Presentation is loading. Please wait.

Presentation is loading. Please wait.

Predicate Abstraction of ANSI-C Programs Using SAT By Edmund Clarke, Daniel Kroening, Natalia Sharygina, Karen Yorav Presented by Yunho Kim Provable Software.

Published byHelen King Modified over 8 years ago

Similar presentations

Presentation on theme: "Predicate Abstraction of ANSI-C Programs Using SAT By Edmund Clarke, Daniel Kroening, Natalia Sharygina, Karen Yorav Presented by Yunho Kim Provable Software."— Presentation transcript:

1 Predicate Abstraction of ANSI-C Programs Using SAT By Edmund Clarke, Daniel Kroening, Natalia Sharygina, Karen Yorav Presented by Yunho Kim Provable Software Lab, KAIST

2 Contents Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST2/23 Introduction Preparation of C code Abstraction using SAT Model checking Conclusion

3 A simple C code has too many states for exhaustive analysis However, what we really need is ‘x is 0 or not’, not the concrete value of x Introduction(1/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST3/23 Example(unsigned int x) L1: while(x>1) { L2: if (x%2 == 1) L3: x = 3*x+1; else L4: x = x/2; } L5: assert(x != 0); Initial Value of x 012 … Program Counter L1 L2 L3 L4 L5 … Final

4 Predicate is a function which returns a Boolean value – A function π : X→ {true, false} is a predicate on X States satisfying same predicates are equivalent Introduction(2/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST4/23 π = false Value of x 012 … Program Counter L1 L2 L3 L4 L5 … π=true Predicate Abstraction π = true π = false π ⇔ (x = 0)

5 Introduction(3/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST5/23 Overview of predicate abstraction process Predicate Abstraction Model Checking Predicate Refinement Spurious? C program Spec φ Boolean Program Spurious Counterexample φ false + counterexample φ true φ Today’s focus: How to make a Boolean program effectively and efficiently from a given C program and a set of predicates

6 Contents Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST6/23 Introduction Preparation of C code Abstraction using SAT Model checking Conclusion

7 Preparation of C code(1/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST7/23 Abstraction function (predicates) Concrete transition (basic block) Concrete next state Concrete state Abstract state Abstract next state Abstract transition Abstraction function (predicates)

8 Preparation of C code(2/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST8/23 Transform C program into goto-program – Function inlining Recursion is not supported – Loop is rewritten using if and goto statements – Side-effects are removed x = 5+(++i); i = i+1; x = 5+i;

9 Preparation of C code(3/3) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST9/23 goto-program example goto-program 1. int global; 2. int x, i; 3. global = 1; 4. i = i+1; 5. x = 5+i; 6. if (!x) goto L1; 7. global = 2; 8. goto L2; 9. L1: global = 3; 10. L2: C program 1. int global; 2. int func(){ 3. global = 1; 4. } 5. 6. int main(){ 7. int x, i; 8. func(); 9. if ((x = 5+(++i))){ 10. global = 2; 11. } 12. else{ 13. global = 3; 14. } 15. }

10 Contents Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST10/23 Introduction Preparation of C code Abstraction using SAT Model checking Conclusion

11 Abstraction using SAT(1/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST11/23 Definition – v is the vector of all concrete program variables v v is a state of a concrete program Program counter is considered as a variable – b denotes the vector of all Boolean variables b b is a state of a Boolean program Each predicate π i is associated with a Boolean variable b i – π denotes the vector of predicates π i π( v ) is called the abstraction function, π( v ) = b

12 Abstraction using SAT(2/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST12/23 Definition (con’t) – T is a concrete transition relation which maps a concrete state v into a concrete next state v ’ – B is an abstract transition relation which maps an abstract state b into an abstract next state b ’

13 Abstraction using SAT(3/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST13/23 Abstraction function (predicates) Concrete transition (basic block) Concrete next state Concrete state Abstract state Abstract next state Abstract transition Abstraction function (predicates) Example(unsigned int x) L1: while(x>1) { L2: if (x%2 == 1) L3: x = 3*x+1; else L4: x = x/2; } L5: assert(x != 0); PC=L4, x = 3PC’=L1, x’ = 1 b = false π ⇔ (x = 0) b = false

14 Abstraction using SAT(4/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST14/23 First defines the concrete transition relation of a basic block Each basic block consists of a sequence of assignments – Therefore do not consider control statements here T denotes the CNF formula representing the concrete transition relation

15 Abstraction using SAT(5/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST15/23 Translates a basic block into its Static Single Assignment(SSA) form Each v ’ in v ’ is the largest numbered SSA variable Basic block x = z * x; y = x + 1; x = x + y; SSA form v [x:=x 0, y:=y 0, z:=z 0 ] x 1 = z 0 * x 0 ; y 1 = x 1 + 1; x 2 = x 1 + y 1 ; v ’[x’:=x 2, y’:=y 1, z’:=z 0 ] T ( v, v ’) CNF formula

16 Abstraction using SAT(6/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST16/23 Assignments and arithmetic operations are translated into CNF formula Assume that x,y,z are three bits positive integers represented by propositions x 0 x 1 x 2, y 0 y 1 y 2, z 0 z 1 z 2 C  z=x+y  ( z 0  ( x 0 ⊕ y 0 ) ⊕ ( ( x 1 ∧ y 1 ) ∨ (( x 1 ⊕ y 1 )∧( x 2 ∧ y 2 ))) ∧ ( z 1  ( x 1 ⊕ y 1 ) ⊕ ( x 2 ∧ y 2 )) ∧ ( z 2  (x 2 ⊕ y 2 ))

17 Abstraction using SAT(7/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST17/23 The abstract transition relation B ( b, b ’) is defined using π as follows:

18 Abstraction using SAT(8/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST18/23 Example Basic block d = e; e = e+1; SSA form v [d:=d 0, e:=e 0 ] d 1 = e 0 e 1 = e 0 +1 v ’[d’:=d 1, e’:=e 1 ] SAT formula (b 1  (e 0 ≥0)) ∧ (b 2  (e 0 ≤100)) ∧ d 1 =e 0 ∧ e 1 =e 0 +1 ∧ (b 1 ’=(e 1 ≥0)) ∧ (b 2 ’=(e 1 ≤100)) Predicates: π 1 = e ≥ 0 π 2 = e ≤ 100 b1b1 b2b2 b1’b1’b2’b2’ 0101 0111 1001 1010 1110 1111 All satisfying assignments obtained using SAT solver

19 Abstraction using SAT(9/9) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST19/23 The condition in if statement can be a predicate Control statement x = 0; if (x<2) x = x+1; SAT formula b 1  x 0 <2 ∧ x 1 =0 ∧ b 1 ’  x 1 <2 ∧ Predicate: π 1 = x < 0 b 1 ’  x 1 <2 ∧ x 2 =x 1 +1 ∧ b 1 ’’  x 2 <2 ┐ (b 1 ’  x 1 <2) ∧ x 2 =x 1 ∧ b 1 ’’=b 1 ’ ∨

20 Contents Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST20/23 Introduction Preparation of C code Abstraction using SAT Model checking Conclusion

21 Model checking(1/1) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST21/23 Model checker tries to find a counterexample of the generated Boolean program model. If no counterexample is found, the concrete program satisfies given requirements. If a counterexample is found, check its feasibility – If the counterexample is infeasible, refine predicates and re- run predicate abstraction process

22 Conclusion(1/1) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST22/23 Predicate abstraction using SAT performs better than theorem provers It can use sound abstraction with the power of SAT solver

23 References(1/1) Predicate Abstraction of ANSI-C Programs Using SAT, Yunho Kim, Provable Software Lab, KAIST23/23 Predicate abstraction of ANSI-C Programs Using SAT by Edmund Clarke, Daniel Kroening, Natasha Sharygina and Karen Yorav in Formal Methods in System Design, Vol. 25, pp. 105-127, 2004

Download ppt "Predicate Abstraction of ANSI-C Programs Using SAT By Edmund Clarke, Daniel Kroening, Natalia Sharygina, Karen Yorav Presented by Yunho Kim Provable Software."

Similar presentations

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.
Exploiting SAT solvers in unbounded model checking

Exploiting SAT solvers in unbounded model checking
Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Abstraction of Source Code (from Bandera lectures and talks)

Abstraction of Source Code (from Bandera lectures and talks)
Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008

Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008
Introduction to MiniSat v1.14 Presented by Yunho Kim Provable Software Lab, KAIST.

Introduction to MiniSat v1.14 Presented by Yunho Kim Provable Software Lab, KAIST.
1 Theorem Proving and Model Checking in PVS 15-820A Proving Software with PVS Edmund Clarke Daniel Kroening Carnegie Mellon University.

1 Theorem Proving and Model Checking in PVS A Proving Software with PVS Edmund Clarke Daniel Kroening Carnegie Mellon University.
Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.

Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.
50.530: Software Engineering Sun Jun SUTD. Week 10: Invariant Generation.

50.530: Software Engineering Sun Jun SUTD. Week 10: Invariant Generation.
Max Cut Problem Daniel Natapov.

Max Cut Problem Daniel Natapov.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
1 Software Verification Computer Science Club, Steklov Math Institute Lecture 1 Natasha Sharygina The University of Lugano, Carnegie Mellon University.

1 Software Verification Computer Science Club, Steklov Math Institute Lecture 1 Natasha Sharygina The University of Lugano, Carnegie Mellon University.
By Claudia Fiorini, Enrico Martinelli, Fabio Massacci

By Claudia Fiorini, Enrico Martinelli, Fabio Massacci
1 Automatic Predicate Abstraction of C Programs Parts of the slides are from

1 Automatic Predicate Abstraction of C Programs Parts of the slides are from
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.

Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.

The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.
Using Statically Computed Invariants Inside the Predicate Abstraction and Refinement Loop Himanshu Jain Franjo Ivančić Aarti Gupta Ilya Shlyakhter Chao.

Using Statically Computed Invariants Inside the Predicate Abstraction and Refinement Loop Himanshu Jain Franjo Ivančić Aarti Gupta Ilya Shlyakhter Chao.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

Similar presentations

Ads by Google