Article

Abstractions from proofs

Authors:

Thomas A. Henzinger,

Rupak Majumdar, and

Kenneth L. McMillanAuthors Info & Claims

POPL '04: Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2004

Pages 232 - 244

https://doi.org/10.1145/964001.964021

Published: 01 January 2004 Publication History

Abstract

The success of model checking for large programs depends crucially on the ability to efficiently construct parsimonious abstractions. A predicate abstraction is parsimonious if at each control location, it specifies only relationships between current values of variables, and only those which are required for proving correctness. Previous methods for automatically refining predicate abstractions until sufficient precision is obtained do not systematically construct parsimonious abstractions: predicates usually contain symbolic variables, and are added heuristically and often uniformly to many or all control locations at once. We use Craig interpolation to efficiently construct, from a given abstract error trace which cannot be concretized, a parsominous abstraction that removes the trace. At each location of the trace, we infer the relevant predicates as an interpolant between the two formulas that define the past and the future segment of the trace. Each interpolant is a relationship between current values of program variables, and is relevant only at that particular program location. It can be found by a linear scan of the proof of infeasibility of the trace.We develop our method for programs with arithmetic and pointer expressions, and call-by-value function calls. For function calls, Craig interpolation offers a systematic way of generating relevant predicates that contain only the local variables of the function and the values of the formal parameters when the function was called. We have extended our model checker Blast with predicate discovery by Craig interpolation, and applied it successfully to C programs with more than 130,000 lines of code, which was not possible with approaches that build less parsimonious abstractions.

References

[1]

T. Ball, T. Millstein, and S.K. Rajamani. Polymorphic predicate abstraction. ACM Transactions on Programming Languages and Systems, 2003.

Digital Library

[2]

T. Ball and S.K. Rajamani. Personal communication.

[3]

T. Ball and S.K. Rajamani. Generating abstract explanations of spurious counterexamples in C programs. Technical Report MSR-TR-2002-09, Microsoft Research, 2002.

[4]

T. Ball and S.K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL 02: Principles of Programming Languages, pages 1--3. ACM, 2002.

Digital Library

[5]

R. Bodik, R. Gupta, and M.L. Soffa. Refining dataflow information using infeasible paths. In FSE 97: Foundations of Software Engineering, LNCS 1301, pages 361--377. Springer, 1997.

Digital Library

[6]

W.R. Bush, J.D. Pincus, and D.J. Sielaff. A static analyzer for finding dynamic programming errors. Software Practice and Experience, 30:775--802, 2000.

Digital Library

[7]

S. Chaki, E.M. Clarke, A. Groce, and O. Strichman. Predicate abstraction with minimum predicates. In CHARME 03: Correct Hardware Design and Verification, LNCS 2860, pages 19--34. Springer, 2003.

[8]

E.M. Clarke, O. Grumberg, S. Jha, Y. Lu, and H. Veith. Counterexample-guided abstraction refinement. In CAV 00: Computer-Aided Verification, LNCS 1855, pages 154--169. Springer, 2000.

Digital Library

[9]

W. Craig. Linear reasoning. J. Symbolic Logic, 22:250--268, 1957.

[10]

R. Cytron, J. Ferrante, B.K. Rosen, M.N. Wegman, and F.K. Zadek. Efficiently computing static single assignment form and the program dependence graph. ACM Transactions on Programming Languages and Systems, 13:451--490, 1991.

Digital Library

[11]

M. Das, S. Lerner, and M. Seigle. ESP: path-sensitive program verification in polynomial time. In PLDI 02: Programming Language Design and Implementation, pages 57--68. ACM, 2002.

Digital Library

[12]

C. Flanagan. Automatic software model checking using CLP. In ESOP 03: European Symposium on Programming, LNCS 2618, pages 189--203. Springer, 2003.

Digital Library

[13]

C. Flanagan, K.R.M. Leino, M. Lillibridge, G. Nelson, J.B. Saxe, and R. Stata. Extended static checking for Java. In PLDI 02: Programming Language Design and Implementation, pages 234--245. ACM, 2002.

Digital Library

[14]

C. Flanagan and J.B. Saxe. Avoiding exponential explosion: generating compact verification conditions. In POPL 01: Principles of Programming Languages, pages 193--205. ACM, 2001.

Digital Library

[15]

J.S. Foster, T. Terauchi, and A. Aiken. Flow-sensitive type qualifiers. In PLDI 02: Programming Language Design and Implementation, pages 1--12. ACM, 2002.

Digital Library

[16]

D. Gries. The Science of Programming. Springer, 1981.

[17]

T.A. Henzinger, R. Jhala, R. Majumdar, G.C. Necula, G. Sutre, and W. Weimer. Temporal-safety proofs for systems code. In CAV 02: Computer-Aided Verification, LNCS 2404, pages 526--538. Springer, 2002.

Digital Library

[18]

T.A. Henzinger, R. Jhala, R. Majumdar, and M.A.A. Sanvido. Extreme model checking. In International Symposium on Verification, LNCS. Springer, 2003.

[19]

T.A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In POPL 02: Principles of Programming Languages, pages 58--70. ACM, 2002.

Digital Library

[20]

J. Krajicek. Interpolation theorems, lower bounds for proof systems, and independence results for bounded arithmetic. J. Symbolic Logic, 62:457--486, 1997.

[21]

J. McCarthy and J. Painter. Correctness of a compiler for arithmetic expressions. In Proc. Symposia in Applied Mathematics. American Mathematical Society, 1967.

[22]

K.L. McMillan. Interpolation and SAT-based model checking. In CAV 03: Computer-Aided Verification, LNCS 2725, pages 1--13. Springer, 2003.

[23]

J.C. Mitchell. Foundations for Programming Languages. MIT Press, 1996.

Digital Library

[24]

J. M. Morris. A general axiom of assignment. In Theoretical Foundations of Programming Methodology, Lecture Notes of an International Summer School, pages 25--34. D. Reidel Publishing Company, 1982.

[25]

M. Musuvathi, D.Y.W. Park, A. Chou, D.R. Engler, and D.L. Dill. CMC: A pragmatic approach to model checking real code. In OSDI 02: Operating Systems Design and Implementation. ACM, 2002.

Digital Library

[26]

G.C. Necula. Proof carrying code. In POPL 97: Principles of Programming Languages, pages 106--119. ACM, 1997.

Digital Library

[27]

G. Nelson. Techniques for program verification. Technical Report CSL81-10, Xerox Palo Alto Research Center, 1981.

[28]

P. Pudlak. Lower bounds for resolution and cutting plane proofs and monotone computations. J. Symbolic Logic, 62:981--998, 1997.

[29]

T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL 95: Principles of Programming Languages, pages 49--61. ACM, 1995.

Digital Library

Cited By

Beyer DChien PJankola MLee N(2024)A Transferability Study of Interpolation-Based Hardware Model Checking for Software VerificationProceedings of the ACM on Software Engineering10.1145/36607971:FSE(2028-2050)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660797
Beyer DKettl MLemberger T(2024)Decomposing Software Verification using Distributed Summary SynthesisProceedings of the ACM on Software Engineering10.1145/36607661:FSE(1307-1329)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660766
Ádám ZBeyer DChien PLee NSirrenberg N(2024)Btor2-Cert: A Certifying Hardware-Verification Framework Using Software AnalyzersTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57256-2_7(129-149)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57256-2_7
Show More Cited By

Recommendations

Abstractions from proofs
POPL '04

The success of model checking for large programs depends crucially on the ability to efficiently construct parsimonious abstractions. A predicate abstraction is parsimonious if at each control location, it specifies only relationships between current ...
Read More
Abstractions from proofs
Supplemental issue

The success of model checking for large programs depends crucially on the ability to efficiently construct parsimonious abstractions. A predicate abstraction is parsimonious if at each control location, it specifies only relationships between current ...
Read More
Counterexample-guided predicate abstraction of hybrid systems
Tools and algorithms for the construction and analysis of systems (TACAS 2003)

Predicate abstraction has emerged to be a powerful technique for extracting finite-state models from infinite-state systems, and has been recently shown to enhance the effectiveness of the teachability computation techniques for hybrid systems. Given a ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '04: Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2004

364 pages

ISBN:158113729X

DOI:10.1145/964001

General Chair:
Neil D. Jones
DIKU, University of Copenhagen
,
Program Chair:
Xavier Leroy
INRIA Rocquencourt

ACM SIGPLAN Notices Volume 39, Issue 1
POPL '04
January 2004
352 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/982962
Issue’s Table of Contents

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

POPL04

Sponsor:

POPL04: The 31st Annual ACM Symposium on Principles of Programming Languages

January 14 - 16, 2004

Venice, Italy

Acceptance Rates

POPL '04 Paper Acceptance Rate 29 of 176 submissions, 16%;

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Sponsor:
sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

502
Total Citations
View Citations
1,746
Total Downloads

Downloads (Last 12 months)96
Downloads (Last 6 weeks)6

Other Metrics

View Author Metrics

Citations

Cited By

Beyer DChien PJankola MLee N(2024)A Transferability Study of Interpolation-Based Hardware Model Checking for Software VerificationProceedings of the ACM on Software Engineering10.1145/36607971:FSE(2028-2050)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660797
Beyer DKettl MLemberger T(2024)Decomposing Software Verification using Distributed Summary SynthesisProceedings of the ACM on Software Engineering10.1145/36607661:FSE(1307-1329)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660766
Ádám ZBeyer DChien PLee NSirrenberg N(2024)Btor2-Cert: A Certifying Hardware-Verification Framework Using Software AnalyzersTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57256-2_7(129-149)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57256-2_7
Baier DBeyer DChien PJankola MKettl MLee NLemberger TLingsch-Rosenfeld MSpiessl MWachowitz HWendler P(2024)CPAchecker 2.3 with Strategy SelectionTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57256-2_21(359-364)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57256-2_21
Beutner R(2024)Automated Software Verification of HyperlivenessTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57249-4_10(196-216)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57249-4_10
Guilloud SGambhir SKunčak V(2024)Interpolation and Quantifiers in OrtholatticesVerification, Model Checking, and Abstract Interpretation10.1007/978-3-031-50524-9_11(235-257)Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1007/978-3-031-50524-9_11
Tamir OTaube MMcMillan KShoham SHowell JGueta GSagiv M(2023)Counterexample Driven Quantifier Instantiations with Applications to Distributed ProtocolsProceedings of the ACM on Programming Languages10.1145/36228647:OOPSLA2(1878-1904)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622864
Gopinathan KKeoliya MSergey I(2023)Mostly Automated Proof Repair for Verified LibrariesProceedings of the ACM on Programming Languages10.1145/35912217:PLDI(25-49)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591221
Asadi SBlicha MHyvärinen AFedyukovich GSharygina N(2023)SMT-based verification of program changes through summary repairFormal Methods in System Design10.1007/s10703-023-00423-060:3(350-380)Online publication date: 4-May-2023
https://doi.org/10.1007/s10703-023-00423-0
Rappoport OGrumberg OVizel Y(2023)Structure-Guided Solution of Constrained Horn ClausesAutomated Technology for Verification and Analysis10.1007/978-3-031-45332-8_6(117-138)Online publication date: 19-Oct-2023
https://doi.org/10.1007/978-3-031-45332-8_6
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents