F-Soft: Software Verification Platform
In this paper, we describe our verification tool F-Soft, which is developed for the analysis of C programs. Its novelty lies in the combination of several recent advances in formal verification research including SAT-based verification, static analyses and predicate abstraction. As shown in the tool overview in Figure 1, we translate a program into a Boolean model to be analyzed by our verification engine DiVer , which includes BDD-based and SAT-based model checking techniques. We include various static analyses, such as computing the control flow graph of the program, program slicing with respect to the property, and performing range analysis as described in Section 2.2. We model the software using a Boolean representation, and use customized heuristics for the SAT-based analysis as described in Section [2.1]. We can also perform a localized predicate abstraction with register sharing as described in Section [2.3], if the user so chooses. The actual analysis of the resulting Boolean model is performed using DiVer. If a counter-example is discovered, we use a testbench generator that automatically generates an executable program for the user to examine the bug in his/her favorite debugger. The F-Soft tool has been applied on numerous case studies and publicly available benchmarks for sequential C programs. We are currently working on extending it to handle concurrent programs.
- 1.Ball, T., Majumdar, R., Millstein, T.D., Rajamani, S.K.: Automatic predicate abstraction of C programs. In: PLDI, pp. 203–213 (2001)Google Scholar
- 3.Corbett, J.C., et al.: Bandera: Extracting finite-state models from java source code. In: Int. Conf. on Software Engineering, pp. 439–448 (2000)Google Scholar
- 6.Ivančić, F., Yang, Z., Ganai, M., Gupta, A., Ashar, P.: Efficient SAT-based bounded model checking for software verification. In: Symposium on Leveraging Formal Methods in Applications (2004)Google Scholar
- 10.Rugina, R., Rinard, M.C.: Symbolic bounds analysis of pointers, array indices, and accessed memory regions. In: PLDI, pp. 182–195 (2000)Google Scholar
- 11.Visser, W., Havelund, K., Brat, G., Park, S., Lerda, F.: Model checking programs. Automated Software Engineering Journal 10(2) (2003)Google Scholar
- 12.Zaks, A., Shlyakhter, I., Ivančić, F., Cadambi, H., Yang, Z., Ganai, M., Gupta, A., Ashar, P.: Range analysis for software verification (2005) (in submission)Google Scholar