Advertisement

Symbolic Detection of Assertion Dependencies for Bounded Model Checking

  • Grigory Fedyukovich
  • Andrea Callia D’Iddio
  • Antti E. J. Hyvärinen
  • Natasha Sharygina
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9033)

Abstract

Automatically generating assertions through static or runtime analysis is becoming an increasingly important initial phase in many software testing and verification tool chains. The analyses may generate thousands of redundant assertions often causing problems later in the chain, including scalability issues for automatic tools or a prohibitively large amount of information for final processing. We present an algorithm which uses a SAT solver on a bounded symbolic encoding of the program to reveal the implication relationships among spatially close assertions for use in a variety of bounded model checking applications. Our experimentation with different applications demonstrates that this technique can be used to reduce the number of assertions that need to be checked thus improving overall performance.

Keywords

Model Check Dependency Relation Bound Model Check Symbolic Detection Function Summary 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without bDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Bruttomesso, R., Pek, E., Sharygina, N., Tsitovich, A.: The openSMT solver. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 150–153. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  3. 3.
    Cabodi, G., Lolacono, C., Vendraminetto, D.: Optimization techniques for Craig interpolant compaction in unbounded model checking. In: DATE 2013, pp. 1417–1422. ACM DL, EDA Consortium San Jose (2013)Google Scholar
  4. 4.
    Clarke, E., Kroning, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Clarke, E.M., Emerson, A.: Synthesis of Synchronization Skeletons for Branching Time Temporal Logic. In: Kozen, D. (ed.) Logic of Programs 1981. LNCS, vol. 131, Springer, Heidelberg (1982)CrossRefGoogle Scholar
  6. 6.
    Cobb, J., Jones, J.A., Kapfhammer, G.M., Harrold, M.J.: Dynamic invariant detection for relational databases. In: Proc. International Workshop on Dynamic Analysis 2011, pp. 12–17. ACM (2011)Google Scholar
  7. 7.
    Craig, W.: Three uses of the Herbrand-Genzen theorem in relating model theory and proof theory. JSL 22(3), 269–285 (1957)zbMATHMathSciNetGoogle Scholar
  8. 8.
    Dodoo, N., Donovan, A., Lin, L., Ernst, M.D.: Selecting predicates for implications in program analysis (2002), http://homes.cs.washington.edu/~mernst/pubs/invariants-implications.ps
  9. 9.
    Donaldson, A.F., Kroening, D., Rümmer, P.: Automatic analysis of scratch-pad memory code for heterogeneous multicore processors. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 280–295. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Ernst, M.D., Cockrell, J., Griswold, W.G., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering 27(2), 99–123 (2001)CrossRefGoogle Scholar
  11. 11.
    Fedyukovich, G., Sery, O., Sharygina, N.: eVolCheck: Incremental Upgrade Checker for C. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 292–307. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  12. 12.
    Fedyukovich, G., Sharygina, N.: Towards Completeness in Bounded Model Checking Through Automatic Recursion Depth Detection. In: Braga, C., Martí-Oliet, N. (eds.) SBMF 2014. LNCS, vol. 8941, pp. 96–112. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  13. 13.
    Flanagan, C., Rustan, K., Leino, M.: Houdini, an annotation assistant for eSC/Java. In: Oliveira, J.N., Zave, P. (eds.) FME 2001. LNCS, vol. 2021, pp. 500–517. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Ivancic, F., Yang, Z., Ganai, M.K., Gupta, A., Ashar, P.: Efficient SAT-based bounded model checking for software verification. TCS 404(3), 256–274 (2008)CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    Kroening, D., Sharygina, N., Tonetta, S., Tsitovich, A., Wintersteiger, C.M.: Loop summarization using state and transition invariants. Formal Methods in System Design 42(3), 221–261 (2013)CrossRefzbMATHGoogle Scholar
  16. 16.
    Lal, A., Qadeer, S.: A program transformation for faster goal-directed search. In: Proc. FMCAD 2014, pp. 147–154. IEEE (2014)Google Scholar
  17. 17.
    Mariani, L., Pastore, F., Pezzè, M.: Dynamic analysis for diagnosing integration faults. IEEE Transactions on Software Engineering 37(4), 486–508 (2011)CrossRefGoogle Scholar
  18. 18.
    Merz, F., Falke, S., Sinz, C.: LLBMC: Bounded Model Checking of C and C++ Programs Using a Compiler IR. In: Joshi, R., Müller, P., Podelski, A. (eds.) VSTTE 2012. LNCS, vol. 7152, pp. 146–161. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Nguyen, T., Kapur, D., Weimer, W., Forrest, S.: Using dynamic analysis to discover polynomial and array invariants. In: Proc. ICSE 2012, pp. 683–693. IEEE (2012)Google Scholar
  20. 20.
    Pastore, F., Mariani, L., Hyvärinen, A.E.J., Fedyukovich, G., Sharygina, N., Sehestedt, S., Muhammad, A.: Verification-aided regression testing. In: Proc. ISSTA 2014, pp. 37–48. ACM (2014)Google Scholar
  21. 21.
    Pudlák, P.: Lower bounds for resolution and cutting plane proofs and monotone computations. Journal of Symbolic Logic 62(3), 981–998 (1997)CrossRefzbMATHMathSciNetGoogle Scholar
  22. 22.
    Queille, J.-P., Sifakis, J.: Specification and verification of concurrent systems in CESAR. In: Dezani-Ciancaglini, M., Montanari, U. (eds.) Programming 1982. LNCS, vol. 137, pp. 337–351. Springer, Heidelberg (1982)CrossRefGoogle Scholar
  23. 23.
    Rollini, S.F., Alt, L., Fedyukovich, G., Hyvärinen, A.E.J., Sharygina, N.: PeRIPLO: A framework for producing effective interpolants in SAT-based software verification. In: McMillan, K., Middeldorp, A., Voronkov, A. (eds.) LPAR-19 2013. LNCS, vol. 8312, pp. 683–693. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  24. 24.
    Sery, O., Fedyukovich, G., Sharygina, N.: FunFrog: Bounded model checking with interpolation-based function summarization. In: Chakraborty, S., Mukund, M. (eds.) ATVA 2012. LNCS, vol. 7561, pp. 203–207. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  25. 25.
    Weiser, M.: Program slicing. In: Proc. ICSE 1981, pp. 439–449. IEEE (1981)Google Scholar
  26. 26.
    Yang, G., Khurshid, S., Person, S., Rungta, N.: Property differencing for incremental checking. In: Proc. ICSE 2014, pp. 1059–1070. ACM (2014)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  • Grigory Fedyukovich
    • 1
  • Andrea Callia D’Iddio
    • 2
  • Antti E. J. Hyvärinen
    • 1
  • Natasha Sharygina
    • 1
  1. 1.Formal Verification Lab of the Faculty of InformaticsUniversità della Svizzera italianaLuganoSwitzerland
  2. 2.University of Rome Tor VergataRomeItaly

Personalised recommendations