Advertisement

Non-monotonic Refinement of Control Abstraction for Concurrent Programs

  • Ashutosh Gupta
  • Corneliu Popeea
  • Andrey Rybalchenko
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6252)

Abstract

Verification based on abstraction refinement is a successful technique for checking program properties. Conventional abstraction refinement schemes increase precision of the abstraction monotonically, and therefore cannot recover from overly precise refinement decisions. This problem is exacerbated in the context of multi-threaded programs, where keeping track of all control locations in concurrent threads is the inevitably discovered abstraction and is prohibitively expensive. In contrast to the conventional (partition refinement-based) approaches, non-monotonic abstraction refinement schemes rely on re-partitioning and have promising potential for avoiding excess of precision. In this paper, we propose a non-monotonic refinement scheme for the control abstraction (of concurrent programs). Our approach employs a constraint solver to discover re-partitioning at each refinement step. An experimental evaluation of our non-monotonic control abstraction refinement on a collection of multi-threaded verification benchmarks indicates its effectiveness in practice.

Keywords

Critical Section Reachable State Abstract Domain Predicate Abstraction Abstraction Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ball, T., Podelski, A., Rajamani, S.K.: Relative completeness of abstraction refinement for software model checking. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, p. 158. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Ball, T., Rajamani, S.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, p. 103. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Ball, T., Rajamani, S.K.: The SLAM project: debugging system software via static analysis. In: POPL (2002)Google Scholar
  4. 4.
    Beyer, D., Henzinger, T.A., Majumdar, R., Rybalchenko, A.: Path invariants. In: PLDI (2007)Google Scholar
  5. 5.
    Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: A static analyzer for large safety-critical software. In: PLDI (2003)Google Scholar
  6. 6.
    Chaki, S., Clarke, E.M., Groce, A., Ouaknine, J., Strichman, O., Yorav, K.: Efficient verification of sequential and concurrent C programs. Formal Methods in System Design 25(2-3), 129–166 (2004)CrossRefzbMATHGoogle Scholar
  7. 7.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Cohen, A., Namjoshi, K.S.: Local proofs for global safety properties. Formal Methods in System Design 34(2), 104–125 (2009)CrossRefzbMATHGoogle Scholar
  9. 9.
    Cook, B., Podelski, A., Rybalchenko, A.: Termination proofs for systems code. In: PLDI (2006)Google Scholar
  10. 10.
    Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL (1977)Google Scholar
  11. 11.
    Cousot, P., Ganty, P., Raskin, J.-F.: Fixpoint-guided abstraction refinements. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 333–348. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    de Moura, L.M., Bjørner, N.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Ferrara, P., Logozzo, F., Fähndrich, M.: Safer unsafe code for.NET. In: OOPSLA (2008)Google Scholar
  14. 14.
    Flanagan, C., Freund, S.N., Qadeer, S.: Thread-modular verification for shared-memory programs. In: Le Métayer, D. (ed.) ESOP 2002. LNCS, vol. 2305, pp. 262–277. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Flanagan, C., Qadeer, S.: Thread-modular model checking. In: Ball, T., Rajamani, S.K. (eds.) SPIN 2003. LNCS, vol. 2648, pp. 213–224. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Glusman, M., Kamhi, G., Mador-Haim, S., Fraer, R., Vardi, M.Y.: Multiple-counterexample guided iterative abstraction refinement: An industrial evaluation. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 176–191. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Gulavani, B.S., Chakraborty, S., Nori, A.V., Rajamani, S.K.: Automatically refining abstract interpretations. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 443–458. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Gulavani, B.S., Rajamani, S.K.: Counterexample driven refinement for abstract interpretation. In: Hermanns, H., Palsberg, J. (eds.) TACAS 2006. LNCS, vol. 3920, pp. 474–488. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Gupta, A., Clarke, E.M.: Reconsidering CEGAR: Learning good abstractions without refinement. In: ICCD, pp. 591–598 (2005)Google Scholar
  20. 20.
    Gupta, A., Popeea, C., Rybalchenko, A.: (2009) (in preparation), http://www.model.in.tum.de/~popeea/research/environment.pdf
  21. 21.
    Henzinger, T.A., Jhala, R., Majumdar, R., McMillan, K.L.: Abstractions from proofs. In: POPL (2004)Google Scholar
  22. 22.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL (2002)Google Scholar
  23. 23.
    Ivancic, F., Yang, Z., Ganai, M.K., Gupta, A., Shlyakhter, I., Ashar, P.: F-soft: Software verification platform. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 301–306. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Jhala, R., McMillan, K.L.: Array abstractions from proofs. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 193–206. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Lamport, L.: A new solution of Dijkstra’s concurrent programming problem. ACM Commun. 17(8), 453–455 (1974)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Lu, S., Park, S., Seo, E., Zhou, Y.: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. In: ASPLOS (2008)Google Scholar
  27. 27.
    Manna, Z., Pnueli, A.: Temporal verification of reactive systems: safety. Springer, Heidelberg (1995)CrossRefzbMATHGoogle Scholar
  28. 28.
    McMillan, K.L.: Lazy abstraction with interpolants. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 123–136. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  29. 29.
    McMillan, K.L., Amla, N.: Automatic abstraction without counterexamples. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 2–17. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  30. 30.
    Podelski, A., Rybalchenko, A.: ARMC: The logical choice for software model checking with abstraction refinement. In: PADL (2007)Google Scholar
  31. 31.
    Qadeer, S., Wu, D.: KISS: keep it simple and sequential. In: PLDI, pp. 14–24 (2004)Google Scholar
  32. 32.
    Ranzato, F., Rossi-Doria, O., Tapparo, F.: A forward-backward abstraction refinement algorithm. In: Logozzo, F., Peled, D.A., Zuck, L.D. (eds.) VMCAI 2008. LNCS, vol. 4905, pp. 248–262. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Ashutosh Gupta
    • 1
  • Corneliu Popeea
    • 1
  • Andrey Rybalchenko
    • 1
  1. 1.Technische Universität MünchenGermany

Personalised recommendations