Automatic predicate abstraction of C programs

Thomas Ball, Rupak Majumdar, Todd Millstein, Sriram K. Rajamani
2001 SIGPLAN notices  
Model checking has been widely successful in validating and debugging designs in the hardware and protocol domains. However, state-space explosion limits the applicability of model checking tools, so model checkers typically operate on abstractions of systems. Recently, there has been significant interest in applying model checking to software. For infinite-state systems like software, abstraction is even more critical. Techniques for abstracting software are a prerequisite to making software
more » ... del checking a reality. We present the first algorithm to automatically construct a predicate abstraction of programs written in an industrial programming language such as C, and its implementation in a tool -C2bp. The C2bp tool is part of the SLAM toolkit, which uses a combination of predicate abstraction, model checking, symbolic reasoning, and iterative refinement to statically check temporal safety properties of programs. Predicate abstraction of software has many applications, including detecting program errors, synthesizing program invariants, and improving the precision of program analyses through predicate sensitivity. We discuss our experience applying the C2bp predicate abstraction tool to a variety of problems, ranging from checking that list-manipulating code preserves heap invariants to finding errors in Windows NT device drivers. language is a quantifier-free logic, rather than the more powerful logic of [30] . • We have applied C2bp and Bebop to examples from Necula's work on proof-carrying code [26] to automatically identify loop invariants in these examples that the PCC compiler was required to generate.
doi:10.1145/381694.378846 fatcat:dccnganv7bdqpl72uraf4l4buy