[PDF][PDF] A Precise Memory Model for {Low-Level} Bounded Model Checking
C Sinz, S Falke, F Merz - … on Systems Software Verification (SSV 10), 2010 - usenix.org
Formalizing the semantics of programming languages like C or C++ for bounded model
checking can be cumbersome if complete coverage of all language features is to be …
checking can be cumbersome if complete coverage of all language features is to be …
Adding decision procedures to SMT solvers using axioms with triggers
Satisfiability modulo theories (SMT) solvers are efficient tools to decide the satisfiability of
ground formulas, including a number of built-in theories such as congruence, linear …
ground formulas, including a number of built-in theories such as congruence, linear …
Shape analysis of low-level C with overlap** structures
Device drivers often keep data in multiple data structures simultaneously while embedding
list or tree related records into the records containing the actual data; this results in …
list or tree related records into the records containing the actual data; this results in …
Reachability analysis of program variables
Đ Nikolić, F Spoto - ACM Transactions on Programming Languages and …, 2014 - dl.acm.org
Reachability from a program variable v to a program variable w states that from v, it is
possible to follow a path of memory locations that leads to the object bound to w. We present …
possible to follow a path of memory locations that leads to the object bound to w. We present …
Analyzing system software components using API model guided symbolic execution
T Yavuz, K Bai - Automated Software Engineering, 2020 - Springer
Analyzing real-world software is challenging due to complexity of the software frameworks or
APIs they depend on. In this paper, we present a tool, PROMPT, that facilitates the analysis …
APIs they depend on. In this paper, we present a tool, PROMPT, that facilitates the analysis …
Reachability analysis of program variables
Đ Nikolić, F Spoto - International Joint Conference on Automated …, 2012 - Springer
A variable v reaches a variable w if there is a path from the memory location bound to v to
the one bound to w. This information is important for improving the precision of other static …
the one bound to w. This information is important for improving the precision of other static …
[PDF][PDF] A theory of C-style memory allocation
S Falke, F Merz, C Sinz - Proc. SMT, 2011 - Citeseer
This paper introduces the theory TH for reasoning about the correctness of memory access
operations in the context of a C-style heap memory. The proposed approach makes a clear …
operations in the context of a C-style heap memory. The proposed approach makes a clear …
Exploiting pointer analysis in memory models for deductive verification
Cooperation between verification methods is crucial to tackle the challenging problem of
software verification. The paper focuses on the verification of C programs using pointers and …
software verification. The paper focuses on the verification of C programs using pointers and …
Generic decision procedures for axiomatic first-order theories
C Dross - 2014 - theses.hal.science
SMT solvers are efficient tools to decide the satisfiability of ground formulas, including a
number of built-in theories such as congruence, linear arithmetic, arrays, and bit-vectors …
number of built-in theories such as congruence, linear arithmetic, arrays, and bit-vectors …
A General Framework for Constraint-Based Static Analyses of Java Bytecode Programs
D Nikolic - 2013 - iris.univr.it
The present thesis introduces a generic parameterized framework for static analysis of Java
bytecode programs, based on constraint generation and solving. This framework is able to …
bytecode programs, based on constraint generation and solving. This framework is able to …