Augmenting Counterexample-Guided Abstraction Refinement with Proof Templates

Author

Hart, Thomas E. ; Ku, Kelvin ; Gurfinkel, Arie ; Chechik, Marsha ; Lie, David

Author_Institution

Dept. of Comput. Sci., Univ. of Toronto, Toronto, ON

fYear

2008

fDate

15-19 Sept. 2008

Firstpage

387

Lastpage

390

Abstract

Existing software model checkers based on predicate abstraction and refinement typically perform poorly at verifying the absence of buffer overflows, with analyses depending on the sizes of the arrays checked. We observe that many of these analyses can be made efficient by providing proof templates for common array traversal idioms idioms, which guide the model checker towards proofs that are independent of array size. We have integrated this technique into our software model checker, PtYasm, and have evaluated our approach on a set of testcases derived from the Verisec suite, demonstrating that our technique enables verification of the safety of array accesses independently of array size.

Keywords

program verification; PtYasm; Verisec suite; array traversal idioms; buffer overflows verification; counterexample-guided abstraction refinement; predicate abstraction; proof templates; safety verification; software model checkers; Application software; Buffer overflow; Computer errors; Computer science; Kelvin; Performance analysis; Sliding mode control; Software performance; Software safety; Software testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Automated Software Engineering, 2008. ASE 2008. 23rd IEEE/ACM International Conference on

Conference_Location

L´Aquila

ISSN

1938-4300

Print_ISBN

978-1-4244-2187-9

Electronic_ISBN

1938-4300

Type

conf

DOI

10.1109/ASE.2008.55

Filename

4639348