Article

Heaps and data structures: a challenge for automated provers

Authors:

Michał MoskalAuthors Info & Claims

CADE'11: Proceedings of the 23rd international conference on Automated deduction

Pages 177 - 191

Published: 31 July 2011 Publication History

Abstract

Software verification is one of the most prominent application areas for automatic reasoning systems, but their potential improvement is limited by shortage of good benchmarks. Current benchmarks are usually large but shallow, require decision procedures, or have soundness problems. In contrast, we propose a family of benchmarks in first-order logic with equality which is scalable, relatively simple to understand, yet closely resembles difficult verification conditions stemming from real-world C code. Based on this benchmark, we present a detailed comparison of different heap encodings using a number of SMT solvers and ATPs. Our results led to a performance gain of an order of magnitude for the C code verifier VCC.

References

[1]

Armando, A., Bonacina, M.P., Ranise, S., Schulz, S.: New results on rewrite-based satisfiability procedures. ACM Transactions on Computational Logic 10(1) (2009).

Digital Library

[2]

Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., M. Leino, K.R.: Boogie: A modular reusable verifier for object-oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364-387. Springer, Heidelberg (2006).

Digital Library

[3]

Barrett, C., Stump, A., Tinelli, C.: The Satisfiability Modulo Theories Library, SMT-LIB (2010), http://www.SMT-LIB.org

[4]

Barrett, C.W., Tinelli, C.: CVC3. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 298-302. Springer, Heidelberg (2007).

Digital Library

[5]

Bornat, R.: Proving pointer programs in Hoare Logic. In: Backhouse, R., Oliveira, J.N. (eds.) MPC 2000. LNCS, vol. 1837, pp. 102-126. Springer, Heidelberg (2000).

Digital Library

[6]

Burstall, R.M.: Some techniques for proving correctness of programs which alter data structures. Machine Intelligence 7, 23-50 (1972).

[7]

Cartwright, R., Oppen, D.: The logic of aliasing. Acta Informatica 15, 365-384 (1981).

[8]

Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A practical system for verifying concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23-42. Springer, Heidelberg (2009).

Digital Library

[9]

Cohen, E., Moskal, M., Tobies, S., Schulte, W.: A precise yet efficient memory model for C. ENTCS 254, 85-103 (2009).

Digital Library

[10]

Condit, J., Hackett, B., Lahiri, S.K., Qadeer, S.: Unifying type checking and property checking for low-level code. In: POPL, pp. 302-314. ACM, New York (2009).

Digital Library

[11]

de Moura, L., Bjørner, N.S.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337-340. Springer, Heidelberg (2008).

Digital Library

[12]

de Moura, L.M., Bjørner, N.: Generalized, efficient array decision procedures. In: Formal Methods in Computer-Aided Design, pp. 45-52. IEEE, Los Alamitos (2009).

[13]

Dutertre, B., de Moura, L.: The Yices SMT solver (2006), http://yices.csl.sri.com/ tool-paper.pdf

[14]

Filliâtre, J.-C.:Why: a multi-language multi-prover verification tool. Research Report 1366, LRI, Université Paris Sud (March 2003).

[15]

Hoare, C.A.R.: The verifying compiler: A grand challenge for computing research. Journal of the ACM 50(1), 63-69 (2003).

Digital Library

[16]

James, P., Chalin, P.: Faster and more complete extended static checking for the Java Modeling Language. Journal of Automated Reasoning 44, 145-174 (2010).

Digital Library

[17]

Kuncak, V.: Modular Data Structure Verification. PhD thesis, EECS Department, Massachusetts Institute of Technology (February 2007).

Digital Library

[18]

Leinenbach, D., Santen, T.: Verifying the microsoft hyper-V hypervisor with VCC. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 806-809. Springer, Heidelberg (2009).

Digital Library

[19]

Leino, K.R.M.: Dafny: An automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR-16 2010. LNCS, vol. 6355, pp. 348-370. Springer, Heidelberg (2010).

Digital Library

[20]

Leino, K.R.M., Moskal, M.: VACID-0: Verification of Ample Correctness of Invariants of Data-structures. In: VSTTE (2010).

[21]

McCune, W.: OTTER 3.3 Reference Manual. Mathematics and Computer Science Division, Argonne National Laboratory, Technical Memorandum No. 263 (2003).

[22]

Moskal, M.: Fx7 or in software, it is all about quantifiers. Satisfiability Modulo Theories Competition (2007).

[23]

Moskal, M.: Programming with triggers. In: SMT 2009, pp. 20-29. ACM, New York (2009).

Digital Library

[24]

Nelson, G.: Techniques for program verification. Technical Report CSL-81-10, Xerox PARC (1981).

[25]

Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL-Isabelle/HOL - A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002).

Digital Library

[26]

Riazanov, A., Voronkov, A.: The design and implementation of Vampire. AI Comm. 15(2-3), 91-110 (2002).

Digital Library

[27]

Schulz, S.: System description: E 0.81. In: Basin, D., Rusinowitch, M. (eds.) IJCAR 2004. LNCS (LNAI), vol. 3097, pp. 223-228. Springer, Heidelberg (2004).

[28]

Sutcliffe, G.: The TPTP problem library and associated infrastructure. Journal of Automated Reasoning 43(4), 337-362 (2009).

Digital Library

[29]

Veroff, R.: Using hints to increase the effectiveness of an automated reasoning program: Case studies. Journal of Automated Reasoning 16, 223-239 (1996).

[30]

Weidenbach, C., Dimova, D., Fietzke, A., Kumar, R., Suda, M., Wischnewski, P.: SPASS version 3.5. In: Schmidt, R.A. (ed.) CADE-22. LNCS, vol. 5663, pp. 140-145. Springer, Heidelberg (2009).

Digital Library

[31]

Zee, K., Kuncak, V., Rinard, M.C.: Full functional verification of linked data structures. In: Programming Language Design and Implementation, pp. 349-361. ACM, New York (2008).

Digital Library

Cited By

Bergan TGrossman DCeze L(2014)Symbolic execution of multithreaded programs from arbitrary program contextsACM SIGPLAN Notices10.1145/2714064.266020049:10(491-506)Online publication date: 15-Oct-2014
https://dl.acm.org/doi/10.1145/2714064.2660200
Bergan TGrossman DCeze LBlack AMillstein T(2014)Symbolic execution of multithreaded programs from arbitrary program contextsProceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications10.1145/2660193.2660200(491-506)Online publication date: 15-Oct-2014
https://dl.acm.org/doi/10.1145/2660193.2660200
Wang WBarrett CWies T(2014)Cascade 2.0Proceedings of the 15th International Conference on Verification, Model Checking, and Abstract Interpretation - Volume 831810.1007/978-3-642-54013-4_9(142-160)Online publication date: 19-Jan-2014
https://dl.acm.org/doi/10.1007/978-3-642-54013-4_9
Show More Cited By

Heaps and data structures: a challenge for automated provers

Recommendations

Full functional verification of linked data structures
PLDI '08

We present the first verification of full functional correctness for a range of linked data structure implementations, including mutable lists, trees, graphs, and hash tables. Specifically, we present the use of the Jahob verification system to verify ...
Full functional verification of linked data structures
PLDI '08: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation

We present the first verification of full functional correctness for a range of linked data structure implementations, including mutable lists, trees, graphs, and hash tables. Specifically, we present the use of the Jahob verification system to verify ...
Thread-specific heaps for multi-threaded programs
ISMM '00: Proceedings of the 2nd international symposium on Memory management

Garbage collection for a multi-threaded program typically involves either stopping all threads while doing the collection or involves copious amounts of synchronization between threads. However, a lot of data is only ever visible to a single thread, and ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

CADE'11: Proceedings of the 23rd international conference on Automated deduction

July 2011

505 pages

ISBN:9783642224379

Editors:
Nikolaj Bjørner
Microsoft Research, Redmond,WA
,
Viorica Sofronie-Stokkermans
Max-Planck-Institut für Informatik, Saarbrücken, Germany

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 31 July 2011

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bergan TGrossman DCeze L(2014)Symbolic execution of multithreaded programs from arbitrary program contextsACM SIGPLAN Notices10.1145/2714064.266020049:10(491-506)Online publication date: 15-Oct-2014
https://dl.acm.org/doi/10.1145/2714064.2660200
Bergan TGrossman DCeze LBlack AMillstein T(2014)Symbolic execution of multithreaded programs from arbitrary program contextsProceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications10.1145/2660193.2660200(491-506)Online publication date: 15-Oct-2014
https://dl.acm.org/doi/10.1145/2660193.2660200
Wang WBarrett CWies T(2014)Cascade 2.0Proceedings of the 15th International Conference on Verification, Model Checking, and Abstract Interpretation - Volume 831810.1007/978-3-642-54013-4_9(142-160)Online publication date: 19-Jan-2014
https://dl.acm.org/doi/10.1007/978-3-642-54013-4_9
Kulczycki GSmith HHarton HSitaraman MOgden WHollingsworth J(2012)The location linking conceptProceedings of the 4th international conference on Verified Software: theories, tools, experiments10.1007/978-3-642-27705-4_4(34-49)Online publication date: 28-Jan-2012
https://dl.acm.org/doi/10.1007/978-3-642-27705-4_4

View Options

View options

Media

Figures

Other

Tables

View Table of Contents