Advertisement

Counter-Example Guided Program Verification

  • Parosh Aziz Abdulla
  • Mohamed Faouzi Atig
  • Bui Phi Diep
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9995)

Abstract

This paper presents a novel counter-example guided abstraction refinement algorithm for the automatic verification of concurrent programs. Our algorithm proceeds in different steps. It first constructs an abstraction of the original program by slicing away a given subset of variables. Then, it uses an external model checker as a backend tool to analyze the correctness of the abstract program. If the model checker returns that the abstract program is safe then we conclude that the original one is also safe. If the abstract program is unsafe, we extract an “abstract” counter-example. In order to check if the abstract counter-example can lead to a real counter-example of the original program, we add back to the abstract counter-example all the omitted variables (that have been sliced away) to obtain a new program. Then, we call recursively our algorithm on the new obtained program. If the recursive call of our algorithm returns that the new program is unsafe, then we can conclude that the original program is also unsafe and our algorithm terminates. Otherwise, we refine the abstract program by removing the abstract counter-example from its set of possible runs. Finally, we repeat the procedure with the refined abstract program. We have implemented our algorithm, and run it successfully on the concurrency benchmarks in SV-COMP15. Our experimental results show that our algorithm significantly improves the performance of the backend tool.

Keywords

Model Checker Dependency Graph Shared Variable Conditional Statement Concurrent Program 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
  2. 2.
  3. 3.
    Abdulla, P.A., Aronis, S., Jonsson, B., Sagonas, K.F.: Optimal dynamic partial order reduction. In: POPL, pp. 373–384. ACM (2014)Google Scholar
  4. 4.
    Ball, T., Rajamani, S.K.: The SLAM project: debugging system software via static analysis. In: POPL, pp. 1–3. ACM (2002)Google Scholar
  5. 5.
    Beyer, D., Henzinger, T.A., Jhala, R., Majumdar, R.: The software model checker blast. STTT 9(5–6), 505–525 (2007)CrossRefGoogle Scholar
  6. 6.
    Beyer, D., Keremoglu, M.E.: CPAchecker: a tool for configurable software verification. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 184–190. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22110-1_16 CrossRefGoogle Scholar
  7. 7.
    Bindal, S., Bansal, S., Lal, A.: Variable and thread bounding for systematic testing of multithreaded programs. In: ISSTA, pp. 145–155. ACM (2013)Google Scholar
  8. 8.
    Chaki, S., Clarke, E.M., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. IEEE Trans. Softw. Eng. 30(6), 388–402 (2004)CrossRefGoogle Scholar
  9. 9.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement for symbolic model checking. J. ACM 50(5), 752–794 (2003)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24730-2_15 CrossRefGoogle Scholar
  11. 11.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL, pp. 58–70. ACM (2002)Google Scholar
  12. 12.
    Komuravelli, A., Gurfinkel, A., Chaki, S., Clarke, E.M.: Automatic abstraction in SMT-based unbounded software model checking. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 846–862. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39799-8_59 CrossRefGoogle Scholar
  13. 13.
    Kurshan, R.P.: Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach. Princeton University Press, Princeton (1994)MATHGoogle Scholar
  14. 14.
    Kurshan, R.P.: Program verification. Not. AMS 47(5), 534–545 (2000)MathSciNetMATHGoogle Scholar
  15. 15.
    Lal, A., Qadeer, S., Lahiri, S.K.: A solver for reachability modulo theories. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 427–443. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31424-7_32 CrossRefGoogle Scholar
  16. 16.
    Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Commun. ACM 21(7), 558–565 (1978)CrossRefMATHGoogle Scholar
  17. 17.
    Saïdi, H.: Model checking guided abstraction and analysis. In: Palsberg, J. (ed.) SAS 2000. LNCS, vol. 1824, pp. 377–396. Springer, Heidelberg (2000). doi: 10.1007/978-3-540-45099-3_20 CrossRefGoogle Scholar
  18. 18.
    Valdiviezo, M., Cifuentes, C., Krishnan, P.: A method for scalable and precise bug finding using program analysis and model checking. In: Garrigue, J. (ed.) APLAS 2014. LNCS, vol. 8858, pp. 196–215. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-12736-1_11 Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Parosh Aziz Abdulla
    • 1
  • Mohamed Faouzi Atig
    • 1
  • Bui Phi Diep
    • 1
  1. 1.Uppsala UniversityUppsalaSweden

Personalised recommendations