Non-monotonic Refinement of Control Abstraction for Concurrent Programs

Verification based on abstraction refinement is a successful technique for checking program properties. Conventional abstraction refinement schemes increase precision of the abstraction monotonically, and therefore cannot recover from overly precise refinement decisions. This problem is exacerbated in the context of multi-threaded programs, where keeping track of all control locations in concurrent threads is the inevitably discovered abstraction and is prohibitively expensive. In contrast to the conventional (partition refinement-based) approaches, nonmonotonic abstraction refinement schemes rely on re-partitioning and have promising potential for avoiding excess of precision. In this paper, we propose a non-monotonic refinement scheme for the control abstraction (of concurrent programs). Our approach employs a constraint solver to discover re-partitioning at each refinement step. An experimental evaluation of our non-monotonic control abstraction refinement on a collection of multi-threaded verification benchmarks indicates its effectiveness in practice.

[1]  Andreas Podelski,et al.  ARMC: The Logical Choice for Software Model Checking with Abstraction Refinement , 2007, PADL.

[2]  Zijiang Yang,et al.  F-Soft: Software Verification Platform , 2005, CAV.

[3]  Sriram K. Rajamani,et al.  The SLAM project: debugging system software via static analysis , 2002, POPL '02.

[4]  Sriram K. Rajamani,et al.  Automatically validating temporal safety properties of interfaces , 2001, SPIN '01.

[5]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[6]  G. S. Graham A New Solution of Dijkstra ' s Concurrent Programming Problem , 2022 .

[7]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[8]  Ranjit Jhala,et al.  Array Abstractions from Proofs , 2007, CAV.

[9]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[10]  Sriram K. Rajamani,et al.  Counterexample Driven Refinement for Abstract Interpretation , 2006, TACAS.

[11]  Thomas A. Henzinger,et al.  Path invariants , 2007, PLDI '07.

[12]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[13]  Kenneth L. McMillan,et al.  Automatic Abstraction without Counterexamples , 2003, TACAS.

[14]  Francesco Ranzato,et al.  A Forward-Backward Abstraction Refinement Algorithm , 2008, VMCAI.

[15]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[16]  Kenneth L. McMillan,et al.  Lazy Abstraction with Interpolants , 2006, CAV.

[17]  Alex Groce,et al.  Efficient Verification of Sequential and Concurrent C Programs , 2004, Formal Methods Syst. Des..

[18]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[19]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[20]  Thomas A. Henzinger,et al.  Abstractions from proofs , 2004, POPL.

[21]  Yuanyuan Zhou,et al.  Learning from mistakes: a comprehensive study on real world concurrency bug characteristics , 2008, ASPLOS.

[22]  Dinghao Wu,et al.  KISS: keep it simple and sequential , 2004, PLDI '04.

[23]  Andreas Podelski,et al.  Termination proofs for systems code , 2006, PLDI '06.

[24]  Cormac Flanagan,et al.  Thread-Modular Model Checking , 2003, SPIN.

[25]  Andreas Podelski,et al.  Relative Completeness of Abstraction Refinement for Software Model Checking , 2002, TACAS.

[26]  Kedar S. Namjoshi,et al.  Local proofs for global safety properties , 2007, Formal Methods Syst. Des..

[27]  Edmund M. Clarke,et al.  Reconsidering Cegar: learning good abstractions without refinement , 2005, 2005 International Conference on Computer Design.

[28]  Supratik Chakraborty,et al.  Automatically Refining Abstract Interpretations , 2008, TACAS.

[29]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[30]  Kedar S. Namjoshi,et al.  Local Proofs for Global Safety Properties , 2007, CAV.

[31]  Patrick Cousot,et al.  Fixpoint-Guided Abstraction Refinements , 2007, SAS.

[32]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[33]  Moshe Y. Vardi,et al.  Multiple-Counterexample Guided Iterative Abstraction Refinement: An Industrial Evaluation , 2003, TACAS.

[34]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[35]  Stephen N. Freund,et al.  Thread-Modular Verification for Shared-Memory Programs , 2002, ESOP.

[36]  Pietro Ferrara,et al.  Safer unsafe code for .NET , 2008, OOPSLA '08.

[37]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI.