Augmenting Counterexample-Guided Abstraction Refinement with Proof Templates

Abstract: Abstract-Existing software model checkers based on predicate abstraction and refinement typically perform poorly at verifying the absence of buffer overflows, with analyses depending on the sizes of the arrays checked. We observe that many of these analyses can be made efficient by providing proof templates for common array traversal idioms idioms, which guide the model checker towards proofs that are independent of array size.We have integrated this technique into our software model checker, PTYASM, and have … Show more

“…Because it uses proof templates, PTYASM is able to verify many more of our testcases than the other SMCs. The complete details of our experiments appear in the companion paper [4], and the complete experimental data and test materials are available online at http://www.cs.toronto.edu/ kelvin/ase08. PTYASM demonstrates a novel way to add programmer knowledge to SMCs, safely incorporating heuristic analyses without compromising soundness.…”

“…YASM then verifies the safety of the bounds checking assertion, and then discharges each assumption used. The details of the template appear in the companion paper [4].…”

“…In our companion paper [4], we advocate the use of proof templates in these instances. A proof template associates a correctness argument with a program fragment which uses a common programming idiom, thus helping an SMC find an efficient abstraction.…”

PtYasm: Software Model Checking with Proof Templates

“…Because it uses proof templates, PTYASM is able to verify many more of our testcases than the other SMCs. The complete details of our experiments appear in the companion paper [4], and the complete experimental data and test materials are available online at http://www.cs.toronto.edu/ kelvin/ase08. PTYASM demonstrates a novel way to add programmer knowledge to SMCs, safely incorporating heuristic analyses without compromising soundness.…”

“…YASM then verifies the safety of the bounds checking assertion, and then discharges each assumption used. The details of the template appear in the companion paper [4].…”

“…In our companion paper [4], we advocate the use of proof templates in these instances. A proof template associates a correctness argument with a program fragment which uses a common programming idiom, thus helping an SMC find an efficient abstraction.…”

PtYasm: Software Model Checking with Proof Templates

“…Programanalysis(PA)isthelargestcategory,asshownbyitssizeinFigure6,with45studiesusing someformofprogramanalysisand17usingitasasolotechnique.Additionally,allothercategories, exceptingempiricalstudies,havesomestudythatutilizeprogramanalysistoachieveitsgoal.Models (MD)andtesting(Tst)arefrequentamongthestudies,beingusedin17studies.Symbolicexecution (SE)ispresentin12studies.Generally,modelsandsymbolicexecutionareusedincombinationwith techniquesfromothercategories;onlythreestudies (Chen,Kalbarczyk,Xu,&Iyer,2003;Hackett, Das, Wang, & Yang, 2006;Hart, Ku, Gurfinkel, Chechik, & Lie, 2008) utilize models and one (Padaryan,Kaushan,&Fedotov,2015)symbolicexecutionwithoutthesupportofothertechniques. ComputationalIntelligence(CI)isusedinsevenstudies;mostofthemincombinationwithprogram analysistechniques.Codeinspection(CoI)isacategoryofonlythreepapers.Finally,empiricalstudies (ES),ingeneral,comprisecomparisonoftools.Asthetoolscomparedutilizedifferentapproaches, wedecidedtocreateacategoryofitsowncomprisingsixstudies.Theexceptionwasastudy (Chen, Dean,&Wagner,2004)thatutilizesasingletoolbasedonmodelsintheempiricalstudy.…”

“…They then utilize lightweight static checkingtechniquestoobtaingoodperformanceandscalability,though,sacrificingsoundnessand completeness. Hart,Ku,Gurfinkel,Chechik,&Lie(2008)defineprooftemplatesdesignedtowork when a program uses common structures to traverse an array. A model checker is used to prove theoriginalpropertyusingthesetemplatesextendedbypredicatesandassumptions.…”

What Do We Know About Buffer Overflow Detection?

Augmenting Counterexample-Guided Abstraction Refinement with Proof Templates