Efficient CTL model-checking for pushdown systems

Abstract Pushdown systems (PDS) are well adapted to model sequential programs with (possibly recursive) procedure calls. Therefore, it is important to have efficient model checking algorithms for PDSs. We consider in this paper CTL model checking for PDSs. We consider the “standard” CTL model checking problem where whether a configuration of a PDS satisfies an atomic proposition or not depends only on the control state of the configuration. We consider also CTL model checking with regular valuations, where the set of configurations in which an atomic proposition holds is a regular language. We reduce these problems to the emptiness problem in Alternating Buchi Pushdown Systems, and we give an algorithm to solve this emptiness problem. Our algorithms are more efficient than the other existing algorithms for CTL model checking for PDSs in the literature. We implemented our techniques in a tool, and we applied it to different case studies. Our results are encouraging. In particular, we were able to confirm the existence of known bugs in Linux source code.

[1]  Javier Esparza,et al.  Model-Checking LTL with Regular Valuations for Pushdown Systems , 2001, TACS.

[2]  Tayssir Touili,et al.  PuMoC: a CTL model-checker for sequential programs , 2012, 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering.

[3]  Orna Kupferman,et al.  An Automata-Theoretic Approach to Infinite-State Systems , 2010, Essays in Memory of Amir Pnueli.

[4]  Javier Esparza,et al.  Efficient Algorithms for Alternating Pushdown Systems with an Application to the Computation of Certificate Chains , 2006, ATVA.

[5]  Aniello Murano,et al.  Pushdown module checking , 2005, Formal Methods Syst. Des..

[6]  Thierry Cachat,et al.  Uniform Solution of Parity Games on Prefix-Recognizable Graphs , 2003, INFINITY.

[7]  Stefan Schwoon,et al.  Model checking pushdown systems , 2002 .

[8]  Stephan Merz,et al.  Model Checking , 2000 .

[9]  Javier Esparza,et al.  Reachability Analysis of Pushdown Automata: Application to Model-Checking , 1997, CONCUR.

[10]  Igor Walukiewicz,et al.  Pushdown Processes: Games and Model-Checking , 1996, Inf. Comput..

[11]  Moshe Y. Vardi,et al.  Global Model-Checking of Infinite-State Systems , 2004, CAV.

[12]  Thierry Cachat Symbolic Strategy Synthesis for Games on Pushdown Graphs , 2002, ICALP.

[13]  C.-H. Luke Ong,et al.  Analysing Mu-Calculus Properties of Pushdown Systems , 2010, SPIN.

[14]  A. Tarski A LATTICE-THEORETICAL FIXPOINT THEOREM AND ITS APPLICATIONS , 1955 .

[15]  Javier Esparza,et al.  Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.

[16]  Bernhard Steffen,et al.  Composition, Decomposition and Model Checking of Pushdown Processes , 1995, Nord. J. Comput..

[17]  Orna Kupferman,et al.  An Automata-Theoretic Approach to Reasoning about Infinite-State Systems , 2000, CAV.

[18]  Igor Walukiewicz Model Checking CTL Properties of Pushdown Systems , 2000, FSTTCS.

[19]  RD(翻译) Composition 构好图,出好片 , 2010 .

[20]  Jens Knoop,et al.  An Automata-Theoretic Approach to Interprocedural Data-Flow Analysis , 1999, FoSSaCS.

[21]  Dinghao Wu,et al.  KISS: keep it simple and sequential , 2004, PLDI '04.

[22]  Bernhard Steffen,et al.  Model Checking the Full Modal Mu-Calculus for Infinite Sequential Processes , 1997, ICALP.

[23]  Rajeev Alur,et al.  Analysis of recursive state machines , 2001, TOPL.

[24]  Olivier Serre Note on winning positions on pushdown games with [omega]-regular conditions , 2003, Inf. Process. Lett..

[25]  C.-H. Luke Ong,et al.  A saturation method for the modal μ-calculus over pushdown systems , 2011, Inf. Comput..

[26]  Pierre Wolper,et al.  A direct symbolic approach to model checking pushdown systems , 1997, INFINITY.

[27]  David Harel,et al.  Deciding Emptiness for Stack Automata on Infinite Trees , 1994, Inf. Comput..

[28]  Javier Esparza,et al.  A BDD-Based Model Checker for Recursive Programs , 2001, CAV.

[29]  Laura Bozzelli,et al.  Complexity results on branching-time pushdown model checking , 2006, Theor. Comput. Sci..