Issue No. 09 - Sept. (2013 vol. 39)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TSE.2013.15
Juan P. Galeotti , Universidad de Buenos Aires and CONICET, Argentina
Nicolas Rosner , Universidad de Buenos Aires, Argentina
Carlos G. Lopez Pombo , Universidad de Buenos Aires and CONICET, Argentina
Marcelo F. Frias , Instituto Tecnológico de Buenos Aires and CONICET, Argentina
SAT-based bounded verification of annotated code consists of translating the code together with the annotations to a propositional formula, and analyzing the formula for specification violations using a SAT-solver. If a violation is found, an execution trace exposing the failure is exhibited. Code involving linked data structures with intricate invariants is particularly hard to analyze using these techniques. In this paper, we present Translation of Annotated COde (TACO), a prototype tool which implements a novel, general, and fully automated technique for the SAT-based analysis of JML-annotated Java sequential programs dealing with complex linked data structures. We instrument code analysis with a symmetry-breaking predicate which, on one hand, reduces the size of the search space by ignoring certain classes of isomorphic models and, on the other hand, allows for the parallel, automated computation of tight bounds for Java fields. Experiments show that the translations to propositional formulas require significantly less propositional variables, leading to an improvement of the efficiency of the analysis of orders of magnitude, compared to the noninstrumented SAT--based analysis. We show that in some cases our tool can uncover bugs that cannot be detected by state-of-the-art tools based on SAT-solving, model checking, or SMT-solving.
Metals, Java, Cost accounting, Instruments, Analytical models, Contracts, Context, DynAlloy, Static analysis, SAT-based code analysis, Alloy, KodKod
C. G. Lopez Pombo, M. F. Frias, N. Rosner and J. P. Galeotti, "TACO: Efficient SAT-Based Bounded Verification Using Symmetry Breaking and Tight Bounds," in IEEE Transactions on Software Engineering, vol. 39, no. , pp. 1283-1307, 2013.