-
Notifications
You must be signed in to change notification settings - Fork 41
Bitvector to Integer Translation
Matthias Heizmann edited this page Mar 28, 2018
·
9 revisions
Our analysis is more efficient on integers but most programming languages use a bitvector-based semantics. In many cases we can get the integer performance and the bitvector precision if we represent bitvectors as integers and use the integer representation whenever possible.
- We translate
01001
to9
- We translate
x + 1
to(x + 1) % 4294967296
ifx
is a 32-bit integer variable - We translate bitshift operations by multiplication resp. division
- We translate bitwise and
x & y
to function that may return any value and is marked as an overapproximation. Whenever such a marked operation occurs in a counterexample, we redo the analysis using the bitprecise semantics.
In this project we will develop more of these several translations (e.g., use division and modulo to extract certain bits) and evaluate their performance
- Boogie specification This is Boogie 2
- Microsoft's tool for Boogie verificationBoogie @ rise4fun
- A Boogie interpreter Boogaloo
- Verification of safety properties in Ultimate
- Termination analysis in Ultimate (link currently not working, problem with umlauts)
- Synthesis of ranking functions and nontermination arguments in Ultimate
Exercises
- Write some (small) Boogie program that is correct.
- Write some (small) Boogie program that not correct.
- Write some (small) Boogie program where Ultimate is unable to decide correctness.
- Write some (small) Boogie program that is nonterminating.
- Write some (small) Boogie program that is terminating.
Exercises
- Write an SMT script that demonstrates that the formula
x * x <= 5 /\ x > 1
is satisfiable. - What is a satisfiable assignment for
x
. - Add another conjunct such that the formula becomes unsatisfiable.
- Home
- Ultimate Development
- Ultimate Build System
- Documentation
- Project Topics