Synthesizing Safe Bit-Precise Invariants

  • Arie Gurfinkel
  • Anton Belov
  • Joao Marques-Silva
Conference paper

DOI: 10.1007/978-3-642-54862-8_7

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8413)
Cite this paper as:
Gurfinkel A., Belov A., Marques-Silva J. (2014) Synthesizing Safe Bit-Precise Invariants. In: Ábrahám E., Havelund K. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2014. Lecture Notes in Computer Science, vol 8413. Springer, Berlin, Heidelberg

Abstract

Bit-precise software verification is an important and difficult problem. While there has been an amazing progress in SAT solving, Satisfiability Modulo Theory of Bit Vectors, and bit-precise Bounded Model Checking, proving bit-precise safety, i.e. synthesizing a safe inductive invariant, remains a challenge. Although the problem is decidable and is reducible to propositional safety by bit-blasting, the approach does not scale in practice. The alternative approach of lifting propositional algorithms to bit-vectors is difficult. In this paper, we propose a novel technique that uses unsound approximations (i.e., neither over- nor under-) for synthesizing sound bit-precise invariants. We prototyped the technique using Z3/PDR engine and applied it to bit-precise verification of benchmarks from SVCOMP’13. Even with our preliminary implementation we were able to demonstrate significant (orders of magnitude) performance improvements with respect to bit-precise verificaton using Z3/PDR directy.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Arie Gurfinkel
    • 1
  • Anton Belov
    • 2
  • Joao Marques-Silva
    • 2
  1. 1.Carnegie Mellon UniversityUSA
  2. 2.University College DublinIreland

Personalised recommendations