On-the-fly decomposition of specifications in software model checking

Major breakthroughs have increased the efficiency and effectiveness of software model checking considerably, such that this technology is now applicable to industrial-scale software. However, verifying the full formal specification of a software system is still considered too complex, and in practice, sets of properties are verified one by one in isolation. We propose an approach that takes the full formal specification as input and first tries to verify all properties simultaneously in one verification run. Our verification algorithm monitors itself and detects situations for which the full set of properties is too complex. In such cases, we perform an automatic decomposition of the full set of properties into smaller sets, and continue the verification seamlessly. To avoid state-space explosion for large sets of properties, we introduce on-the-fly property weaving: properties get weaved into the program's transition system on the fly, during the analysis; which properties to weave and verify is determined dynamically during the verification process. We perform an extensive evaluation based on verification tasks that were derived from 4336 Linux kernel modules, and a set of properties that define the correct usage of the Linux API. Checking several properties simultaneously can lead to a significant performance gain, due to the fact that abstract models share many parts among different properties.

[1]  Shahid Ikram,et al.  Accelerated verification of RTL assertions based on satisfiability solvers , 2002, Seventh IEEE International High-Level Design Validation and Test Workshop, 2002..

[2]  Helmut Veith,et al.  Information Reuse for Multi-goal Reachability Analyses , 2013, ESOP.

[3]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[4]  Sriram Sankaranarayanan,et al.  DC2: A framework for scalable, scope-bounded software verification , 2011, 2011 26th IEEE/ACM International Conference on Automated Software Engineering (ASE 2011).

[5]  Thomas A. Henzinger,et al.  Extreme Model Checking , 2003, Verification: Theory and Practice.

[6]  E. M. Novikov An approach to implementation of aspect-oriented programming for C , 2013, Programming and Computer Software.

[7]  Mingsong Chen,et al.  Synchronized Generation of Directed Tests Using Satisfiability Solving , 2010, 2010 23rd International Conference on VLSI Design.

[8]  Patrice Godefroid,et al.  Active property checking , 2008, EMSOFT '08.

[9]  Vadim S. Mutilin,et al.  Checking several requirements at once by CEGAR , 2016, Programming and Computer Software.

[10]  Matthew B. Dwyer,et al.  Adaptive Online Program Analysis , 2007, 29th International Conference on Software Engineering (ICSE'07).

[11]  S. Sieber On a decision method in restricted second-order arithmetic , 1960 .

[12]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[13]  S. Rajamani,et al.  A decade of software model checking with SLAM , 2011, Commun. ACM.

[14]  Gianpiero Cabodi,et al.  Optimized model checking of multiple properties , 2011, 2011 Design, Automation & Test in Europe.

[15]  Dirk Beyer,et al.  Predicate abstraction with adjustable-block encoding , 2010, Formal Methods in Computer Aided Design.

[16]  Zurab Khasidashvili,et al.  Simultaneous SAT-Based Model Checking of Safety Properties , 2005, Haifa Verification Conference.

[17]  Kedar S. Namjoshi,et al.  Orion: High-Precision Methods for Static Error Analysis of C and C++ Programs , 2005, FMCO.

[18]  Sriram K. Rajamani,et al.  Thorough static analysis of device drivers , 2006, EuroSys.

[19]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[20]  Dirk Beyer,et al.  Precision reuse for efficient regression verification , 2013, ESEC/FSE 2013.

[21]  Swarat Chaudhuri,et al.  Instrumenting C Programs with Nested Word Monitors , 2007, SPIN.

[22]  David E. Muller,et al.  Infinite sequences and finite machines , 1963, SWCT.

[23]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[24]  Gary A. Kildall,et al.  A unified approach to global program optimization , 1973, POPL.

[25]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, Formal Methods Syst. Des..

[26]  Dirk Beyer,et al.  CPAchecker: A Tool for Configurable Software Verification , 2009, CAV.

[27]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[28]  Dirk Beyer,et al.  Software model checking via large-block encoding , 2009, 2009 Formal Methods in Computer-Aided Design.

[29]  Matthew B. Dwyer,et al.  Optimizing monitoring of finite state properties through monitor compaction , 2013, ISSTA.

[30]  J. Filliâtre,et al.  ACSL: ANSI/ISO C Specification Language , 2008 .

[31]  Stefano Quer,et al.  Fast Cone-Of-Influence computation and estimation in problems with multiple properties , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[32]  Dirk Beyer,et al.  Benchmarking and Resource Measurement , 2015, SPIN.

[33]  Thomas A. Henzinger,et al.  Program Analysis with Dynamic Precision Adjustment , 2008, 2008 23rd IEEE/ACM International Conference on Automated Software Engineering.

[34]  Sriram K. Rajamani,et al.  SLIC: A Specification Language for Interface Checking (of C) , 2002 .

[35]  Oscar Naim,et al.  MDL: a language and compiler for dynamic program instrumentation , 1997, Proceedings 1997 International Conference on Parallel Architectures and Compilation Techniques.

[36]  Albert Oliveras,et al.  SMT Techniques for Fast Predicate Abstraction , 2006, CAV.

[37]  Thomas A. Henzinger,et al.  The Blast Query Language for Software Verification , 2004, SAS.

[38]  Sriram Sankaranarayanan,et al.  Scalable and scope-bounded software verification in Varvel , 2014, Automated Software Engineering.

[39]  Albert Oliveras,et al.  6 Years of SMT-COMP , 2012, Journal of Automated Reasoning.

[40]  Matthew B. Dwyer,et al.  Green: reducing, reusing and recycling constraints in program analysis , 2012, SIGSOFT FSE.

[41]  Lieven Eeckhout,et al.  Statistically rigorous java performance evaluation , 2007, OOPSLA.

[42]  Ondrej Sery Enhanced Property Specification and Verification in BLAST , 2009, FASE.

[43]  Thomas A. Henzinger,et al.  Configurable Software Verification: Concretizing the Convergence of Model Checking and Program Analysis , 2007, CAV.

[44]  Alexandre Petrenko,et al.  Establishing Linux Driver Verification Process , 2009, Ershov Memorial Conference.

[45]  Dirk Beyer,et al.  Reliable and Reproducible Competition Results with BenchExec and Witnesses (Report on SV-COMP 2016) , 2016, TACAS.