Article

Overify: optimizing programs for fast verification

Authors:

Volodymyr Kuznetsov,

George CandeaAuthors Info & Claims

HotOS'13: Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems

Page 18

Published: 13 May 2013 Publication History

Abstract

Developers rely on automated testing and verification tools to gain confidence in their software. The input to such tools is often generated by compilers that have been designed to generate code that runs fast, not code that can be verified easily and quickly. This makes the verification tool's task unnecessarily hard.

We propose that compilers support a new kind of switch, -OVERIFY, that generates code optimized for the needs of verification tools. We implemented this idea for one class of verification (symbolic execution) and found that, when run on the Coreutils suite of UNIX utilities, it reduces verification time by up to 95×.

References

[1]

A. Albarghouthi, Y. Li, A. Gurfinkel, and M. Chechik. UFO: A framework for abstraction-and interpolation-based software verification. In Intl. Conf. on Computer Aided Verification, 2012.

[2]

E. Bounimova, P. Godefroid, and D. Molnar. Billions and billions of constraints: Whitebox fuzz testing in production. Technical Report MSR-TR- 2012-55, Microsoft Research, 2012.

[3]

S. Bucur, V. Ureche, C. Zamfir, and G. Candea. Parallel symbolic execution for automated real-world software testing. In ACM EuroSys European Conf. on Computer Systems, 2011.

[4]

C. Cadar, D. Dunbar, and D. R. Engler. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In Symp. on Operating Sys. Design and Implem., 2008.

[5]

V. Chipounov, V. Kuznetsov, and G. Candea. S2E: A platform for in-vivo multi-path analysis of software systems. In Intl. Conf. on Architectural Support for Programming Languages and Operating Systems, 2011.

[6]

The Clang compiler. http://clang.llvm.org/.

[7]

E. Cohen, M. Dahlweid, M. A. Hillebrand, D. Leinenbach, M. Moskal, T. Santen, W. Schulte, and S. Tobies. VCC: A practical system for verifying concurrent C. In Theorem Proving in Higher Order Logics, 2009.

[8]

P. Collingbourne, C. Cadar, and P. Kelly. Symbolic crosschecking of floating-point and SIMD code. In ACM EuroSys European Conf. on Computer Systems, 2011.

[9]

K. Dudka, P. Müller, P. Peringer, and T. Vojnar. Predator: a verification tool for programs with dynamic linked data structures. In Intl. Conf. on Tools and Algorithms for the Construction and Analysis of Systems, 2012.

[10]

Findbugs - find bugs in java programs. http://findbugs.sourceforge.net/.

[11]

P. Godefroid, M. Y. Levin, and D. Molnar. Automated whitebox fuzz testing. In Network and Distributed System Security Symp., 2008.

[12]

V. Kuznetsov, J. Kinder, S. Bucur, and G. Candea. Efficient state merging in symbolic execution. In Intl. Conf. on Programming Language Design and Implem., 2012.

[13]

C. Lattner and V. Adve. LLVM: A compilation framework for lifelong program analysis and transformation. In Intl. Symp. on Code Generation and Optimization, 2004.

[14]

K. R. M. Leino and P. Rümmer. A polymorphic intermediate verification language: Design and logical encoding. In Intl. Conf. on Tools and Algorithms for the Construction and Analysis of Systems, 2010.

[15]

G. Li, I. Ghosh, and S. Rajan. KLOVER: A symbolic execution and automatic test generation tool for C++ programs. In Intl. Conf. on Computer Aided Verification, 2011.

[16]

F. Merz, S. Falke, and C. Sinz. LLBMC: Bounded model checking of C and C++ programs using a compiler IR. Verified Software: Theories, Tools, Experiments, 2012.

[17]

G. C. Necula, S. McPeak, S. Rahul, and W. Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Intl. Conf. on Compiler Construction, 2002.

[18]

N. Tillmann and J. De Halleux. Pex - white box test generation for .NET. Tests and Proofs, 2008.

Cited By

Bornholt JTorlak E(2018)Finding code that explodes under symbolic evaluationProceedings of the ACM on Programming Languages10.1145/32765192:OOPSLA(1-26)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276519
Baldoni RCoppa ED’elia DDemetrescu CFinocchi I(2018)A Survey of Symbolic Execution TechniquesACM Computing Surveys10.1145/318265751:3(1-39)Online publication date: 23-May-2018
https://dl.acm.org/doi/10.1145/3182657
Perry DMattavelli AZhang XCadar CBultan TSen K(2017)Accelerating array constraints in symbolic executionProceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3092703.3092728(68-78)Online publication date: 10-Jul-2017
https://dl.acm.org/doi/10.1145/3092703.3092728
Show More Cited By

Overify: optimizing programs for fast verification
1. General and reference
  1. Cross-computing tools and techniques
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
  2. Software notations and tools

Recommendations

Efficient Verification of Sequential and Concurrent C Programs

There has been considerable progress in the domain of software verification over the last few years. This advancement has been driven, to a large extent, by the emergence of powerful yet automated abstraction techniques such as predicate abstraction. ...
Using evolution patterns to find duplicated bugs
Formal verification of ASMs using MDGs

We present a framework for the formal verification of abstract state machine (ASM) designs using the multiway decision graphs (MDG) tool. ASM is a state based language for describing transition systems. MDG provides symbolic representation of transition ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

HotOS'13: Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems

May 2013

27 pages

General Chair:
Petros Maniatis
Intel Labs

Sponsors

VMware
Google Inc.
Microsoft Research: Microsoft Research

Publisher

USENIX Association

United States

Publication History

Published: 13 May 2013

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bornholt JTorlak E(2018)Finding code that explodes under symbolic evaluationProceedings of the ACM on Programming Languages10.1145/32765192:OOPSLA(1-26)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276519
Baldoni RCoppa ED’elia DDemetrescu CFinocchi I(2018)A Survey of Symbolic Execution TechniquesACM Computing Surveys10.1145/318265751:3(1-39)Online publication date: 23-May-2018
https://dl.acm.org/doi/10.1145/3182657
Perry DMattavelli AZhang XCadar CBultan TSen K(2017)Accelerating array constraints in symbolic executionProceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3092703.3092728(68-78)Online publication date: 10-Jul-2017
https://dl.acm.org/doi/10.1145/3092703.3092728
Stoenescu RPopovici MNegreanu LRaiciu CBarcellos MCrowcroft JVahdat AKatti S(2016)SymNetProceedings of the 2016 ACM SIGCOMM Conference10.1145/2934872.2934881(314-327)Online publication date: 22-Aug-2016
https://dl.acm.org/doi/10.1145/2934872.2934881
Cadar CDi Nitto EHarman MHeymans P(2015)Targeted program transformations for symbolic executionProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2803205(906-909)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2803205
Bucur SKinder JCandea G(2014)Prototyping symbolic execution engines for interpreted languagesACM SIGARCH Computer Architecture News10.1145/2654822.254197742:1(239-254)Online publication date: 24-Feb-2014
https://dl.acm.org/doi/10.1145/2654822.2541977
Bucur SKinder JCandea G(2014)Prototyping symbolic execution engines for interpreted languagesACM SIGPLAN Notices10.1145/2644865.254197749:4(239-254)Online publication date: 24-Feb-2014
https://dl.acm.org/doi/10.1145/2644865.2541977
Bucur SKinder JCandea GBalasubramonian RDavis AAdve S(2014)Prototyping symbolic execution engines for interpreted languagesProceedings of the 19th international conference on Architectural support for programming languages and operating systems10.1145/2541940.2541977(239-254)Online publication date: 24-Feb-2014
https://dl.acm.org/doi/10.1145/2541940.2541977

View Options

View options

Media

Figures

Other

Tables

View Table of Contents