Abstract
We describe the application of ESBMC, a symbolic bounded model checker for C programs, to the 2012 RERS greybox challenge. We checked the reachability properties via reachability of the error labels, and the behavioral properties via a bounded LTL model checking approach. Our approach could solve about 700 properties for the small and medium problems from the offline phase, and scored overall about 5,000 marks but still ranked last in the competition.
Similar content being viewed by others
Notes
With further improvements by Babiak et al. [1].
Note that the internal program structure still plays a role: for the same unwinding bound the hard problems take one to two orders of magnitude longer than the easy or moderate ones; see Table 1 for details.
Since this specific LTL formula only uses output the traces (and thus prefixes) consist of output-literals only. However, the corresponding input values can still be extracted from the BMC counterexamples.
References
Babiak, T., Kr̆etínský, M., Rehák, V., Strejc̆ek, J.: LTL to Büchi Automata translation: fast and more deterministic. TACAS, LNCS 7241, 95–109 (2012)
Bauer, A., Haslum, P.: LTL goal specifications revisited. ECAI’10 Front. Artif. Intell. Appl. 215, 881–886 (2010)
Bauer, A., Leucker, M., Schallhart, C.: Comparing LTL semantics for runtime verification. J. Log. Comput. 20(3), 651–674 (2010)
Brummayer, R., Biere, A.: Boolector: an efficient SMT solver for bit-vectors and arrays. TACAS, LNCS 5505, 174–177 (2009)
Chai, M., Li, X., Zhao, L.: Runtime verification based on 4-valued past time LTL. In: Intl. Conf. Computer Science and Information Processing, pp. 567–570 (2012)
Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. TACAS, LNCS 2988, 168–176 (2004)
Clarke, E., Lerda, F.: Model checking: software and beyond. J. Univ. Computer Sci. 13, 639–649 (2007)
Cordeiro, L., Fischer, B.: Verifying multi-threaded software using SMT-based context-bounded model checking. ICSE, pp. 331–340 (2011)
Cordeiro, L., Fischer, B., Marques-Silva, J.: SMT-based bounded model checking for embedded ANSI-C software. IEEE Trans. Softw. Eng. 38(4), 957–974 (2012)
Cordeiro, L., Morse, J., Nicole, D., Fischer, B.: Context-bounded model checking with ESBMC 1.17. TACAS, LNCS 7214, 533–536 (2012)
de Moura, L.M., Bjørner, N.: An efficient SMT solver:Z3. TACAS, LNCS 4963, 337–340 (2008)
Gastin, P., Oddoux, D.: Fast LTL to Büchi Automata Translation. CAV, LNCS 2102, 53–65 (2001)
Holzmann, G.: The SPIN Model Checker—Primer and Reference Manual. Addison-Wesley, Boston (2004)
Kupferman, O., Vardi, M.: Model checking of safety properties. Formal Methods Syst. Design 19(3), 291–314 (2001)
Lamport, L.: What good is temporal logic? Inf. Process. 83, 657–668 (1983)
Li, X., Chai, M., Zhao, L., Tang, T., Xu, T.: Safety monitoring for ETCS with 4-valued LTL. In: Intl. Symposium Autonomous Decentralized Systems, pp. 86–91 (2011)
Morse, J., Cordeiro, L., Nicole, D., Fischer, B.: Context-bounded model checking of LTL properties for ANSI-C software. SEFM, LNCS 7041, 302–317 (2011)
Morse, J., Cordeiro, L., Nicole, D., Fischer, B.: Model checking LTL properties over ANSI-C programs with bounded traces. J. Softw. Syst. Model (2013) (Online first)
Pnueli, A.: The temporal logic of programs. FOCS, pp. 46–57 (1977)
van de Pol, J., Ruys, T.C., te Brinke, S.: Thoughtful Brute force attack of the RERS 2012 and 2013 challenges. STTT, this volume (2014)
Steffen, B., Isberner, M., Naujokat, S., Margaria, T., Geske, M.: Property-driven benchmark generation: synthesizing programs of realistic structure. STTT. doi:10.1007/s10009-014-0336-z (2014)
Visser, W.: Personal communication (2012)
Acknowledgments
The authors acknowledge the use of the IRIDIS High Performance Computing Facility, and associated support services at the University of Southampton, in the completion of this work
Author information
Authors and Affiliations
Corresponding author
About this article
Cite this article
Morse, J., Cordeiro, L., Nicole, D. et al. Applying symbolic bounded model checking to the 2012 RERS greybox challenge. Int J Softw Tools Technol Transfer 16, 519–529 (2014). https://doi.org/10.1007/s10009-014-0335-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10009-014-0335-0