LLM-Generated Invariants for Bounded Model Checking Without Loop Unrolling
We investigate a modification of the classical Bounded Model Checking (BMC) procedure that does not handle loops through unrolling but via modifications to the control flow graph (CFG). A portion of the CFG representing a loop is replaced by a node asserting invariants of the loop. We generate these...
Saved in:
| Published in: | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] pp. 1395 - 1407 |
|---|---|
| Main Authors: | , , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
ACM
27.10.2024
|
| Subjects: | |
| ISSN: | 2643-1572 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | We investigate a modification of the classical Bounded Model Checking (BMC) procedure that does not handle loops through unrolling but via modifications to the control flow graph (CFG). A portion of the CFG representing a loop is replaced by a node asserting invariants of the loop. We generate these invariants using Large Language Models (LLMs) and use a first-order theorem prover to ensure the correctness of the generated statements. We thus transform programs to loop-free variants in a sound manner. Our experimental results show that the resulting tool, ESBMC ibmc, is competitive with state-of-the-art formal verifiers for programs with unbounded loops, significantly improving the number of programs verified by the industrial-strength software verifier ESBMC and verifying programs that state-of-the-art software verifiers such as SeaHorn and VeriAbs could not. |
|---|---|
| AbstractList | We investigate a modification of the classical Bounded Model Checking (BMC) procedure that does not handle loops through unrolling but via modifications to the control flow graph (CFG). A portion of the CFG representing a loop is replaced by a node asserting invariants of the loop. We generate these invariants using Large Language Models (LLMs) and use a first-order theorem prover to ensure the correctness of the generated statements. We thus transform programs to loop-free variants in a sound manner. Our experimental results show that the resulting tool, ESBMC ibmc, is competitive with state-of-the-art formal verifiers for programs with unbounded loops, significantly improving the number of programs verified by the industrial-strength software verifier ESBMC and verifying programs that state-of-the-art software verifiers such as SeaHorn and VeriAbs could not. |
| Author | Bhayat, Ahmed Reger, Giles Pirzada, Muhammad A. A. Cordeiro, Lucas C. |
| Author_xml | – sequence: 1 givenname: Muhammad A. A. surname: Pirzada fullname: Pirzada, Muhammad A. A. email: muhammad.pirzada@manchester.ac.uk organization: The University of Manchester,Manchester,UK – sequence: 2 givenname: Ahmed surname: Bhayat fullname: Bhayat, Ahmed email: ahmed_bhayat@hotmail.com organization: The University of Manchester,Manchester,UK – sequence: 3 givenname: Lucas C. surname: Cordeiro fullname: Cordeiro, Lucas C. email: lucas.cordeiro@manchester.ac.uk organization: The University of Manchester,Manchester,UK – sequence: 4 givenname: Giles surname: Reger fullname: Reger, Giles email: giles.reger@manchester.ac.uk organization: The University of Manchester,Manchester,UK |
| BookMark | eNotjE1Lw0AURUdRsNas3biYP5CaN5-ZpRZbKyluLC7LS-bFDsaZkqSC_96Ars69B-69ZhcxRWLsFooFgNL30jgwolhM1BrEGcucdaUqCgtClfaczYRRMgdtxRXLhiHUxRS1ATAz9lJV23xNkXocyfNN_MY-YBwH3qaeP6ZT9JPeJk8dXx6o-Qzxg7-H8ZBOI69SOvJd7FPXTfqGXbbYDZT9c852q6e35XNeva43y4cqR1G6MbeAvgavvddUE1hwrVHoXFMLRJKFNS1CA1o2HpVQzjaorJ26VVIDopyzu7_fQET7Yx--sP_ZwzRUTgj5C1pCTu4 |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1145/3691620.3695512 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library (IEL) (UW System Shared) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798400712487 |
| EISSN | 2643-1572 |
| EndPage | 1407 |
| ExternalDocumentID | 10764922 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Engineering and Physical Sciences Research Council funderid: 10.13039/501100000266 |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL |
| ID | FETCH-LOGICAL-a289t-71adb1d5dd5ebe1719f64a99cb2aae3076fa1c153cda42497ca47715374351aa3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 1 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001353105400112&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Jan 15 06:20:43 EST 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a289t-71adb1d5dd5ebe1719f64a99cb2aae3076fa1c153cda42497ca47715374351aa3 |
| OpenAccessLink | https://doi.org/10.1145/3691620.3695512 |
| PageCount | 13 |
| ParticipantIDs | ieee_primary_10764922 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-Oct.-27 |
| PublicationDateYYYYMMDD | 2024-10-27 |
| PublicationDate_xml | – month: 10 year: 2024 text: 2024-Oct.-27 day: 27 |
| PublicationDecade | 2020 |
| PublicationTitle | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] |
| PublicationTitleAbbrev | ASE |
| PublicationYear | 2024 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssib057256116 ssj0051577 |
| Score | 2.3354266 |
| Snippet | We investigate a modification of the classical Bounded Model Checking (BMC) procedure that does not handle loops through unrolling but via modifications to the... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1395 |
| SubjectTerms | Benchmark testing Bounded Model Checking Closed box Flow graphs Glass box Invariant Generation Large language models Model checking Program Verification Software engineering Transforms |
| Title | LLM-Generated Invariants for Bounded Model Checking Without Loop Unrolling |
| URI | https://ieeexplore.ieee.org/document/10764922 |
| WOSCitedRecordID | wos001353105400112&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELWgYmAqH0V8ywNrQHYcX7xSUQEKVQcK3aqL7aiVUFKVtL-fc9KCGBjYEk-WL3f3nnN3j7GbOJVW2kJFWICKlE3yyCBglDqjbepiwKYY8y2D4TCdTMxo06ze9MJ475viM38bHpt_-a6yq3BVRh4OWhlJEXcXQLfNWtuPJwFK3iJgnTYMU54G2MzyESq5izUBIUkcVRsCCfKXmEqTSwbdf-7igPV-uvL46DvfHLIdXx6x7laWgW-89Jg9Z9lL1I6TJjjJn8o18eFQ7sIJoPL7oKNEy0EE7YP3Z96Gy3L-Pq9n1armWVUt-LhctrO6e2w8eHjtP0YbyYQIiTnVEQh0uXCJcwlZR4AwhVZojM0loid_1gUKS1HOOlTEvMCiAqB3AhKJQIxPWKesSn_KeA7gi8JhkYNVUlgEiLXPyYAqJw6IZ6wXzma6aKdiTLfHcv7H-gXblwQIQtyXcMk69XLlr9ieXdfzz-V1Y8sv3Muf6w |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELVQQYKpfBTxjQfWAHacXLJSUbWQVh1a6FZdbEethJKqpP39nJMWxMDAlniyfLl775y7e4zd-ZHUUmfKwwyUp3SQejECepGJQx0ZH7AqxnxLYDCIJpN4uGlWr3phrLVV8Zm9d4_Vv3xT6JW7KiMPh1DFkiLubqCUfKzbtbafTwAE38KxnToQE1IDbKb5CBU8-CFRIUlZahgTTZC_5FQqNOk0_7mPQ9b66cvjw2_EOWI7Nj9mza0wA9_46Ql7SZK-Vw-UJkLJe_maMmJX8MKJovInp6REy04G7YO3Z1a763L-Pi9nxarkSVEs-Dhf1tO6W2zceR61u95GNMFDyp1KDwSaVJjAmIDsI0DEWagwjnUqES15dJih0BTntEFFuRdoVAD0TlQiEIj-KWvkRW7PGE8BbJYZzFLQSgqNAH5oUzKhSikLxHPWcmczXdRzMabbY7n4Y_2W7XdH_WSa9Aavl-xAEj1wKCDhijXK5cpesz29Luefy5vKrl9eVKMy |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%3A+%5Bproceedings%5D&rft.atitle=LLM-Generated+Invariants+for+Bounded+Model+Checking+Without+Loop+Unrolling&rft.au=Pirzada%2C+Muhammad+A.+A.&rft.au=Bhayat%2C+Ahmed&rft.au=Cordeiro%2C+Lucas+C.&rft.au=Reger%2C+Giles&rft.date=2024-10-27&rft.pub=ACM&rft.eissn=2643-1572&rft.spage=1395&rft.epage=1407&rft_id=info:doi/10.1145%2F3691620.3695512&rft.externalDocID=10764922 |