Proving Reachability Using FShell

(Competition Contribution)
  • Andreas Holzer
  • Daniel Kroening
  • Christian Schallhart
  • Michael Tautschnig
  • Helmut Veith
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7214)

Abstract

FShell is an automated white-box test-input generator for C programs, computing test data with respect to user-specified code coverage criteria. The pillars of FShell are the declarative specification language FQL (FShell Query Language), an efficient back end for computing test data, and a mathematical framework to reason about coverage criteria. To solve the reachability problem posed in SV-COMP we specify coverage of ERROR labels. As back end, FShell uses bounded model checking, building upon components of CBMC and leveraging the power of SAT solvers for efficient enumeration of a full test suite.

References

  1. 1.
    Clarke, E., Kroning, D., Lerda, F.: A Tool for Checking ANSI-C Programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Eén, N., Sörensson, N.: An Extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Holzer, A., Schallhart, C., Tautschnig, M., Veith, H.: FShell: Systematic Test Case Generation for Dynamic Analysis and Measurement. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 209–213. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Holzer, A., Schallhart, C., Tautschnig, M., Veith, H.: Query-Driven Program Testing. In: Jones, N.D., Müller-Olm, M. (eds.) VMCAI 2009. LNCS, vol. 5403, pp. 151–166. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Holzer, A., Schallhart, C., Tautschnig, M., Veith, H.: How did you specify your test suite? In: ASE, pp. 407–416. ACM (2010)Google Scholar
  6. 6.
    Holzer, A., Tautschnig, M., Schallhart, C., Veith, H.: An Introduction to Test Specification in FQL. In: Raz, O. (ed.) HVC 2010. LNCS, vol. 6504, pp. 9–22. Springer, Heidelberg (2010)Google Scholar
  7. 7.
    Tautschnig, M.: Query-Driven Program Testing. Ph.D. thesis, Vienna University of Technology (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Andreas Holzer
    • 1
  • Daniel Kroening
    • 2
  • Christian Schallhart
    • 2
  • Michael Tautschnig
    • 2
  • Helmut Veith
    • 1
  1. 1.Vienna University of TechnologyAustria
  2. 2.University of OxfordUnited Kingdom

Personalised recommendations