mikhail ramalho, lucas cordeiro, denis nicole mikhail ... · microsoft powerpoint - sbmf.pptx...
TRANSCRIPT
![Page 1: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/1.jpg)
Mikhail Ramalho, Lucas Cordeiro, Denis [email protected]
Encoding floating-point numbers using the SMT
theory in ESBMC
![Page 2: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/2.jpg)
Agenda
• Motivation
• Model Checking vs Testing/Simulation
• ESBMC
• Floating-point SMT encoding
• Illustrative Example
• Experimental Evaluation
• Conclusions and Future Works
![Page 3: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/3.jpg)
Why do we need to verify a program?
• Battleship built in 1946
and automated in 1996
(27 dual-core 200MHz
processors and
Windows NT).
3
USS Yorktown
![Page 4: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/4.jpg)
Why do we need to verify a program?
USS Yorktown
• Battleship built in 1946
and automated in 1996
(27 dual-core 200MHz
processors and
Windows NT).
• Failure due to a
division by zero: It had
to be towed back to its
naval base.
2
![Page 5: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/5.jpg)
Why do we need to verify a program?
• Is this simple C program
wrong?
![Page 6: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/6.jpg)
Why do we need to verify a program?
• Is this simple C program
wrong?
• Yes! (x = NaN)
![Page 7: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/7.jpg)
Model Checking vs Testing/Simulation
• Checks some of the system executions.
• May miss errors.
• Cheaper compared to model checking.
4
Simulation/
testing
OK
error
![Page 8: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/8.jpg)
Model Checking vs Testing/Simulation
• Exhaustively explores all executions.
– Can be bounded to limit number of iterations,
context-switch, etc.
• Report errors as traces.
• Can be extremely resource-hungry.5
Model
Checking
OK
Error trace
Specification (e.g, LTL)Line 5: …
Line 12: …
…
Line 41:…
![Page 9: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/9.jpg)
Bounded Model checking
• Bounded model checker
“slice” the state space
• It’s aimed to find bugs
and can only prove
correctness if all states
are reachable
k = 0
k = 1
k = 2
k = 3
k = 4
k = 5
k = 6
![Page 10: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/10.jpg)
ESBMC: BMC for C and C++
• Exploits SMT solvers and their background theories:
– optimized encodings for pointers, bit operations, unions and arithmetic over- and underflow
– Support for Boolector, Z3, MathSAT, CVC4 and Yices
• Supports verifying multi-threaded software that uses pthreads threading library
![Page 11: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/11.jpg)
ESBMC: Verification Support
• built-in properties:
– arithmetic under- and overflow, pointer safety, array bounds, division by zero, alignment check, memory leaks, atomicity and order violations, deadlock, data race
• user-specified assertions:
– (__ESBMC_assume, __ESBMC_assert)
• built-in scheduling functions:
– (__ESBMC_atomic_begin, __ESBMC_atomic_end,
__ESBMC_yield)
![Page 12: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/12.jpg)
Floating-point SMT Encoding
• The SMT floating-point theory is an addition to
the SMT standard, proposed in 2010 and
formalises:
– floating-point arithmetic,
– positive and negative infinities and zeroes,
– NaNs,
– comparison operators,
– five rounding modes: round nearest with ties choosing
the even value, round nearest with ties choosing away
from zero, round towards zero, round towards positive
infinity and round towards negative infinity
![Page 13: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/13.jpg)
Floating-point SMT Encoding
• Missing from the standard:
– Floating-point exceptions
– Signaling NaNs
• Two solvers currently support the standard:
– Z3: implements all operators
– MathSAT: implements all but two operators (fp.remand fp.fma)
• Both solvers offer non-standard functions:
– fp_as_ieeebv: converts floating-point to bitvectors
– fp_from_ieeebv: converts bitvectors to floating-point
![Page 14: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/14.jpg)
How to encode programs?
• Most operations performed at program-level
to encode floating-point numbers have a one-
to-one conversion to SMT
• Special cases being casts to boolean types and
the fp.eq operator.
![Page 15: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/15.jpg)
Cast to/from booleans
• Usually, cast operations
are encoded using
extend/extract
operations
![Page 16: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/16.jpg)
Cast to/from booleans
• Usually, cast operations
are encoded using
extend/extract
operations
• Extending floating-point
numbers is non-trivial
because of the format
![Page 17: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/17.jpg)
Cast to/from booleans
• Simpler solutions:
– Casting booleans to floating-point numbers can be
done using an ite operator
![Page 18: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/18.jpg)
Cast to/from booleans
• Simpler solutions:
– Casting booleans to floating-point numbers can be
done using an ite operator
If true, assign 1f to b
![Page 19: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/19.jpg)
Cast to/from booleans
• Simpler solutions:
– Casting booleans to floating-point numbers can be
done using an ite operator
Otherwise, assign 0f to b
![Page 20: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/20.jpg)
Cast to/from booleans
• Simpler solutions:
– Casting floating-point numbers to booleans can be
done using an equality and one not:
![Page 21: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/21.jpg)
The fp.eq operator
![Page 22: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/22.jpg)
The fp.eq operator
• In SMT, there is no difference between
assignments and comparisons, except when it
comes to floating-point numbers
• For floating-point numbers, the comparison
operator is replaced by fp.eq
![Page 23: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/23.jpg)
Unused operators
• fp.max: returns the larger of two floating-
point numbers; equivalent to the fmax, fmaxf,
fmaxl functions
![Page 24: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/24.jpg)
Unused operators
![Page 25: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/25.jpg)
Unused operators
![Page 26: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/26.jpg)
Unused operators
![Page 27: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/27.jpg)
Unused operators
![Page 28: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/28.jpg)
Unused operators
• fp.min: returns the smaller of two floating-
point numbers; equivalent to the fmin, fminf,
fminl functions
![Page 29: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/29.jpg)
Unused operators
![Page 30: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/30.jpg)
Unused operators
![Page 31: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/31.jpg)
Unused operators
• fp.rem: returns the floating-point remainder
of the division operation x/y; equivalent to the
fmod, fmodf, fmodl functions
![Page 32: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/32.jpg)
Unused operators
![Page 33: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/33.jpg)
Unused operators
![Page 34: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/34.jpg)
Unused operators
![Page 35: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/35.jpg)
Unused operators
![Page 36: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/36.jpg)
Unused operators
![Page 37: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/37.jpg)
Unused operators
![Page 38: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/38.jpg)
Unused operators
![Page 39: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/39.jpg)
Unused operators
• fp.isSubnormal: we could not find any user
case for it when modelling C11 standard
functions.
![Page 40: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/40.jpg)
Illustrative Example
![Page 41: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/41.jpg)
Illustrative Example
![Page 42: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/42.jpg)
Illustrative Example
Variable declarations
![Page 43: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/43.jpg)
Illustrative Example
Nondeterministic symbol
declaration (optional)
![Page 44: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/44.jpg)
Illustrative Example
Guard used to check
satisfiability
![Page 45: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/45.jpg)
Illustrative Example
Assignment of
nondeterministic
value to x
![Page 46: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/46.jpg)
Illustrative Example
Assignment x to y
![Page 47: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/47.jpg)
Illustrative Example
Check if the comparison
satisfies the guard
![Page 48: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/48.jpg)
Illustrative Example
• Z3 produces:
![Page 49: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/49.jpg)
Illustrative Example
• MathSAT produces:
![Page 50: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/50.jpg)
Illustrative Example
![Page 51: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/51.jpg)
Experimental Evaluation
• 172 benchmarks from SV-COMP’17
• Timeout: 900s
• Memory limit: 15GB
• MathSAT v5.3.14
• Z3 v4.5.0
![Page 52: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/52.jpg)
Experimental Evaluation
![Page 53: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/53.jpg)
Experimental Evaluation
• 76 out of the 172 (44%) benchmarks are
deterministic (no solver is invoked)
![Page 54: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/54.jpg)
Experimental Evaluation
• 76 out of the 172 (44%) benchmarks are
deterministic (no solver is invoked)
• MathSAT is 4.5x faster than Z3 when verifying
the same set of benchmarks
![Page 55: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/55.jpg)
Comparison to other Software
Verifiers
ESBMC + MathSAT
achieved the highest
score among all verifiers
![Page 56: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/56.jpg)
Conclusions
• We presented an approach to encode C
programs, using the SMT floating-point theory
• We implemented our approach in ESBMC,
using two different solvers, Z3 and MathSAT,
and MathSAT proved to be much faster than
Z3
• We evaluated our approach against other
verifiers and ESBMC with MathSAT proved to
be the state-of-art
![Page 57: Mikhail Ramalho, Lucas Cordeiro, Denis Nicole mikhail ... · Microsoft PowerPoint - sbmf.pptx Author: Lucas Created Date: 11/29/2017 10:22:22 PM](https://reader033.vdocuments.site/reader033/viewer/2022051808/600a64fe465ea95db043d949/html5/thumbnails/57.jpg)
Future Work
• Create a floating-point API to encode
operations using bitvectors
– It will enable verifying programs using other
solvers (Boolector, CVC4 and Yices)
– Public implementations available (CPROVER and
Z3)