Up Next

1  Introduction

Blast (Berkeley Lazy Abstraction Software Verification Tool) is a verification system for checking safety properties of C programs. Blast implements an abstract--model check--refine loop to check for reachability of a specified label in the program. The abstract model is built on the fly using predicate abstraction. This is model checked. If there is no path to the specified error label, Blast reports that the system is safe. Otherwise, it checks if the path is feasible using symbolic execution of the program. If the path is feasible, Blast outputs the path as an error trace, otherwise, it uses the infeasibility of the path to refine the abstract model. The algorithm of Blast is described in the paper ``Lazy Abstraction'' (by Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Gregoire Sutre, in Proceedings of the ACM SIGPLAN-SIGACT Conference on Principles of Programming Languages, pages 58-70, 2002).

Blast is relatively independent on the underlying machine and compiler. However, Blast has only been tested on Intel x86 using the Ocaml (Version 3.04) compiler on Linux and Microsoft Windows under cygwin. A Postscript version of this document is also available here.


Up Next