of a real life protocol using symbolic model checking [chapter]

Vivek G. Naik, A. P. Sistla
1994 Lecture Notes in Computer Science  
We also checked for a frame size of 3 bits and of one bit. We checked for two properties.  ...  The symbolic modelchecking approach, implemented as the SMV system, uses BDDs for symbolically representing sets of states and the transition relation.  ... 
doi:10.1007/3-540-58179-0_54 fatcat:uzbmvaqkdvfztkav5ogpqxsp2i

Scalable and precise refinement of cache timing analysis via path-sensitive verification

Sudipta Chattopadhyay, Abhik Roychoudhury
2013 Real-time systems  
Our framework can be instantiated with different program verification techniques, such as model checking and symbolic execution.  ...  Our modeling is used to develop a precise yet scalable timing analysis method on top of the Chronos WCET analysis tool.  ...  Acknowledgements This work was partially supported by A*STAR Public Sector Funding Project Number 1121202007 -"Scalable Timing Analysis Methods for Embedded Software".  ... 
doi:10.1007/s11241-013-9178-0 fatcat:ujsoyngfvvgilehsp3arp642bq

Property differencing for incremental checking

Guowei Yang, Sarfraz Khurshid, Suzette Person, Neha Rungta
2014 Proceedings of the 36th International Conference on Software Engineering - ICSE 2014  
Experimental results in the context of symbolic execution of Java programs annotated with properties written as assertions show the effectiveness of iProperty in utilizing change information to enable  ...  for conformance to new expected properties.  ...  However, the cost of implication checking then depends on the number of (bounded) paths in the methods invoked by assertions.  ... 
doi:10.1145/2568225.2568319 dblp:conf/icse/YangKPR14 fatcat:mi7u662ajnc7pfti7o2ptgchy4

Bonsai: Synthesis-Based Reasoning for Type Systems [article]

Kartik Chandra, Rastislav Bodik
2017 arXiv   pre-print
We describe algorithms for symbolic reasoning about executable models of type systems, supporting three queries intended for designers of type systems.  ...  First, we check for type soundness bugs and synthesize a counterexample program if such a bug is found.  ...  In these cases, the compiler cannot check for bad bounds of dependent types. In Scala, it is possible to instantiate values with badly-bounded dependent types. is is the basis for SI-9633.  ... 
arXiv:1708.00551v1 fatcat:vehes5xqv5ekfnnycjqtxdigra
« Previous Showing results 1 — 15 out of 35,041 results