Bebop: A Symbolic Model Checker for Boolean Programs

  • Thomas Ball
  • Sriram K. Rajamani
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1885)

Abstract

We present the design, implementation and empirical evaluation of Bebop—a symbolic model checker for boolean programs. Bebop represents control flow explicitly, and sets of states implicitly using BDDs. By harnessing the inherent modularity in procedural abstraction and exploiting the locality of variable scoping, Bebop is able to model check boolean programs with several thousand lines of code, hundreds of procedures, and several thousand variables in a few minutes.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [AG00]
    Alur, A., Grosu, R.: Modular refinement of hierarchic reactive modules. In: POPL 2000: Principles of Programming Languages. ACM Press, New York (2000)Google Scholar
  2. [AH96]
    Alur, R., Henzinger, T.A.: Reactive modules. In: LICS 1996: Logic in Computer Science, pp. 207–218. IEEE Computer Society Press, Los Alamitos (1996)Google Scholar
  3. [AHM+98]
    Alur, R., Henzinger, T.A., Mang, F.Y.C., Qadeer, S., Rajamani, S.K., Tasiran, S.: Mocha: Modularity in model checking. In: Y. Vardi, M. (ed.) CAV 1998. LNCS, vol. 1427, pp. 521–525. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  4. [ASU86]
    Aho, A., Sethi, R., Ullman, J.: Compilers: Principles, Techniques and Tools. Addison-Wesley, Reading (1986)Google Scholar
  5. [BEM97]
    Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of push- down automata: Application to model-checking. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 135–150. Springer, Heidelberg (1997)Google Scholar
  6. [BHSV+96]
    Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of push- down automata: Application to model-checking. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 135–150. Springer, Heidelberg (1997)Google Scholar
  7. [BR00]
    Ball, T., Rajamani, S.K.: Boolean programs: A model and process for software analysis. Technical Report MSR-TR-2000-14, Microsoft Re- search (February 2000)Google Scholar
  8. [Bry86]
    Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers C-35(8), 677–691 (1986)CrossRefGoogle Scholar
  9. [CC00]
    Cousot, P., Cousot, R.: Temporal abstract interpretation. In: POPL 2000: Principles of Programming Languages. ACM Press, New York (2000)Google Scholar
  10. [CDH+00]
    Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of push- down automata: Application to model-checking. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 135–150. Springer, Heidelberg (1997)Google Scholar
  11. [Dil96]
    Dill, D.L.: The Murø Verification System. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 390–393. Springer, Heidelberg (1996)Google Scholar
  12. [EHRS00]
    Esparza, J., Hansel, D., Rossmanith, P., Schwoon, S.: Efficient algorithms for model checking pushdown systems. Technical Report TUM- I0002, SFB-Bericht 342/1/00 A, Technische Universitat Munchen, Institut fur Informatik (February 2000)Google Scholar
  13. [FWW97]
    Finkel, A., Willems, B., Wolper, P.: A direct symbolic approach to model checking pushdown systems. In: INFINITY 1997: Verification of Infinite-state Systems (July 1997)Google Scholar
  14. [HHK96]
    Hardin, R.H., Har’El, Z., Kurshan, R.P.: COSPAN. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 423–427. Springer, Heidelberg (1996)Google Scholar
  15. [HP96]
    Holzmann, G.J., Peled, D.A.: The State of SPIN. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 385–389. Springer, Heidelberg (1996)Google Scholar
  16. [HQR98]
    Henzinger, T.A., Qadeer, S., Rajamani, S.K.: You assume, we gu- arantee: methodology and case studies. In: Y. Vardi, M. (ed.) CAV 1998. LNCS, vol. 1427, pp. 440–451. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  17. [KS92]
    Knoop, J., Steffen, B.: The interprocedural coincidence theorem. In: CC 1992: Compiler Construction, vol. 641, pp. 125–140. Springer, Heidelberg (1992)Google Scholar
  18. [Lon93]
    Long, D.: Cmu bdd package. Carnegie Melon University (1993), http://emc.cmu.edu/pub
  19. [McM93]
    McMillan, K.L.: Symbolic Model Checking: An Approach to the State- Explosion Problem. Kluwer Academic Publishers, Dordrecht (1993)Google Scholar
  20. [McM97]
    McMillan, K.L.: A compositional rule for hardware design refinement. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 24–35. Springer, Heidelberg (1997)Google Scholar
  21. [RHS95]
    Reps, T., Horwitz, S., Sagiv, M.: Precise interprocedural dataflow analysis via graph reachability. In: POPL 1995: Principles of Programming Languages, pp. 49–61. ACM Press, New York (1995)Google Scholar
  22. [RHS96]
    Reps, T., Horwitz, S., Sagiv, M.: Precise interprocedural dataflow analysis with applications to constant propagation. Theoretical Computer Science 167, 131–170 (1996)MATHCrossRefMathSciNetGoogle Scholar
  23. [SB92]
    Steffen, B., Burkart, O.: Model checking for context-free processes. In: Cleaveland, W.R. (ed.) CONCUR 1992. LNCS, vol. 630, pp. 123–137. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  24. [Sch98]
    Schmidt, D.A.: Data flow analysis is model checking of abstract interpre- tation. In: POPL 1998: Principles of Programming Languages, pp. 38–48. ACM Press, New York (1998)Google Scholar
  25. [Som98]
    Somenzi, F.: Colorado university decision diagram package. University of Colorado, Boulder (1998), ftp://vlsi.colorado.edu/pub
  26. [SP81]
    Sharir, M., Pnueli, A.: Two approaches to interprocedural data dalow analysis. In: Program Flow Analysis: Theory and Applications, pp. 189–233. Prentice-Hall, Englewood Cliffs (1981)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Thomas Ball
    • 1
  • Sriram K. Rajamani
    • 1
  1. 1.Software Productivity ToolsMicrosoft Research 

Personalised recommendations