String Abstraction for Model Checking of C Programs
| Autoři | |
|---|---|
| Rok publikování | 2019 |
| Druh | Článek ve sborníku |
| Konference | Model Checking Software |
| Fakulta / Pracoviště MU | |
| Citace | |
| www | https://link.springer.com/chapter/10.1007%2F978-3-030-30923-7_5 |
| Doi | http://dx.doi.org/10.1007/978-3-030-30923-7_5 |
| Klíčová slova | Symbolic Computation; String Abstraction; DIVINE; LLVM; Transformation; Verification; Model Checking; C; C++ |
| Popis | Automatic abstraction is a powerful software verification technique. In this paper, we elaborate an abstract domain for C strings, that is, null-terminated arrays of characters. We describe the abstract semantics of basic string operations and prove their soundness with regards to previously established concrete semantics of those operations. In addition to a selection of string functions from the standard C library, we provide semantics for character access and update, enabling automatic lifting of arbitrary string-manipulating code into the domain. The domain we present (called M-String) has two other abstract domains as its parameters: an index (bound) domain and a character domain. Picking different constituent domains allows M-String to be tailored for specific verification tasks, balancing precision against complexity. In addition to describing the domain theoretically, we also provide an executable implementation of the abstract operations. Using a tool which automatically lifts existing programs into the M-String domain along with an explicit-state model checker, we have evaluated the proposed domain experimentally on a few simple but realistic test programs. |
| Související projekty: |