Based in the area of software verification that uses model-checking methods, this paper builds on the recent verification methods that employ the technique of counterexample guided abstraction refinement (CEGAR) for proving a program’s correctness. In order to check whether a program satisfies a safety property, CEGAR-based techniques build a series of finite-state abstractions of the program until one of the following is found: a counterexample that demonstrates that the property is violated, or a finite-state abstraction of the program, which is an over approximation of the program satisfying the property. CEGAR-based verification methods differ from one another based on the kind of abstractions employed and the particular methods used for refinement.

This paper proposes an algorithm, called DASH, that is based on an algorithm called Synergy, proposed earlier by the authors. Like Synergy, DASH performs testing and abstraction simultaneously, guiding the test process to select the right abstraction. DASH extends Synergy in three significant respects: it can handle programs with pointers; it can handle programs with procedure calls; and, for proving the soundness of the abstraction, it makes less theorem-proving calls, a costly step in the CEGAR techniques. The simple idea of template-based refinement reduces the number of theorem-prover calls. Variable aliasing information is important for handling pointers, and accurate computation of this is not always possible. A novel strategy of using the aliasing local to a given test improves the performance and accuracy of the algorithm. The entire algorithm is implemented and evaluated successfully on a number of device driver benchmarks.

The paper is very well written, with good illustrations and explanations. It is a must-read for people working with software verification, and will interest people working in program testing too.