Lazy Constrained Monotonic Abstraction

We introduce Lazy Constrained Monotonic Abstraction lazy CMA for short for lazily and soundly exploring well structured abstractions of infinite state non-monotonic systems. CMA makes use of infinite state and well structured abstractions by forcing monotonicity wrt. refinable orderings. The new orderings can be refined based on obtained false positives in a CEGAR like fashion. This allows for the verification of systems that are not monotonic and are hence inherently beyond the reach of classical analysis based on the theory of well structured systems. In this paper, we consistently improve on the existing approach by localizing refinements and by avoiding to trash the explored state space each time a refinement step is required for the ordering. To this end, we adapt ideas from classical lazy predicate abstraction and explain how we address the fact that the number of control points i.e., minimal elements to be visited is a priori unbounded. This is unlike the case of plain lazy abstraction which relies on the fact that the number of control locations is finite. We propose several heuristics and report on our experiments using our open source prototype. We consider both backward and forward explorations on non-monotonic systems automatically derived from concurrent programs. Intuitively, the approach could be regarded as using refinable upward closure operators as localized widening operators for an a priori arbitrary number of control points.

[1]  Nobuko Yoshida,et al.  Dynamic deadlock verification for general barrier synchronisation , 2015, PPoPP.

[2]  Ruzica Piskac,et al.  Incremental, Inductive Coverability , 2013, CAV.

[3]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[4]  Giorgio Delzanno Automatic Verification of Parameterized Cache Coherence Protocols , 2000, CAV.

[5]  Parosh Aziz Abdulla,et al.  Regular Model Checking Without Transducers (On Efficient Verification of Parameterized Systems) , 2007, TACAS.

[6]  Jérôme Leroux,et al.  FAST Extended Release , 2006, CAV.

[7]  Jean-François Raskin,et al.  Expand, Enlarge and Check... Made Efficient , 2005, CAV.

[8]  Parosh Aziz Abdulla,et al.  Parameterized Verification of Infinite-State Processes with Global Conditions , 2007, CAV.

[9]  Silvio Ghilardi,et al.  MCMT: A Model Checker Modulo Theories , 2010, IJCAR.

[10]  Kenneth L. McMillan,et al.  Lazy Abstraction with Interpolants , 2006, CAV.

[11]  Daniel Kroening,et al.  Wolverine: Battling Bugs with Interpolants - (Competition Contribution) , 2012, TACAS.

[12]  Daniel Kroening,et al.  Counterexample-guided abstraction refinement for symmetric concurrent programs , 2012, Formal Methods in System Design.

[13]  Philippe Schnoebelen,et al.  Well-structured transition systems everywhere! , 2001, Theor. Comput. Sci..

[14]  Graham Higman,et al.  Ordering by Divisibility in Abstract Algebras , 1952 .

[15]  Daniel Kroening,et al.  Efficient Coverability Analysis by Proof Minimization , 2012, CONCUR.

[16]  Parosh Aziz Abdulla,et al.  Constrained Monotonic Abstraction: A CEGAR for Parameterized Verification , 2010, CONCUR.

[17]  Andreas Podelski,et al.  Proofs that count , 2014, POPL.

[18]  Daniel Kroening,et al.  SATABS: SAT-Based Predicate Abstraction for ANSI-C , 2005, TACAS.

[19]  Alain Finkel,et al.  FASTer Acceleration of Counter Automata in Practice , 2004, TACAS.

[20]  Ahmed Bouajjani,et al.  Programs with Lists Are Counter Automata , 2006, CAV.

[21]  Thomas Wahl,et al.  Infinite-state backward exploration of Boolean broadcast programs , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[22]  Petru Eles,et al.  Abstracting and Counting Synchronizing Processes , 2015, VMCAI.

[23]  Sriram K. Rajamani,et al.  The SLAM project: debugging system software via static analysis , 2002, POPL '02.

[24]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[25]  Parosh Aziz Abdulla,et al.  General decidability theorems for infinite-state systems , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.