Formal Methods in System Design

, Volume 41, Issue 1, pp 25–44 | Cite as

Counterexample-guided abstraction refinement for symmetric concurrent programs

  • Alastair F. Donaldson
  • Alexander Kaiser
  • Daniel Kroening
  • Michael Tautschnig
  • Thomas Wahl
Article

Abstract

Predicate abstraction and counterexample-guided abstraction refinement (CEGAR) have enabled finite-state model checking of software written in mainstream programming languages. This combination of techniques has been successful in analysing system-level sequential C code. In contrast, there is little evidence of fruitful applications of CEGAR to shared-variable concurrent software. We attribute this gap to the lack of abstraction strategies that permit a scalable analysis of the resulting multi-threaded Boolean programs. The goal of this paper is to close this gap. We have developed a symmetry-aware CEGAR technique: it takes into account the replicated structure of programs that consist of many threads executing the same procedure, and generates a Boolean program template whose multi-threaded execution soundly overapproximates the original concurrent program. State explosion during model checking parallel instantiations of this template can now be absorbed by exploiting symmetry. We have implemented our method in a tool, SymmPa, and demonstrate its superior performance over alternative approaches on a range of synchronisation programs.

Keywords

Predicate abstraction Concurrent programs Symmetry reduction CEGAR 

References

  1. 1.
    Ball T, Cook B, Das S, Rajamani SK (2004) Refining approximations in software predicate abstraction. In: TACAS. Lecture notes in computer science, vol 2988. Springer, Berlin, pp 388–403 Google Scholar
  2. 2.
    Ball T, Majumdar R, Millstein TD, Rajamani SK (2001) Automatic predicate abstraction of C programs. In: Programming language design and implementation (PLDI), pp 203–213 Google Scholar
  3. 3.
    Ball T, Rajamani S (2002) The SLAM project: debugging system software via static analysis. In: Principles of programming languages (POPL), pp 1–3 Google Scholar
  4. 4.
    Basler G, Mazzucchi M, Wahl T, Kroening D (2010) Context-aware counter abstraction. Form Methods Syst Des 36(3):223–245 CrossRefMATHGoogle Scholar
  5. 5.
    Chaki S, Clarke EM, Kidd N, Reps T, Touili T (2006) Verifying concurrent message-passing C programs with recursive calls. In: Tools and algorithms for the construction and analysis of systems (TACAS). Lecture notes in computer science. Springer, Berlin, pp 334–349 CrossRefGoogle Scholar
  6. 6.
    Cimatti A, Micheli A, Narasamdya I, Roveri M (2010) Verifying SystemC: a software model checking approach. In: Formal methods in computer-aided design (FMCAD) Google Scholar
  7. 7.
    Clarke E, Grumberg O, Jha S, Lu Y, Veith H (2003) Counterexample-guided abstraction refinement for symbolic model checking. J ACM 50(5):752–794 MathSciNetCrossRefGoogle Scholar
  8. 8.
    Cook B, Kroening D, Sharygina N (2007) Verification of Boolean programs with unbounded thread creation. Theor Comput Sci 388(1–3):227–242 MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Corbet J, Rubini A, Kroah-Hartman G (2005) Linux device drivers, 3rd edn. O’Reilly Media, Sebastopol Google Scholar
  10. 10.
    Das S, Dill DL (2001) Successive approximation of abstract transition relations. In: Logic in computer science (LICS) Google Scholar
  11. 11.
    Donaldson AF, Kaiser A, Kroening D, Wahl T (2011) Symmetry-aware predicate abstraction for shared-variable concurrent programs. In: CAV. Lecture notes in computer science, vol 6806. Springer, Berlin, pp 356–371 Google Scholar
  12. 12.
    Donaldson AF, Kaiser A, Kroening D, Wahl T (2011) Symmetry-aware predicate abstraction for shared-variable concurrent programs (extended technical report). CoRR. arXiv:1102.2330
  13. 13.
    Donaldson AF, Miller A (2008) Automatic symmetry detection for Promela. J Autom Reason 41(3–4):251–293 CrossRefMATHGoogle Scholar
  14. 14.
    Flanagan C, Qadeer S (2003) Thread-modular model checking. In: Model checking of software (SPIN) Google Scholar
  15. 15.
    Graf S, Saïdi H (1997) Construction of abstract state graphs with PVS. In: Computer-aided verification (CAV). Lecture notes in computer science. Springer, Berlin, pp 72–83 CrossRefGoogle Scholar
  16. 16.
    Gupta A, Popeea C, Rybalchenko A (2011) Predicate abstraction and refinement for verifying multi-threaded programs. In: POPL. ACM, New York, pp 331–344 Google Scholar
  17. 17.
    Gupta A, Popeea C, Rybalchenko A (2011) Threader: a constraint-based verifier for multi-threaded programs. In: Computer-aided verification (CAV) Google Scholar
  18. 18.
    Henzinger T, Jhala R, Majumdar R, Qadeer S (2003) Thread-modular abstraction refinement. In: CAV. Lecture notes in computer science. Springer, Berlin, pp 262–274 Google Scholar
  19. 19.
    Henzinger T, Jhala R, Majumdar R (2004) Race checking by context inference. In: Programming language design and implementation (PLDI), pp 1–13 Google Scholar
  20. 20.
    Jones CB (1983) Tentative steps toward a development method for interfering programs. ACM Trans Program Lang Syst 5(4):596–619 CrossRefMATHGoogle Scholar
  21. 21.
    Kaiser A, Kroening D, Wahl T (2010) Dynamic cutoff detection in parameterized concurrent programs. In: Computer-aided verification (CAV) Google Scholar
  22. 22.
    Lu S, Park S, Seo E, Zhou Y (2008) Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. In: Architectural support for programming languages and operating systems (ASPLOS) Google Scholar
  23. 23.
    McKenney P (2007) Using Promela and Spin to verify parallel algorithms. LWN.net, weekly edition Google Scholar
  24. 24.
    Mellor-Crummey J, Scott M (1991) Algorithms for scalable synchronization on shared-memory multiprocessors. ACM Trans Comput Syst 9(1):21–65 CrossRefGoogle Scholar
  25. 25.
    Miller A, Donaldson A, Calder M (2006) Symmetry in temporal logic model checking. ACM Comput. Surv. 38(3) Google Scholar
  26. 26.
    Speer Owicki S (1975) Axiomatic proof techniques for parallel programs. PhD thesis, Cornell University Google Scholar
  27. 27.
    Peierls T, Goetz B, Bloch J, Bowbeer J, Lea D, Holmes D (2005) Java concurrency in practice. Addison-Wesley, Reading Google Scholar
  28. 28.
    Timm N, Wehrheim H (2010) On symmetries and spotlights—verifying parameterised systems. In: ICFEM. Lecture notes in computer science. Springer, Berlin, pp 534–548 Google Scholar
  29. 29.
    La Torre S, Madhusudan P, Parlato G (2010) Model-checking parameterized concurrent programs using linear interfaces. In: Computer-aided verification (CAV) Google Scholar
  30. 30.
    Wahl T, Donaldson A (2010) Replication and abstraction: symmetry in automated formal verification. Symmetry 2(2):799–847 MathSciNetCrossRefGoogle Scholar
  31. 31.
    Yang Y, Chen X, Gopalakrishnan G, Wang C (2009) Automatic discovery of transition symmetry in multithreaded programs using dynamic analysis. In: SPIN Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  • Alastair F. Donaldson
    • 1
  • Alexander Kaiser
    • 2
  • Daniel Kroening
    • 2
  • Michael Tautschnig
    • 2
  • Thomas Wahl
    • 3
  1. 1.Department of ComputingImperial College LondonLondonUK
  2. 2.Department of Computer ScienceUniversity of OxfordOxfordUK
  3. 3.College of Computer and Information ScienceNortheastern UniversityBostonUSA

Personalised recommendations