Skip to main content
SpringerLink
Log in

Counterexample Guided Abstraction Refinement Via Program Execution

  • Conference paper
Formal Methods and Software Engineering (ICFEM 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3308))

Included in the following conference series:

Abstract

Software model checking tools based on a Counterexample Guided Abstraction Refinement (CEGAR) framework have attained considerable success in limited domains. However, scaling these approaches to larger programs with more complex data structures and initialization behavior has proven difficult. Explicit-state model checkers making use of states and operational semantics closely related to actual program execution have dealt with complex data types and semantic issues successfully, but do not deal as well with very large state spaces. This paper presents an approach to software model checking that actually executes the program in order to drive abstraction-refinement. The inputs required for the execution are derived from the abstract model. Driving the abstraction-refinement loop with a combination of constant-sized (and thus scalable) Boolean satisfiability-based simulation and actual program execution extends abstraction-based software model checking to a much wider array of programs than current tools can handle, in the case of programs containing errors. Experimental results from applying the CRunner tool, which implements execution-based refinement, to faulty and correct C programs demonstrate the practical utility of the idea.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ball, T.: Abstraction-guided test generation: A case study. Technical Report 2003-86, Microsoft Research (November 2003)

    Google Scholar 

  2. Ball, T.: A theory of predicate-complete test coverage and generation. Technical Report 2004-28, Microsoft Research (April 2004)

    Google Scholar 

  3. Ball, T., Cook, B., Das, S., Rajamani, S.K.: Refining approximations in software predicate abstraction. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 388–403. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Ball, T., Rajamani, S.: Boolean programs: A model and process for software analysis. Technical Report 2000-14, Microsoft Research (February 2000)

    Google Scholar 

  5. Ball, T., Rajamani, S.: Automatically validating temporal safety properties of interfaces. In: SPIN Workshop on Model Checking of Software, pp. 103–122 (2001)

    Google Scholar 

  6. Ball, T., Rajamani, S.: Generating abstract explanations of spurious counterexamples in C programs analysis. Technical Report 2002-09, Microsoft Research (January 2002)

    Google Scholar 

  7. Beyer, D., Chlipala, A., Henzinger, T., Jhala, R., Majumdar, R.: Generating tests from counterexamples. In: International Conference of Software Engineering (to appear, 2004)

    Google Scholar 

  8. Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. IEEE Transactions on Software Engineering 30(6), 388–402 (2004)

    Article  Google Scholar 

  9. Chaki, S., Clarke, E., Groce, A., Ouaknine, J., Strichman, O., Yorav, K.: Efficient verification of sequential and concurrent C programs. Formal Methods in System Design (to appear, 2004)

    Google Scholar 

  10. Cimatti, A., Clarke, E., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: NuSMV 2: An openSource tool for symbolic model checking. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, p. 359. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Computer Aided Verification, pp. 154–169 (2000)

    Google Scholar 

  12. Clarke, E., Grumberg, O., Long, D.: Model checking and abstraction. In: POPL (January 1992)

    Google Scholar 

  13. Clarke, E., Kroening, D., Sharygina, N., Yorav, K.: Predicate abstraction of ANSI-C programs using SAT. Formal Methods in System Design (to appear, 2004)

    Google Scholar 

  14. Clarke, E., Talupur, M., Veith, H., Wang, D.: SAT based predicate abstraction for hardware verification. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 78–92. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  15. Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: A theorem prover for program checking. Technical Report HPL-2003-148, HP Labs (July 2003)

    Google Scholar 

  16. Godefroid, P.: VeriSoft: a tool for the automatic analysis of concurrent reactive software. In: Computer Aided Verification, pp. 172–186 (1997)

    Google Scholar 

  17. Graf, S., Saidi, H.: Construction of abstract state graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)

    Google Scholar 

  18. Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: Principles of Programming Languages, pp. 58–70 (2002)

    Google Scholar 

  19. Jain, H., Kroening, D., Clarke, E.: Verification of SpecC using Predicate Abstraction. In: MEMOCODE 2004. IEEE, Los Alamitos (2004)

    Google Scholar 

  20. Kurshan, R.P.: Computer-Aided Verification of Coordinating Processes: The Automata- Theoretic Approach. Princeton University Press, Princeton (1995)

    MATH  Google Scholar 

  21. Musuvathi, M., Park, D., Chou, A., Engler, D., Dill, D.: CMC: a pragmatic approach to model checking real code. In: Symposium on Operating System Design and Implementation (2002)

    Google Scholar 

  22. Podelski, T.B.A., Rajamani, S.K.: Relative completeness of abstraction refinement for software model checking. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 158–172 (2002)

    Google Scholar 

  23. Robby, Rodriguez, E., Dwyer, M., Hatcliff., J.: Checking strong specifications using an extensible software model checking framework. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 404–420. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  24. Visser, W., Havelund, K., Brat, G., Park, S., Lerda, F.: Model checking programs. Automated Software Engineering 10(2), 203–232 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Carnegie Mellon University, Pittsburgh, PA, 15213

    Daniel Kroening, Alex Groce & Edmund Clarke

Authors
  1. Daniel Kroening
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alex Groce
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edmund Clarke
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing, Queen’s University, K7L 3N6, Kingston, ON, Canada

    Jim Davies

  2. Microsoft Research, One Microsoft Way, WA 98052, Redmond, USA

    Wolfram Schulte

  3. Microsoft Research, WA 98052, Redmond, USA

    Mike Barnett

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kroening, D., Groce, A., Clarke, E. (2004). Counterexample Guided Abstraction Refinement Via Program Execution. In: Davies, J., Schulte, W., Barnett, M. (eds) Formal Methods and Software Engineering. ICFEM 2004. Lecture Notes in Computer Science, vol 3308. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30482-1_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30482-1_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23841-6

  • Online ISBN: 978-3-540-30482-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation