Program Verification with Property Directed Reachability

Program Verification with Property Directed Reachability by Tobias Welp Doctor of Philosophy in Engineering–Electrical Engineering and Computer Sciences University of California, Berkeley Professor Andreas Kuehlmann, Chair As a consequence of the increasing use of software in safety-critical systems and the considerable risk associated with their failure, effective and efficient algorithms for program verification are of high value. Despite extensive research efforts towards better software verification technology and substantial advances in the state-of-the-art, verification of larger and complex software systemsmust still be considered infeasible and further advances are desirable. In 2011, Property Directed Reachablity (PDR) was proposed as a new algorithm for hardware model checking. PDR outperforms all previously known algorithms for this purpose and has additional favorable algorithmic properties, such as incrementality and parallelizability. In this dissertation, we explore the potential of using PDR for program verification and as product of this endeavor present a sound and complete algorithm for intraprocedural verification of programs with static memory allocation that is based on PDR. In the first part, we describe a generalization of the original Boolean PDR algorithm to the theory of quantifier-free formulae over bitvectors (QF_BV). We implemented the algorithm and present experimental results that show that the generalized algorithm outperforms the original algorithm applied to bit-blasted versions of the used benchmarks. In the second part, we present a program verification frontend that uses loop invariants to construct a model of the program that overapproximates its behavior. If the