Model Checking of C and C++ with DIVINE 4

Baranová, Zuzana; Barnat, Jǐŕı; Kejstová, Katarína; Kucera, T. A.; Lauko, Henrich; Mrázek, Jan; Ročkai, Petr; Štill, Vladimír

doi:10.1007/978-3-319-68167-2_14

Cited by 47 publications

(30 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first goal -modularity -is hard to quantify in isolation, but it was of considerable help in adapting DiOS for different use cases. We have used DiOS with success in explicit-state model checking of parallel programs [1], symbolic verification of both parallel and sequential programs [12], for verification of liveness (LTL) properties of synchronous C code synthesized from Simulink diagrams, and for runtime verification of safety properties of software [9]. DiOS has also been used for recording, replaying and fuzzing system call traces [8].…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Reproducible Execution of POSIX Programs with DiOS

Ročkai

Baranová

Mrázek

et al. 2019

Software Engineering and Formal Methods

Self Cite

View full text Add to dashboard Cite

In this paper, we describe DiOS, a lightweight model operating system which can be used to execute programs that make use of POSIX APIs. Such executions are fully reproducible: running the same program with the same inputs twice will result in two exactly identical instruction traces, even if the program uses threads for parallelism. DiOS is implemented almost entirely in portable C and C++: although its primary platform is DiVM, a verification-oriented virtual machine, it can be configured to also run in KLEE, a symbolic executor. Finally, it can be compiled into machine code to serve as a user-mode kernel. Additionally, DiOS is modular and extensible. Its various components can be combined to match both the capabilities of the underlying platform and to provide services required by a particular program. New components can be added to cover additional system calls or APIs. The experimental evaluation has two parts. DiOS is first evaluated as a component of a program verification platform based on DiVM. In the second part, we consider its portability and modularity by combining it with the symbolic executor KLEE.

show abstract

Section: Discussionmentioning

confidence: 99%

“…In DIVINE[1], a model checker based on DiVM, interrupt points are dynamically enabled when the executing thread performs a visible action. Thread identification is supplied by the scheduler in DiOS using a platform-specific (hypercall) interface 7.…”

mentioning

confidence: 99%

Reproducible Execution of POSIX Programs with DiOS

Ročkai

Baranová

Mrázek

et al. 2019

Software Engineering and Formal Methods

Self Cite

View full text Add to dashboard Cite

show abstract

“…We extend LART along with DIVINE 4 [8], an explicit state model checker based on LLVM. This way, we can verify the correctness of operations on strings in C programs automatically.…”

Section: Paper Contributionmentioning

confidence: 99%

“…Let ([0, 0] a * [5,7], [6,8] br * [13,14]) and ([0, 0] a * [3,3], ∅) be two abstract elements in M, such that B is the interval domain over array indexes and C is the prefix domain over string values. Precisely, ([0, 0] a * [5,7], [6,8] br * [13,14]) approximates all the characters arrays with as string of interest any string starting with the character 'a' whose length goes from 5 to 7, followed by the null character and any string starting with ''br'' whose length goes from 5 to 8. On the other hand, ([0, 0] a * [3,3], ∅) abstracts all the array of chars with string of interest equal to a string, of length 3, starting with a .…”

Section: Abstract String Concatenationmentioning

confidence: 99%

Abstracting Strings for Model Checking of C Programs

et al. 2020

Self Cite

View full text Add to dashboard Cite

Data type abstraction plays a crucial role in software verification. In this paper, we introduce a domain for abstracting strings in the C programming language, where strings are managed as null-terminated arrays of characters. The new domain M-String is parametrized on an index (bound) domain and a character domain. By means of these different constituent domains, M-Strings captures shape information on the array structure as well as value information on the characters occurring in the string. By tuning these two parameters, M-String can be easily tailored for specific verification tasks, balancing precision against complexity. The concrete and the abstract semantics of basic operations on strings are carefully formalized, and soundness proofs are fully detailed. Moreover, for a selection of functions contained in the standard C library, we provide the semantics for character access and update, enabling an automatic lifting of arbitrary string-manipulating code into our new domain. An implementation of abstract operations is provided within a tool that automatically lifts existing programs into the M-String domain along with an explicit-state model checker. The accuracy of the proposed domain is experimentally evaluated on real-case test programs, showing that M-String can efficiently detect real-world bugs as well as to prove that program does not contain them after they are fixed.

show abstract

“…Properties are limited to a subset of the branching-time logic TCTL [16,17]. LTSmin [18] and Divine [19] are two model checkers that support the Uppaal specification language and properties specified in LTL. RTD-Finder [20] handles only safety properties for real-time componentbased systems specified in RT-BIP.…”

Section: Related Workmentioning

confidence: 99%

Extending nuXmv with Timed Transition Systems and Timed Temporal Properties

Cimatti

Griggio

Magnago

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

NUXMV is a well-known symbolic model checker, which implements various state-of-the-art algorithms for the analysis of finite-and infinite-state transition systems and temporal logics. In this paper, we present a new version that supports timed systems and logics over continuous super-dense semantics. The system specification was extended with clocks to constrain the timed evolution. The support for temporal properties has been expanded to include MTL0,∞ formulas with parametric intervals. The analysis is performed via a reduction to verification problems in the discrete-time case. The internal representation of traces has been extended to go beyond the lasso-shaped form, to take into account the possible divergence of clocks. We evaluated the new features by comparing NUXMV with other verification tools for timed automata and MTL0,∞, considering different benchmarks from the literature. The results show that NUXMV is competitive with and in many cases performs better than state-of-the-art tools, especially on validity problems for MTL0,∞.

show abstract

Model Checking of C and C++ with DIVINE 4

Cited by 47 publications

References 7 publications

Reproducible Execution of POSIX Programs with DiOS

Reproducible Execution of POSIX Programs with DiOS

Abstracting Strings for Model Checking of C Programs

Extending nuXmv with Timed Transition Systems and Timed Temporal Properties

Contact Info

Product

Resources

About