Advertisement

SATABS: SAT-Based Predicate Abstraction for ANSI-C

  • Edmund Clarke
  • Daniel Kroening
  • Natasha Sharygina
  • Karen Yorav
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3440)

Abstract

This paper presents a model checking tool, SatAbs, that implements a predicate abstraction refinement loop. Existing software verification tools such as Slam, Blast, or Magic use decision procedures for abstraction and simulation that are limited to integers. SatAbs overcomes these limitations by using a SAT-solver. This allows the model checker to handle the semantics of the ANSI-C standard accurately. This includes a sound treatment of bit-vector overflow, and of the ANSI-C pointer arithmetic constructs.

Keywords

Model Check Spurious Transition Bound Model Check Predicate Abstraction Model Check Tool 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Clarke, E., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)Google Scholar
  2. 2.
    Graf, S., Saïdi, H.: Construction of abstract state graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Colón, M., Uribe, T.: Generating finite-state abstractions of reactive systems using decision procedures. In: Y. Vardi, M. (ed.) CAV 1998. LNCS, vol. 1427, pp. 293–304. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  4. 4.
    Clarke, E., Grumberg, O., Long, D.: Model checking and abstraction. Principles of Programming Languages (1992)Google Scholar
  5. 5.
    Kurshan, R.: Computer-Aided Verification of Coordinating Processes. Princeton University Press, Princeton (1995)zbMATHGoogle Scholar
  6. 6.
    Ball, T., Rajamani, S.: Boolean programs: A model and process for software analysis. Technical Report 2000-14, Microsoft Research (2000)Google Scholar
  7. 7.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. In: ICSE, pp. 385–395 (2003)Google Scholar
  9. 9.
    Ivers, J., Sharygina, N.: Overview of ComFoRT: A Model Checking Reasoning Framework. Technical Report CMU/SEI-2004-TN-018, CMU SEI (2004)Google Scholar
  10. 10.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL 02: Symposium on Principles of Programming Languages, pp. 58–70. ACM Press, New York (2002)CrossRefGoogle Scholar
  11. 11.
    Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: A theorem prover for program checking. Technical Report HPL-2003-148, HP Labs (2003)Google Scholar
  12. 12.
    Ball, T., Cook, B., Lahiri, S.K., Zhang, L.: Zapato: Automatic theorem proving for predicate abstraction refinement. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  13. 13.
    Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Cook, B., Kroening, D., Sharygina, N.: Cogent: Accurate Theorem Proving for Program Analysis. Technical Report 464, ETH Zurich, Computer Science (2004)Google Scholar
  15. 15.
    Lahiri, S.K., Bryant, R.E., Cook, B.: A symbolic approach to predicate abstraction. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 141–153. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Clarke, E., Kroening, D., Sharygina, N., Yorav, K.: Predicate abstraction of ANSI–C programs using SAT. Formal Methods in System Design 25, 105–127 (2004)zbMATHCrossRefGoogle Scholar
  17. 17.
    Jain, H., Clarke, E., Kroening, D.: Verification of SpecC and Verilog using predicate abstraction. In: Proceedings of MEMOCODE 2004, pp. 7–16. IEEE, Los Alamitos (2004)Google Scholar
  18. 18.
    Clarke, E., Jain, H., Kroening, D.: Predicate Abstraction and Refinement Techniques for Verifying Verilog. Technical Report CMU-CS-04-139 (2004)Google Scholar
  19. 19.
    Kroening, D., Clarke, E.: Checking consistency of C and Verilog using predicate abstraction and induction. In: Proceedings of ICCAD, pp. 66–72. IEEE, Los Alamitos (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Edmund Clarke
    • 1
  • Daniel Kroening
    • 2
  • Natasha Sharygina
    • 1
    • 3
  • Karen Yorav
    • 4
  1. 1.School of Computer ScienceCarnegie Mellon University 
  2. 2.ETH ZuerichSwitzerland
  3. 3.Software Engineering InstituteCarnegie Mellon University 
  4. 4.IBMHaifaIsrael

Personalised recommendations