Yasm: A Software Model-Checker for Verification and Refutation

ions. Following SLAM, abstractions are represented by Boolean Programs. Unlike SLAM, the semantics of these programs is given via a variant of Mixed Transition Systems (MixTS) [7, 11]. Compared to Modal and 3-valued TSs, MixTSs allow for (a) 1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: int p1,p2,p3,x,y; p1=p2=p3=x=y=5; if(p3<=0) return; if(y<0) {if(x>2){ if(y>10) {if(p2>0) ERROR;}} if(p1>0) ERROR; } else { if(p2>0) {if(p1>0) x = x+1; if(p2>0) x = x+2; if(p3<=0) x = x+3; if(x>40) if(p1>0) ERROR; if(p1>0) ERROR;}} (b) 1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: bool b1,b2,b3; b1=b2=b3=1; if (b3) return; if(*) {if(*){ if(*) {if(b2) ERROR;}} if(b1) ERROR; } else { if(b2) {if(b1) ; if(b2) ; if(b3) ; if(*) if(b1) ERROR; if(b1) ERROR;}} Fig. 1. (a) A C program. (b) An abstraction of (a) using predicates b1:{p1>0}, b2:{p2>0},