编程语言
首页 > 编程语言> > C/C++程序验证工具汇总

C/C++程序验证工具汇总

作者:互联网

C/C++ Verification Tools Summary

The article contains three parts:

PART I Open-source Verification Tools

1.Smack
Software Verifier and Verification Toolchain
Tool: https://github.com/smackers/smack

Publication:
[1] Rakamarić Z, Emmi M. SMACK: Decoupling source language details from verifier implementations[C]//International Conference on Computer Aided Verification. Springer, Cham, 2014: 106-113.
[2] Carter M, He S, Whitaker J, et al. SMACK software verification toolchain[C]//2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C). IEEE, 2016: 589-592.

2.Seahorn
SeaHorn is an automated analysis framework for LLVM-based languages. This version supports LLVM 5.0.
Tool: https://github.com/seahorn/seahorn

Publication:
[1] A.Gurfinkel, T.Kahsai, J.A.Navas. SeaHorn: A Framework for Verifying C Programs (Competition Contribution). At TACAS 2015. LNCS 9035. pp 447-450. 2015
[2] A.Gurfinkel, T.Kahsai, A. Komuravelli, J.A.Navas. The SeaHorn Verification Framework. At CAV 2015. LNCS 9206, pp. 343-361. 2015

3.VST
The Verified Software Toolchain
Homepage: https://vst.cs.princeton.edu/

Publication:
[1] Cao Q, Beringer L, Gruetter S, et al. VST-Floyd: A separation logic tool to verify correctness of C programs[J]. Journal of Automated Reasoning, 2018, 61(1-4): 367-422.
[2] Beringer L, Appel A W. Abstraction and subsumption in modular verification of C programs[C]//International Symposium on Formal Methods. Springer, Cham, 2019: 573-590.

4.SLAyer
SLAyer is an automatic formal verification tool that uses separation logic to verify memory safety of C programs.
Tool: https://github.com/microsoft/SLAyer

Publication:
[1] Berdine J, Cook B, Ishtiaq S. SLAyer: Memory safety for systems-level code[C]//International Conference on Computer Aided Verification. Springer, Berlin, Heidelberg, 2011: 178-183.

5.Verifast
Research prototype tool for modular formal verification of C and Java programs
Tool: https://github.com/verifast/verifast

Publication:
[1] Jacobs B, Smans J, Philippaerts P, et al. VeriFast: A powerful, sound, predictable, fast verifier for C and Java[C]//NASA Formal Methods Symposium. Springer, Berlin, Heidelberg, 2011: 41-55.

6.CPAchecker
the Configurable Software-Verification Platform
Homepage: https://cpachecker.sosy-lab.org/
Tool: https://github.com/sosy-lab/cpachecker

Publication:
[1] Beyer D, Keremoglu M E. CPAchecker: A tool for configurable software verification[C]//International Conference on Computer Aided Verification. Springer, Berlin, Heidelberg, 2011: 184-190.
[2] Beyer D, Henzinger T A, Théoduloz G. Program analysis with dynamic precision adjustment[C]//2008 23rd IEEE/ACM International Conference on Automated Software Engineering. IEEE, 2008: 29-38.

7.PeSCo
Tools: https://gitlab.com/cedricrupb/archives-2019/blob/master/2019/pesco.zip

Publication:
[1] Richter C, Wehrheim H. PeSCo: Predicting Sequential Combinations of Verifiers[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Cham, 2019: 229-233.

8.UAutomizer (verifying Boogie and C)
Verification of safety properties based on an automata-theoretic approach to software verification
Tools: https://monteverdi.informatik.uni-freiburg.de/tomcat/Website/?ui=tool&tool=automizer

Publication:
[1] Heizmann M, Chen Y W, Dietsch D, et al. Ultimate automizer with an on-demand construction of Floyd-Hoare automata[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Berlin, Heidelberg, 2017: 394-398.
[2] Heizmann M, Christ J, Dietsch D, et al. Ultimate automizer with SMTInterpol[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Berlin, Heidelberg, 2013: 641-643.

9.VeriAbs
Verification by Abstraction and Test Generation
Tool: https://gitlab.com/sosy-lab/sv-comp/archives-2019/-/blob/master/2019/veriabs.zip

Publication:
[1] Afzal M, Asia A, Chauhan A, et al. VeriAbs: Verification by Abstraction and Test Generation[C]//2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2019: 1138-1141.
[2] Darke P, Prabhu S, Chimdyalwar B, et al. Veriabs: Verification by abstraction and test generation[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Cham, 2018: 457-462.

10.2LS
A verification tool for C programs
Tool: https://github.com/diffblue/2ls

Publication:
[1] Malík V, Martiček Š, Schrammel P, et al. 2LS: memory safety and non-termination[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Cham, 2018: 417-421.
[2] Schrammel P, Kroening D. 2LS for program analysis[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Berlin, Heidelberg, 2016: 905-907.

11.CBMC
A Bounded Model Checker for C and C++ programs.
Tool: https://www.cprover.org/cbmc/

Publication:
[1] Kroening D, Tautschnig M. CBMC–C bounded model checker[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Berlin, Heidelberg, 2014: 389-391.

12.ESBMC
context-bounded model checker based on satisfiability modulo theories for the verification of single- and multi-threaded C/C++ programs.
Tools: http://esbmc.org/

Publication:
[1] Gadelha M R, Monteiro F, Cordeiro L, et al. ESBMC v6. 0: Verifying C Programs Using k-Induction and Invariant Inference[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, Cham, 2019: 209-213.
[2] Gadelha M R, Menezes R, Monteiro F R, et al. ESBMC: Scalable and Precise Test Generation based on the Floating-Point Theory[J].

13.HAVOC
a tool for specifying and checking properties of systems software written in C, in the presence of pointer manipulations, unsafe casts and dynamic memory allocation.
Tool: https://www.microsoft.com/en-us/download/details.aspx?id=52414

14.Gazer
Automatic verification of C and Java programs
An LLVM-based formal verification frontend for C programs.
Tool: https://github.com/ftsrg/gazer

16.VCC
A static verifier for concurrent C programs
Tool: https://github.com/microsoft/vcc

17.Vera++
Vera++ is a programmable tool for verification, analysis and transformation of C++ source code.
Tool: https://github.com/verateam/vera

18.LLBMC
The Low-Level Bounded Model Checker
Tools: http://llbmc.org/downloads.html
https://github.com/fubuloubu/MC-project/tree/master/llbmc

Publication:
[1] Merz F, Falke S, Sinz C. LLBMC: Bounded model checking of C and C++ programs using a compiler IR[C]//International Conference on Verified Software: Tools, Theories, Experiments. Springer, Berlin, Heidelberg, 2012: 146-161.
[2] Falke S, Merz F, Sinz C. The bounded model checker LLBMC[C]//2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2013: 706-709.

PART II Software Verification with Validation of Results

The following results mainly come from the report of CV-COMP 2017. The interested reader can refer to the following material:

The followinbg table list 32 verification tools, as well as the features and technogogies that are used in the verification tools. For example, Smack is suported with CounterExample-Guided Abstraction Refinement (CEGAR) and Lazy Abstraction, but CBMC didn’t adopt these technologies.Overall, CPA-SEQ seems to have the most number of features.
Note that all the tools listed in the table can be download at: https://sv-comp.sosy-lab.org/2017/systems.php
在这里插入图片描述

The competition experiments represent the state-of-the-art in fully automatic software-verification tools. The experimental result was based on 10 522 verification tasks for C programs. Each verification task consisted of a program and a property (reachability, memory safety, overflows, termination). The following table presents the quantitative overview aover all tools and all categories.
在这里插入图片描述

The following table reports the top-three verifiers for each category. The run time (column ‘CPU Time’) refers to successfully solved verification tasks (column ‘Solved Tasks’). The columns ‘False Alarms’ and ‘Wrong Proofs’ report the number of verification tasks for which the verifier reported wrong results: reporting an error path but the property holds (incorrect False) and claiming that the program fulfills the property although it actually contains a bug (incorrect True), respectively.
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

PART III A benchmark for C program verification

sv-benchmark:
All verification tasks are available for web browsing and for download via the following GIT repository: https://github.com/sosy-lab/sv-benchmarks

Another benchmark: 25 programs
SRC: https://github.com/cverified/cbench

标签:Conference,汇总,C++,verification,https,程序验证,International,Tools,Verification
来源: https://blog.csdn.net/wcventure/article/details/105301599