Function Summarization Modulo Theories

Asadi, Sepideh; Blicha, Martin; Fedyukovich, Grigory; Hyvärinen, Antti E. J.; Even-Mendoza, Karine; Sharygina, Natasha; Chockler, Hana

doi:10.29007/d3bt

Cited by 4 publications

(2 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A similarly layered approach, proposed in [21], can be used to compute function summaries in bounded model checking. When bounded model checking is able to prove (bounded) safety of a program, Craig interpolation can subsequently be used to extract function summaries; such summaries can later be useful to speed up other verification tasks.…”

Section: Related Workmentioning

confidence: 99%

“…When bounded model checking is able to prove (bounded) safety of a program, Craig interpolation can subsequently be used to extract function summaries; such summaries can later be useful to speed up other verification tasks. To handle bit-vector constraints in this context, [21] successively applies more and more precise overapproximations of bit-vectors: using uninterpreted functions, linear real arithmetic, and finally using precise bit-blasting. Interpolants are computed in the coarsest theory that was able to prove safety of a verification task.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Interpolating bit-vector formulas using uninterpreted predicates and Presburger arithmetic

Backeman

Rümmer

Zeljić

2021

Form Methods Syst Des

View full text Add to dashboard Cite

The inference of program invariants over machine arithmetic, commonly called bit-vector arithmetic, is an important problem in verification. Techniques that have been successful for unbounded arithmetic, in particular Craig interpolation, have turned out to be difficult to generalise to machine arithmetic: existing bit-vector interpolation approaches are based either on eager translation from bit-vectors to unbounded arithmetic, resulting in complicated constraints that are hard to solve and interpolate, or on bit-blasting to propositional logic, in the process losing all arithmetic structure. We present a new approach to bit-vector interpolation, as well as bit-vector quantifier elimination (QE), that works by lazy translation of bit-vector constraints to unbounded arithmetic. Laziness enables us to fully utilise the information available during proof search (implied by decisions and propagation) in the encoding, and this way produce constraints that can be handled relatively easily by existing interpolation and QE procedures for Presburger arithmetic. The lazy encoding is complemented with a set of native proof rules for bit-vector equations and non-linear (polynomial) constraints, this way minimising the number of cases a solver has to consider. We also incorporate a method for handling concatenations and extractions of bit-vector efficiently.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Interpolating bit-vector formulas using uninterpreted predicates and Presburger arithmetic

Backeman

Rümmer

Zeljić

2021

Form Methods Syst Des

View full text Add to dashboard Cite

show abstract

Unbounded Procedure Summaries from Bounded Environments

Pick

Fedyukovich

Gupta

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Decomposing Software Verification using Distributed Summary Synthesis

Beyer,

Kettl,

Lemberger

2024

Proc. ACM Softw. Eng.

View full text Add to dashboard Cite

There are many approaches for automated software verification, but they are either imprecise, do not scale well to large systems, or do not sufficiently leverage parallelization. This hinders the integration of software model checking into the development process (continuous integration). We propose an approach to decompose one large verification task into multiple smaller, connected verification tasks, based on blocks in the program control flow. For each block, summaries (block contracts) are computed — based on independent, distributed, continuous refinement by communication between the blocks. The approach iteratively synthesizes preconditions to assume at the block entry (computed from postconditions received from block predecessors, i.e., which program states reach this block) and violation conditions to check at the block exit (computed from violation conditions received from block successors, i.e., which program states lead to a specification violation). This separation of concerns leads to an architecture in which all blocks can be analyzed in parallel, as independent verification problems. Whenever new information (as a postcondition or violation condition) is available from other blocks, the verification can decide to restart with this new information. We realize our approach on the basis of configurable program analysis and implement it for the verification of C programs in the widely used verifier CPAchecker. A large experimental evaluation shows the potential of our new approach: The distribution of the workload to several processing units works well, and there is a significant reduction of the response time when using multiple processing units. There are even cases in which the new approach beats the highly-tuned, existing single-threaded predicate abstraction.

show abstract

Function Summarization Modulo Theories

Cited by 4 publications

References 30 publications

Interpolating bit-vector formulas using uninterpreted predicates and Presburger arithmetic

Interpolating bit-vector formulas using uninterpreted predicates and Presburger arithmetic

Unbounded Procedure Summaries from Bounded Environments

Decomposing Software Verification using Distributed Summary Synthesis

Contact Info

Product

Resources

About