Abstract cvc5 is the latest SMT solver in the cooperating validity checker series and builds
on the successful code base of CVC4. This paper serves as a comprehensive system …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Code reuse attacks such as return-oriented programming (ROP) have become prevalent
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …

Abstract Satisfiability Modulo Theories (SMT) refers to the problem of determining whether a
first-order formula is satisfiable with respect to some logical theory. Solvers based on SMT …

A decision procedure is an algorithm that, given a decision problem, terminates with a
correct yes/no answer. In this book, we focus on decision procedures for decidable first …

We present solc-verify, a source-level verification tool for Ethereum smart contracts. solc-
verify takes smart contracts written in Solidity and discharges verification conditions using …

We present a language-independent verification framework that can be instantiated with an
operational semantics to automatically generate a program verifier. The framework treats …

Separation logic (SL) has gained widespread popularity because of its ability to succinctly
express complex invariants of a program's heap configurations. Several specialized provers …

Consider a sequential programming language with control flow constructs such as
assignments, choice, loops, and procedure calls. We restrict the syntax of expressions in this …

During system call execution, it is common for operating system kernels to read userspace
memory multiple times (multi-reads). A critical bug may exist if the fetched userspace …