Proceedings Article10.1145/2491411.2491452
Differential assertion checking
Shuvendu K. Lahiri,Kenneth L. McMillan,Rahul Sharma,Chris Hawblitzel +3 more
- 18 Aug 2013
- pp 345-355
TL;DR: A novel modular approach to DAC is introduced by reducing it to safety checking of a composed program, which can be accomplished by standard program verifiers and leveraging automatic invariant generation to synthesize relative specifications for pairs of loops and procedures.
read more
Abstract: Previous version of a program can be a powerful enabler for program analysis by defining new relative specifications and making the results of current program analysis more relevant. In this paper, we describe the approach of differential assertion checking (DAC) for comparing different versions of a program with respect to a set of assertions. DAC provides a natural way to write relative specifications over two programs. We introduce a novel modular approach to DAC by reducing it to safety checking of a composed program, which can be accomplished by standard program verifiers. In particular, we leverage automatic invariant generation to synthesize relative specifications for pairs of loops and procedures. We provide a preliminary evaluation of a prototype implementation within the SymDiff tool along two directions (a) soundly verifying bug fixes in the presence of loops and (b) providing a knob for suppressing alarms when checking a new version of a program.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Proceedings Article
Under-constrained symbolic execution: correctness checking for real code
David A. Ramos,Dawson Engler +1 more
- 12 Aug 2015
TL;DR: This paper uses UC-KLEE as a generalized checking framework and implement checkers to find memory leaks, uninitialized data, and unsafe user input, and evaluates the checkers on over 20,000 functions from BIND, OpenSSL, and the Linux kernel, finding 67 bugs.
222
Conc-iSE: incremental symbolic execution of concurrent software
Shengjian Guo,Markus Kusano,Chao Wang +2 more
- 25 Aug 2016
TL;DR: This paper develops an inter-thread and inter-procedural change-impact analysis to check if a statement is affected by the changes and then leverage the information to choose executions that need to be re-explored.
58
Verified three-way program merge
Marcelo Sousa,Isil Dillig,Shuvendu K. Lahiri +2 more
- 24 Oct 2018
TL;DR: This paper defines a semantic notion of conflict-freedom, which ensures that the merged program does not introduce new unwanted behaviors, and shows how to verify this property using a novel, compositional algorithm that combines lightweight summarization for shared program fragments with precise relational reasoning for the modifications.
54
Gradual synthesis for static parallelization of single-pass array-processing programs
Grigory Fedyukovich,Maaz Bin Safeer Ahmad,Rastislav Bodik +2 more
- 14 Jun 2017
TL;DR: A novel approach, called GRASSP, that automatically synthesizes parallel single-pass array-processing programs by treating the given serial versions as specifications and certifies the results using constrained Horn solving, and it is shown that such parallelization can be performed efficiently.
45
Property differencing for incremental checking
Guowei Yang,Sarfraz Khurshid,Suzette Person,Neha Rungta +3 more
- 31 May 2014
TL;DR: Experimental results in the context of symbolic execution of Java programs annotated with properties written as assertions show the effectiveness of iProperty in utilizing change information to enable more efficient checking.
References
Z3: an efficient SMT solver
Leonardo de Moura,Nikolaj Bjørner +1 more
- 29 Mar 2008
TL;DR: Z3 is a new and efficient SMT Solver freely available from Microsoft Research that is used in various software verification and analysis applications.
8.2K
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
Patrick Cousot,Radhia Cousot +1 more
- 01 Jan 1977
TL;DR: In this paper, the abstract interpretation of programs is used to describe computations in another universe of abstract objects, so that the results of abstract execution give some information on the actual computations.
Supporting Controlled Experimentation with Testing Techniques: An Infrastructure and its Potential Impact
TL;DR: The infrastructure that is being designed and constructed to support controlled experimentation with testing and regression testing techniques is described and the impact that this infrastructure has had and can be expected to have.
•Book
Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach
Robert P. Kurshan
- 06 Feb 1995
TL;DR: Theories of L-automaton/L-process, L-matrix, and String Acceptors are compared to Boolean Algebra, which describes the construction of language-based Algebra.
902
The existence of refinement mappings
Martín Abadi,Leslie Lamport +1 more
TL;DR: The authors consider specifications consisting of a state machine that specifies safety requirements and an arbitrary supplementary property that specifies liveness requirements and show that under reasonable assumptions about the specifications, if S/ Sub 1/ implements S/sub 2/, then by adding auxiliary variables to S/ sub 1/ one can guarantee the existence of a refinement mapping.
817
Related Papers (5)
Suzette Person,Matthew B. Dwyer,Sebastian Elbaum,Corina S. Pǎsǎreanu +3 more
- 09 Nov 2008
Gilles Barthe,Juan Manuel Crespo,César Kunz +2 more
- 20 Jun 2011