Skip to main content
SpringerLink
Log in

Correctness Witness Validation by Abstract Interpretation

  • Conference paper
  • First Online:
Verification, Model Checking, and Abstract Interpretation (VMCAI 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14499))

Abstract

Witnesses record automated program analysis results and make them exchangeable. To validate correctness witnesses through abstract interpretation, we introduce a novel abstract operation unassume. This operator incorporates witness invariants into the abstract program state. Given suitable invariants, the unassume operation can accelerate fixpoint convergence and yield more precise results. We demonstrate the feasibility of this approach by augmenting an abstract interpreter with unassume operators and evaluating the impact of incorporating witnesses on performance and precision. Using manually crafted witnesses, we can confirm verification results for multi-threaded programs with a reduction in effort ranging from 7% to 47% in CPU time. More intriguingly, we discover that using witnesses from model checkers can guide our analyzer to verify program properties that it could not verify on its own.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Data Availability Statement

The benchmarks, tools and scripts used, as well as the raw results of the evaluation, are openly archived on Zenodo [52].

Notes

  1. 1.

    Redundant constraints are grayed out. They can be derived from non-redundant (non-grayed out) constraints using the octagon closure algorithm.

  2. 2.

    Complete computations for this and the following examples can be found in the extended version [51].

References

  1. Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.: Reduced certificates for abstraction-carrying code. In: Etalle, S., Truszczyński, M. (eds.) ICLP 2006. LNCS, vol. 4079, pp. 163–178. Springer, Heidelberg (2006). https://doi.org/10.1007/11799573_14

    Chapter  Google Scholar 

  2. Albert, E., Puebla, G., Hermenegildo, M.: Abstraction-carrying code. In: Baader, F., Voronkov, A. (eds.) LPAR 2005. LNCS (LNAI), vol. 3452, pp. 380–397. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-32275-7_25

    Chapter  Google Scholar 

  3. Amato, G., Scozzari, F.: Localizing widening and narrowing. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 25–42. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38856-9_4

    Chapter  Google Scholar 

  4. Amato, G., Scozzari, F., Seidl, H., Apinis, K., Vojdani, V.: Efficiently intertwining widening and narrowing. Sci. Comput. Program. 120, 1–24 (2016). https://doi.org/10.1016/j.scico.2015.12.005

    Article  Google Scholar 

  5. Apinis, K., Seidl, H., Vojdani, V.: Side-effecting constraint systems: a swiss army knife for program analysis. In: Jhala, R., Igarashi, A. (eds.) APLAS 2012. LNCS, vol. 7705, pp. 157–172. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35182-2_12

    Chapter  Google Scholar 

  6. Arceri, V., Mastroeni, I., Zaffanella, E.: Decoupling the ascending and descending phases in abstract interpretation. In: Programming Languages and Systems, pp. 25–44. Springer, Switzerland (2022), https://doi.org/10.1007/978-3-031-21037-2_2

  7. Ayaziová, P., Chalupa, M., Strejček, J.: Symbiotic-Witch: a Klee-based violation witness checker. In: TACAS 2022. LNCS, vol. 13244, pp. 468–473. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99527-0_33

    Chapter  Google Scholar 

  8. Bagnara, R., Hill, P.M., Ricci, E., Zaffanella, E.: Precise widening operators for convex polyhedra. Sci. Comput. Program. 58(1–2), 28–56 (2005). https://doi.org/10.1016/j.scico.2005.02.003

    Article  MathSciNet  Google Scholar 

  9. Baudin, P., et al.: The dogged pursuit of bug-free c programs: the frama-C software analysis platform. Commun. ACM 64(8), 56–68 (2021). https://doi.org/10.1145/3470569

    Article  Google Scholar 

  10. Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ANSI/ISO C specification language version 1.19 (2023). http://frama-c.com/download/acsl.pdf

  11. Benhamou, F., Goualard, F., Granvilliers, L., Puget, J.F.: Revising hull and box consistency. In: Logic Programming, pp. 230–244. The MIT Press (1999). https://doi.org/10.7551/mitpress/4304.003.0024

  12. Besson, F., Jensen, T., Pichardie, D.: Proof-carrying code from certified abstract interpretation and fixpoint compression. Theor. Comput. Sci. 364(3), 273–291 (2006). https://doi.org/10.1016/j.tcs.2006.08.012

    Article  MathSciNet  Google Scholar 

  13. Besson, F., Jensen, T., Turpin, T.: Small witnesses for abstract interpretation-based proofs. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 268–283. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71316-6_19

    Chapter  Google Scholar 

  14. Beyer, D.: Competition on software verification and witness validation: SV-COMP 2023. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 495–522. Springer, Switzerland (2023), https://doi.org/10.1007/978-3-031-30820-8_29

  15. Beyer, D., Dangl, M., Dietsch, D., Heizmann, M.: Correctness witnesses: exchanging verification results between verifiers. In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 326–337. ACM (2016). https://doi.org/10.1145/2950290.2950351

  16. Beyer, D., Dangl, M., Dietsch, D., Heizmann, M., Lemberger, T., Tautschnig, M.: Verification witnesses. ACM Trans. Softw. Eng. Methodol. 31(4), 1–69 (2022). https://doi.org/10.1145/3477579

    Article  Google Scholar 

  17. Beyer, D., Dangl, M., Dietsch, D., Heizmann, M., Stahlbauer, A.: Witness validation and stepwise testification across software verifiers. In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, pp. 721–733, ACM (2015). https://doi.org/10.1145/2786805.2786867

  18. Beyer, D., Dangl, M., Lemberger, T., Tautschnig, M.: Tests from witnesses. In: Dubois, C., Wolff, B. (eds.) TAP 2018. LNCS, vol. 10889, pp. 3–23. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92994-1_1

    Chapter  Google Scholar 

  19. Beyer, D., Kanav, S.: CoVeriTeam: on-demand composition of cooperative verification systems. In: TACAS 2022. LNCS, vol. 13243, pp. 561–579. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99524-9_31

    Chapter  Google Scholar 

  20. Beyer, D., Keremoglu, M.E.: CPAchecker: a tool for configurable software verification. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 184–190. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_16

    Chapter  Google Scholar 

  21. Beyer, D., Löwe, S., Wendler, P.: Reliable benchmarking: requirements and solutions. Int. J. Softw. Tools Technol. Transf. 21(1), 1–29 (2017). https://doi.org/10.1007/s10009-017-0469-y

    Article  Google Scholar 

  22. Beyer, D., Spiessl, M., Umbricht, S.: Cooperation between automatic and interactive software verifiers. In: Software Engineering and Formal Methods, pp. 111–128. Springer, Cham (2022), https://doi.org/10.1007/978-3-031-17108-6_7

  23. Beyer, D., Strejček, J.: Case study on verification-witness validators: where we are and where we go. In: Static Analysis, pp. 160–174. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22308-2_8

  24. Beyer, D., Wehrheim, H.: Verification artifacts in cooperative verification: survey and unifying component framework. In: Margaria, T., Steffen, B. (eds.) ISoLA 2020. LNCS, vol. 12476, pp. 143–167. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-61362-4_8

    Chapter  Google Scholar 

  25. Blanchet, B., et al.: A static analyzer for large safety-critical software. ACM SIGPLAN Not. 38(5), 196–207 (2003). https://doi.org/10.1145/780822.781153

    Article  Google Scholar 

  26. Boutonnet, R., Halbwachs, N.: Improving the results of program analysis by abstract interpretation beyond the decreasing sequence. Formal Methods Syst. Des. 53(3), 384–406 (2017). https://doi.org/10.1007/s10703-017-0310-y

    Article  Google Scholar 

  27. Cousot, P.: The calculational design of a generic abstract interpreter. In: Calculational System Design, NATO ASI Series F. IOS Press, Amsterdam (1999). https://www.di.ens.fr/cousot/COUSOTpapers/publications.www/Cousot-Marktoberdorf98.pdf.gz

  28. Cousot, P.: Abstracting induction by extrapolation and interpolation. In: D’Souza, D., Lal, A., Larsen, K.G. (eds.) VMCAI 2015. LNCS, vol. 8931, pp. 19–42. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46081-8_2

    Chapter  Google Scholar 

  29. Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, pp. 238–252. ACM Press (1977). https://doi.org/10.1145/512950.512973

  30. Cousot, P., Cousot, R.: Abstract interpretation frameworks. J. Log. Comput. 2(4), 511–547 (1992). https://doi.org/10.1093/logcom/2.4.511

    Article  MathSciNet  Google Scholar 

  31. Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Rival, X.: Why does Astrée scale up? Formal Methods Syst. Des. 35(3), 229–264 (2009). https://doi.org/10.1007/s10703-009-0089-6

    Article  Google Scholar 

  32. Dangl, M., Löwe, S., Wendler, P.: CPAchecker with support for recursive programs and floating-point arithmetic. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 423–425. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46681-0_34

    Chapter  Google Scholar 

  33. Farzan, A., Kincaid, Z.: Verification of parameterized concurrent programs by modular reasoning about data and control. In: Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 297–308. ACM (2012). https://doi.org/10.1145/2103656.2103693

  34. Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: generating compact verification conditions. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 193–205. ACM (2001). https://doi.org/10.1145/360204.360220

  35. Gopan, D., Reps, T.: Lookahead widening. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 452–466. Springer, Heidelberg (2006). https://doi.org/10.1007/11817963_41

    Chapter  Google Scholar 

  36. Goualard, F., Granvilliers, L.: Controlled propagation in continuous numerical constraint networks. In: Proceedings of the 2005 ACM Symposium on Applied Computing. ACM (2005). https://doi.org/10.1145/1066677.1066765

  37. Halbwachs, N., Henry, J.: When the decreasing sequence fails. In: Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460, pp. 198–213. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33125-1_15

    Chapter  Google Scholar 

  38. Haltermann, J., Wehrheim, H.: Information exchange between over- and underapproximating software analyses. In: Software Engineering and Formal Methods, pp. 37–54. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-17108-6_3

  39. Heizmann, M., et al.: Ultimate automizer and the commuhash normal form. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 577–581. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30820-8_39

  40. Heizmann, M., Hoenicke, J., Podelski, A.: Software model checking for people who love automata. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 36–52. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_2

    Chapter  Google Scholar 

  41. Jeannet, B., Miné, A.: Apron: a library of numerical abstract domains for static analysis. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 661–667. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02658-4_52

    Chapter  Google Scholar 

  42. Journault, M., Miné, A., Ouadjaout, A.: An abstract domain for trees with numeric relations. In: Caires, L. (ed.) ESOP 2019. LNCS, vol. 11423, pp. 724–751. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17184-1_26

    Chapter  Google Scholar 

  43. Ponce-de-León, H., Haas, T., Meyer, R.: Dartagnan: SMT-based violation witness validation (competition contribution). In: TACAS 2022. LNCS, vol. 13244, pp. 418–423. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99527-0_24

    Chapter  Google Scholar 

  44. Mihaila, B., Sepp, A., Simon, A.: Widening as abstract domain. In: Brat, G., Rungta, N., Venet, A. (eds.) NFM 2013. LNCS, vol. 7871, pp. 170–184. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38088-4_12

    Chapter  Google Scholar 

  45. Miné, A.: The octagon abstract domain. Higher-Order Symb. Comput. 19(1), 31–100 (2006). https://doi.org/10.1007/s10990-006-8609-1

    Article  Google Scholar 

  46. Miné, A.: Static analysis of run-time errors in embedded real-time parallel C programs. Logical Methods Comput. Sci. 8(1), 1–63 (2012). https://doi.org/10.2168/lmcs-8(1:26)2012

    Article  MathSciNet  Google Scholar 

  47. Miné, A.: Tutorial on static inference of numeric invariants by abstract interpretation. Found. Trends® Program. Lang. 4(3–4), 120–372 (2017). https://doi.org/10.1561/2500000034. https://hal.sorbonne-universite.fr/hal-01657536/document

  48. Monat, R., Miné, A.: Precise thread-modular abstract interpretation of concurrent programs using relational interference abstractions. In: Bouajjani, A., Monniaux, D. (eds.) VMCAI 2017. LNCS, vol. 10145, pp. 386–404. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52234-0_21

    Chapter  Google Scholar 

  49. Saan, S., et al.: Goblint: thread-modular abstract interpretation using side-effecting constraints. In: TACAS 2021. LNCS, vol. 12652, pp. 438–442. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-72013-1_28

    Chapter  Google Scholar 

  50. Saan, S., et al.: Goblint: autotuning thread-modular abstract interpretation. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 547–552. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30820-8_34

  51. Saan, S., Schwarz, M., Erhard, J., Seidl, H., Tilscher, S., Vojdani, V.: Correctness witness validation by abstract interpretation (2023). https://doi.org/10.48550/arXiv.2310.16572

  52. Saan, S., Schwarz, M., Erhard, J., Seidl, H., Tilscher, S., Vojdani, V.: Correctness witness validation by abstract interpretation (2023). https://doi.org/10.5281/zenodo.8253000, artifact

  53. Schwarz, M., Saan, S., Seidl, H., Apinis, K., Erhard, J., Vojdani, V.: Improving thread-modular abstract interpretation. In: Drăgoi, C., Mukherjee, S., Namjoshi, K. (eds.) SAS 2021. LNCS, vol. 12913, pp. 359–383. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88806-0_18

    Chapter  Google Scholar 

  54. Schwarz, M., Saan, S., Seidl, H., Erhard, J., Vojdani, V.: Clustered relational thread-modular abstract interpretation with local traces. In: Programming Languages and Systems, pp. 28–58. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30044-8_2

  55. Seidl, H., Vogler, R.: Three improvements to the top-down solver. Math. Struct. Comput. Sci. 31(9), 1090–1134 (2021). https://doi.org/10.1017/s0960129521000499

    Article  MathSciNet  Google Scholar 

  56. SoSy-Lab: YAML-based exchange format for correctness witnesses (2021). https://gitlab.com/sosy-lab/benchmarking/sv-witnesses/-/blob/main/README-YAML.md

  57. Strejček, J.: Issues related to the fact that the semantics of witnesses are defined over CFAs and the translation from C programs to CFAs is undefined (2022). https://gitlab.com/sosy-lab/benchmarking/sv-witnesses/-/blob/main/GraphML_witness_format_issues.pdf

  58. SV-COMP community: Community meeting (2023)

    Google Scholar 

  59. Švejda, J., Berger, P., Katoen, J.-P.: Interpretation-based violation witness validation for C: NITWIT. In: TACAS 2020. LNCS, vol. 12078, pp. 40–57. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45190-5_3

    Chapter  Google Scholar 

  60. Vojdani, V., Apinis, K., Rõtov, V., Seidl, H., Vene, V., Vogler, R.: Static race detection for device drivers: the Goblint approach. In: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. ACM (2016). https://doi.org/10.1145/2970276.2970337

  61. Ziat, G.: A combination of abstract interpretation and constraint programming. Theses, Sorbonne Université (2019). https://theses.hal.science/tel-03987752

Download references

Acknowledgements

This work was supported by Deutsche Forschungsgemeinschaft (DFG) - 378803395/2428 ConVeY and Shota Rustaveli National Science Foundation of Georgia under the project FR-21-7973.

Author information

Authors and Affiliations

  1. University of Tartu, Tartu, Estonia

    Simmo Saan & Vesal Vojdani

  2. Technische Universität München, Garching, Germany

    Michael Schwarz, Julian Erhard, Helmut Seidl & Sarah Tilscher

Authors
  1. Simmo Saan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Schwarz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Julian Erhard
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Helmut Seidl
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sarah Tilscher
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Vesal Vojdani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Simmo Saan .

Editor information

Editors and Affiliations

  1. CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

    Rayna Dimitrova

  2. Tel Aviv University, Tel Aviv, Israel

    Ori Lahav

  3. New York University, New York, NY, USA

    Sebastian Wolff

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Saan, S., Schwarz, M., Erhard, J., Seidl, H., Tilscher, S., Vojdani, V. (2024). Correctness Witness Validation by Abstract Interpretation. In: Dimitrova, R., Lahav, O., Wolff, S. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2024. Lecture Notes in Computer Science, vol 14499. Springer, Cham. https://doi.org/10.1007/978-3-031-50524-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-50524-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-50523-2

  • Online ISBN: 978-3-031-50524-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation