VeriAbs: Verification by Abstraction and Test Generation

Darke, Priyanka; Prabhu, Sumanth; Chimdyalwar, Bharti; Chauhan, Avriti; Basakchowdhury, Animesh; Venkatesh, R.; Datar, Advaita; Medicherla, Raveendra Kumar

doi:10.1007/978-3-319-89963-3_32

Cited by 13 publications

(8 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have compared our tool with Spacer (Z3 v4.8.3) [26], that implements a recent QUIC3 [22] algorithm, Booster (v0.2) [2], VIAP (v1.0) [35], and Veri-Abs (v1.3.10) [11]. The last two tools performed well in the ReachSafety Array subcategory at SVCOMP 2019 4 .…”

Section: Discussionmentioning

confidence: 99%

“…While a detailed discussion of the related work comes later in the paper (Sect. 6), it is noteworthy that being syntax-guided crucially helps us overcome several limitations of other techniques to verify array-handling programs [2,9,11,35]. Most of them avoid inferring quantified invariants explicitly and thus do not produce checkable proofs.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Quantified Invariants via Syntax-Guided Synthesis

Fedyukovich

Prabhu

Madhukar

et al. 2019

Computer Aided Verification

Self Cite

View full text Add to dashboard Cite

Programs with arrays are ubiquitous. Automated reasoning about arrays necessitates discovering properties about ranges of elements at certain program points. Such properties are formally specified by universally quantified formulas, which are difficult to find, and difficult to prove inductive. In this paper, we propose an algorithm based on an enumerative search that discovers quantified invariants in stages. First, by exploiting the program syntax, it identifies ranges of elements accessed in each loop. Second, it identifies potentially useful facts about individual elements and generalizes them to hypotheses about entire ranges. Finally, by applying recent advances of SMT solving, the algorithm filters out wrong hypotheses. The combination of properties is often enough to prove that the program meets a safety specification. The algorithm has been implemented in a solver for Constrained Horn Clauses, Freq-Horn, and extended to deal with multiple (possibly nested) loops. We show that FreqHorn advances state-of-the-art on a wide range of public array-handling programs.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Quantified Invariants via Syntax-Guided Synthesis

Fedyukovich

Prabhu

Madhukar

et al. 2019

Computer Aided Verification

Self Cite

View full text Add to dashboard Cite

show abstract

“…If they do not succeed within 100 s, they give up and output a condition. For verifier v 2 , we use the three tools CPA-SEQ [29], ESBMC [34], and VeriAbs [30] that performed best on the reachability categories of SV-COMP 2020 4 as well as Symbiotic, which performed best in the SoftwareSystems category of SV-COMP 2020. For all four tools, we use their version submitted to SV-COMP 2020.…”

Section: Methodsmentioning

confidence: 99%

FRed: Conditional Model Checking via Reducers and Folders

Beyer

Jakobs

2020

Software Engineering and Formal Methods

View full text Add to dashboard Cite

There are many hard verification problems that are currently only solvable by applying several verifiers that are based on complementing technologies. Conditional model checking (CMC) is a successful solution for cooperation between verification tools. In CMC, the first verifier outputs a condition describing the state space that it successfully verified. The second verifier uses the condition to focus its verification on the unverified state space. To use arbitrary second verifiers, we recently proposed a reducer-based approach. One can use the reducer-based approach to construct a conditional verifier from a reducer and a (non-conditional) verifier: the reducer translates the condition into a residual program that describes the unverified state space and the verifier can be any off-the-shelf verifier (that does not need to understand conditions). Until now, only one reducer was available. But for a systematic investigation of the reducer concept, we need several reducers. To fill this gap, we developed FRed, a Framework for exploring different REDucers. Given an existing reducer, FRed allows us to derive various new reducers, which differ in their trade-off between size and precision of the residual program. For our experiments, we derived seven different reducers. Our evaluation on the largest and most diverse public collection of verification problems shows that we need all seven reducers to solve hard verification tasks that were not solvable before with the considered verifiers.

show abstract

“…We made minor modifications to invoke a model counter [36] to count computed intervals. ALPACA uses the CIVL symbolic executor for C programs [67]; it also enabled us to use a portfolio of 9 different analyzers that participated in the SV-COMP'19 competition for the synthesis of conditioning intervals, namely: CBMC [68], CPA-BAM-BnB [69], CPA-Seq [70], ESBMC-incr [71], PeSCo [72], Symbiotic [73], UltimateAutomizer [74], UltimateTaipan [75], and VeriAbs [76].…”

Section: Algorithm Implementationsmentioning

confidence: 99%

Conditional Quantitative Program Analysis

Gerrard

Borges

Dwyer

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Standards for certifying safety-critical systems have evolved to permit the inclusion of evidence generated by program analysis and verification techniques. The past decade has witnessed the development of several program analyses that are capable of computing guarantees on bounds for the probability of failure. This paper develops a novel program analysis framework, CQA, that combines evidence from different underlying analyses to compute bounds on failure probability. It reports on an evaluation of different CQA-enabled analyses and implementations of state-of-the-art quantitative analyses to evaluate their relative strengths and weaknesses. To conduct this evaluation, we filter an existing verification benchmark to reflect certification evidence generation challenges. Our evaluation across the resulting set of 136 C programs, totaling more than 385k SLOC, each with a probability of failure below 10 −4 , demonstrates how CQA extends the state-of-the-art. The CQA infrastructure, including tools, subjects, and generated data is publicly available at bitbucket.org/mgerrard/cqa.

show abstract

VeriAbs: Verification by Abstraction and Test Generation

Cited by 13 publications

References 11 publications

Quantified Invariants via Syntax-Guided Synthesis

Quantified Invariants via Syntax-Guided Synthesis

FRed: Conditional Model Checking via Reducers and Folders

Conditional Quantitative Program Analysis

Contact Info

Product

Resources

About