Daniel Dietsch’s research while affiliated with University of Freiburg and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (68)


Ultimate GemCutter
  • Presentation
  • File available

April 2024

·

8 Reads

·

Daniel Dietsch

·

Matthias Heizmann

·

[...]

·

Download

Ultimate GemCutter: Commutativity in Concurrent Program Verification

April 2024

·

13 Reads

The poster presents Ultimate GemCutter, an automated verifier for concurrent C programs based on commutativity / partial order reduction and abstraction refinement.


Ultimate TestGen: Test-Case Generation with Automata-based Software Model Checking (Competition Contribution)

April 2024

·

16 Reads

·

1 Citation

Lecture Notes in Computer Science

We introduce Ultimate TestGen , a novel tool for automatic test-case generation. Like many other test-case generators, Ultimate TestGen builds on verification technology, i.e., it checks the (un)reachability of test goals and generates test cases from counterexamples. In contrast to existing tools, it applies trace abstraction, an automata-theoretic approach to software model checking, which is implemented in the successful verifier Ultimate Automizer . To avoid that the same test goal is reached again, Ultimate TestGen extends the automata-theoretic model checking approach with error automata.


Comparison on Termination-BitVectors
Ultimate Automizer and the Abstraction of Bitwise Operations: (Competition Contribution)

April 2024

·

23 Reads

·

4 Citations

Lecture Notes in Computer Science

The verification of Ultimate Automizer works on an SMT-LIB-based model of a C program. If we choose an SMT-LIB theory of (mathematical) integers, the translation is not precise, because we overapproximate bitwise operations. In this paper we present a translation for bitwise operations that improves the precision of this overapproximation.



Fig. 1: Comparison of the runtime with and without CHNF
Ultimate Automizer and the CommuHash Normal Form: (Competition Contribution)

April 2023

·

13 Reads

·

15 Citations

Lecture Notes in Computer Science

The verification approach of Ultimate Automizer utilizes SMT formulas. This paper presents techniques to keep the size of the formulas small. We focus especially on a normal form, called CommuHash normal form that was easy to implement and had a significant impact on the runtime of our tool.


Ultimate Taipan and Race Detection in Ultimate: (Competition Contribution)

April 2023

·

19 Reads

·

4 Citations

Lecture Notes in Computer Science

Ultimate Taipan integrates trace abstraction with algebraic program analysis on path programs. Taipan supports data race checking in concurrent programs through a reduction to reachability checking. Though the subsequent verification is not tuned for data race checking, the results are encouraging.


Verification Witnesses

May 2022

·

35 Reads

·

84 Citations

ACM Transactions on Software Engineering and Methodology

Over the last years, witness-based validation of verification results has become an established practice in software verification: An independent validator re-establishes verification results of a software verifier using verification witnesses, which are stored in a standardized exchange format. In addition to validation, such exchangable information about proofs and alarms found by a verifier can be shared across verification tools, and users can apply independent third-party tools to visualize and explore witnesses to help them comprehend the causes of bugs or the reasons why a given program is correct. To achieve the goal of making verification results more accessible to engineers, it is necessary to consider witnesses as first-class exchangeable objects, stored independently from the source code and checked independently from the verifier that produced them, respecting the important principle of separation of concerns. We present the conceptual principles of verification witnesses, give a description how to use them, provide a technical specification of the exchange format for witnesses, and perform an extensive experimental study on the application of witness-based result validation, using the validators CPA checker , UA utomizer , CPA- witness 2 test , and FS hell-witness 2 test .


Ultimate GemCutter and the Axes of Generalization

April 2022

·

32 Reads

Ultimate GemCutter verifies concurrent programs using the CEGAR paradigm, by generalizing from spurious counterexample traces to larger sets of correct traces. We integrate classical CEGAR generalization with orthogonal generalization across interleavings. Thereby, we are able to prove correctness of programs otherwise out-of-reach for interpolation-based verification. The competition results show significant advantages over other concurrency approaches in the Ultimate family.


Ultimate GemCutter and the Axes of Generalization: (Competition Contribution)

March 2022

·

25 Reads

·

37 Citations

Lecture Notes in Computer Science

Ultimate GemCutter verifies concurrent programs using the CEGAR paradigm, by generalizing from spurious counterexample traces to larger sets of correct traces. We integrate classical CEGAR generalization with orthogonal generalization across interleavings. Thereby, we are able to prove correctness of programs otherwise out-of-reach for interpolation-based verification. The competition results show significant advantages over other concurrency approaches in the Ultimate family.


Citations (46)


... Tools for formal methods are intricate software systems, which often compute abstract models to prove system implementations correct or find errors. There is already a large pool of mature and well-established verification tools (for example, in the area of software verification [1,2,3,4,5]), and automatic tools are heavily used in industrial software-engineering applications [4,6,7,8]. Sometimes such tools are even used as components in meta verifiers [9,10,11,12,13,14]. ...

Reference:

FM-Weck: Containerized Execution of Formal-Methods Tools
Ultimate Automizer and the Abstraction of Bitwise Operations: (Competition Contribution)

Lecture Notes in Computer Science

... An early proof-of-concept implementation [14] of CSeq-DR could only handle basic memory access, achieving modest results (5th place with 6 false positives) at SV-COMP 2022 [3]. GemCutter also relies on program transformation for detecting races [17], but needs one auxiliary variable per global variable in the program, while we only introduce three variables for the whole program; similarly to [14], its analysis beyond basic memory access can be inaccurate. An extension of lazy sequentialisation for deadlock checking is proposed in [35]. ...

Ultimate Taipan and Race Detection in Ultimate: (Competition Contribution)

Lecture Notes in Computer Science

... Assume we do not know that this error exists and we want to know whether a call to reach_error() is reachable. When we run the formal verifier UAutomizer [24,25] on the program with property "reach_error is never called", it reports an alarm. It also provides a violation witness that represents at least one claimed counterexample to the property. ...

Ultimate Automizer and the CommuHash Normal Form: (Competition Contribution)

Lecture Notes in Computer Science

... A witness ω ∈ Ω is a certificate produced by a tool to explain its verdict on a verification task. We interpret witnesses more flexibly than verification witnesses [43] for verifiers and also consider test cases as witnesses from test-case generators. Tools that produce witnesses for their analysis results are said to be certifying [44,45]. ...

Verification Witnesses
  • Citing Article
  • May 2022

ACM Transactions on Software Engineering and Methodology

... Deagle [33,65] is a SAT-based bounded model checker built on top of CBMC [12] with an efficient handling of concurrency and a tailored SAT decision procedure; it was the winner in the ConcurrencySafety category at SV-COMP 2023 [4], which subsumes the NoDataRace demo category of the previous edition of the competition. Ultimate GemCutter [45] is based on counterexampleguided abstraction refinement; it ranked first at SV-COMP 2022 [3] for the NoDataRace demo category. Goblint [61,66] is a static analyser for data race checking based on thread-modular abstract interpretation. ...

Ultimate GemCutter and the Axes of Generalization: (Competition Contribution)

Lecture Notes in Computer Science

... There are verifiers to validate counterexamples using the witness validation approach, which reproduces the verification results by checking a given counterexample based on the graphml format [12]. For instance, CPAchecker [13] and Ultimate Automizer [14] employ the error-witness-driven program analysis technique to avoid false alarms produced by verifiers, i.e., given a witness for a problematic program path, they re-verify that the witness indeed violates the specification. ...

Witness validation and stepwise testification across software verifiers
  • Citing Article
  • January 2016

... This observation is leveraged by many incremental software verification techniques, which aim to speed up the reverification of modified software. For Reducer-based Conditional Verifier [7] Reducer Verifier DG(P,P') condition residual program Fig. 1: Construction of a difference verifier example, there exist techniques that update previously computed state space descriptions [2,39,35,18,27,38], reuse intermediate results [42,1,9,36,16,46,20], or skip the analysis of unchanged behavior [43,34,37,44,29,12,28,6]. However, most approaches are tailored to and coupled with one specific verification approach. ...

Incremental verification using trace abstraction
  • Citing Article
  • January 2018

... Extensional theory of arrays. The first experiment evaluates the usefulness of our computed interpolants for the theory of arrays T A within the software model checker Ultimate Automizer 2 [42] which uses interpolants within the trace abstraction scheme [44]. SMTInterpol is tightly integrated into the model checker, but Ultimate Automizer also allows for using other (interpolating) SMT solvers. ...

Ultimate automizer with an on-demand construction of Floyd-Hoare automata : (competition contribution)
  • Citing Article
  • January 2017