Abstract
Blast is a verification system for checking safety properties of C programs. Blast implements a lazy-abstraction algorithm, which integrates automatic abstraction refinement and model checking [8]. The input to Blast is a C program and a safety monitor written in a specification language with C like syntax [1]. The lazy-abstraction algorithm returns either an error trace of the program together with a corresponding test case [2], or a proof that the program satisfies the safety property [6] (or, since the problem is undecidable, the algorithm may fail to terminate). Blast automatically constructs and refines a parsimonious predicate abstraction of the input program, using an interpolation-based decision procedure to find, based on counterexample analysis, the relevant predicates for each individual control location [5].
Blast has successfully verified and found violations of interface safety properties of large device driver programs [6,5], memory safety properties [3], race conditions in nesC programs (using an extension for concurrent programs) [4], and file handling properties of large open-source programs [9]. Extensions to Blast support program testing [2] and incremental programming [7].
Blast is available from http://www.eecs.berkeley.edu/ blast.
This research was supported in part by the NSF grants CCR-0234690, CCR-0225610, ITR-0326577, and CCR-0427202.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Beyer, D., Chlipala, A., Henzinger, T.A., Jhala, R., Majumdar, R.: The blast query language for software verification. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 2–18. Springer, Heidelberg (2004)
Beyer, D., Chlipala, A., Henzinger, T.A., Jhala, R., Majumdar, R.: Generating tests from counterexamples. In: ICSE 2004, pp. 326–335. ACM, New York (2004)
Beyer, D., Henzinger, T.A., Jhala, R., Majumdar, R.: Checking memory safety with blast. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 2–18. Springer, Heidelberg (2005)
Henzinger, T.A., Jhala, R., Majumdar, R.: Race checking by context inference. In: PLDI 2004, pp. 1–13. ACM, New York (2004)
Henzinger, T.A., Jhala, R., Majumdar, R., McMillan, K.L.: Abstractions from proofs. In: POPL 2004, pp. 232–244. ACM, New York (2004)
Henzinger, T.A., Jhala, R., Majumdar, R., Necula, G.C., Sutre, G., Weimer, W.: Temporal-safety proofs for systems code. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 526–538. Springer, Heidelberg (2002)
Henzinger, T.A., Jhala, R., Majumdar, R., Sanvido, M.A.A.: Extreme model checking. In: Dershowitz, N. (ed.) Verification: Theory and Practice. LNCS, vol. 2772, pp. 332–358. Springer, Heidelberg (2004)
Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL 2002, pp. 58–70. ACM, New York (2002)
Jhala, R., Majumdar, R.: Path slicing. In: PLDI 2005. ACM, New York (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Henzinger, T.A., Jhala, R., Majumdar, R. (2005). The BLAST Software Verification System. In: Godefroid, P. (eds) Model Checking Software. SPIN 2005. Lecture Notes in Computer Science, vol 3639. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11537328_4
Download citation
DOI: https://doi.org/10.1007/11537328_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28195-5
Online ISBN: 978-3-540-31899-6
eBook Packages: Computer ScienceComputer Science (R0)