ABSTRACT
This paper presents novel language and analysis techniques that significantly speed up software model checking of data structure properties. Consider checking a red-black tree implementation. Traditional software model checkers systematically generate all red-black tree states (within some given bounds) and check every red-black tree operation (such as insert, delete, or lookup) on every red-black tree state. Our key idea is as follows. As our checker checks a red-black tree operation o on a red-black tree state s, it uses program analysis techniques to identify other red-black tree states s'1, s'2, ..., s'k on which the operation o behaves similarly. Our analyses guarantee that if o executes correctly on s, then o will execute correctly on every s'i. Our checker therefore does not need to check o on any s'i once it checks o on s. It thus safely prunes those state transitions from its search space, while still achieving complete test coverage within the bounded domain. Our preliminary results show orders of magnitude improvement over previous approaches. We believe our techniques can make model checking significantly faster, and thus enable checking of much larger programs and complex program properties than currently possible.
- T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In Programming Language Design and Implementation (PLDI), June 2001. Google Scholar
Digital Library
- C. Boyapati, S. Khurshid, and D. Marinov. Korat: Automated testing based on Java predicates. In International Symposium on Software Testing and Analysis (ISSTA), July 2002. Winner of an ACM SIGSOFT distinguished paper award. Google Scholar
Digital Library
- R. E. Bryant. Symbolic boolean manipulation with ordered binary decision diagrams. ACM Computing Surveys 24(3), 1992. Google Scholar
Digital Library
- S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. In International Conference on Software Engineering (ICSE), June 2003. Google Scholar
Digital Library
- J. Chang and D. J. Richardson. Structural specification-based testing: A utomated support and experimental evaluation. In Foundations of Software Engineering (FSE), September 1999. Google Scholar
Digital Library
- E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, 1999. Google Scholar
Digital Library
- J. Corbett, M. Dwyer, J. Hatcliff, C. Pasareanu, Robby, S. Laubach, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In International Conference on Software Engineering (ICSE), June 2000. Google Scholar
Digital Library
- T. H. Cormen, C. E. Leiserson, and R. L. Rivest. Introduction to Algorithms. MIT Press, 1991. Google Scholar
Digital Library
- C. DeMartini, R. Iosif, and R. Sisto. A deadlock detection tool for concurrent Java programs. Software - Practice and Experience (SPE) 29(7), June 1999. Google Scholar
Digital Library
- D. E. Denning and P. J. Denning. Certification of programs for secure information flow. In Communications of the ACM (CACM) 20(7), July 1977. Google Scholar
Digital Library
- Daisy file system. Joint CAV/ISSTA Special Event on Specification, Verification, and Testing of Concurrent Software. http://-research.microsoft.com/~qadeer/cav-issta.htm.Google Scholar
- M. Dwyer, J. Hatcliff, M. Hoosier, and Robby. Building your own software model checker using the Bogor extensible model checking framework. In Computer Aided Verification (CAV), January 2005. Google Scholar
Digital Library
- C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In Principles of Programming Languages (POPL), January 2005. Google Scholar
Digital Library
- C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In Programming Language Design and Implementation (PLDI), June 2002. Google Scholar
Digital Library
- P. Godefroid. Model checking for programming languages using VeriSoft. In Principles of Programming Languages (POPL), January 1997. Google Scholar
Digital Library
- P. Godefroid. Partial-order methods for the verification of concurrent systems - An approach to the state-explosion problem. Lecture Notes in Computer Science (LNCS) 1032, Springer-Verlag, January 1996. Google Scholar
Digital Library
- P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In Programming Language Design and Implementation (PLDI), June 2005. Google Scholar
Digital Library
- J. Goodenough and S. Gerhart. Toward a theory of test data selection. IEEE Transactions on Software Engineering (TSE) SE-1(2), June 1975.Google Scholar
- S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification (CAV), June 1997. Google Scholar
Digital Library
- W. Grieskamp, N. Tillmann, and W. Shulte. XRT - Exploring runtime for .NET: Architecture and applications. In Workshop on Software Model Checking (SoftMC), July 2005.Google Scholar
- T. A. Henzinger, R. Jhala, and R. Majumdar. Lazy abstraction. In Principles of Programming Languages (POPL), January 2002. Google Scholar
Digital Library
- G. Holzmann. The model checker SPIN. Transactions on Software Engineering (TSE) 23(5), May 1997. Google Scholar
Digital Library
- H.-M. Horcher. Improving software tests using Z specifications. In International Conference of Z Users, September 1995. Google Scholar
Digital Library
- R. Iosif. Symmetry reduction criteria for software model checking. In SPIN workshop on Model Checking of Software (SPIN), April 2002. Google Scholar
Digital Library
- C. N. Ip and D. Dill. Better verification through symmetry. In Computer Hardware Description Languages, April 1993. Google Scholar
Digital Library
- D. Jackson. Alloy: A lightweight object modeling notation. Transactions on Software Engineering and Methodology (TOSEM) 11(2), April 2002. Google Scholar
Digital Library
- S. Khurshid and D. Marinov. TestEra: Specification-based testing of Java programs using SAT. In Automated Software Engineering (ASE), November 2001.Google Scholar
- S. Khurshid, C. S. Pasareanu, and W. Visser. Generalized symbolic execution for model checking and testing. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google Scholar
Digital Library
- B. Korel and J. Laski. Dynamic program slicing. In Information Processing Letters (IPL) 29(3)s, October 1988. Google Scholar
Digital Library
- G. T. Leavens, A. L. Baker, and C. Ruby. Preliminary design of JML: A behavioral interface specification language for Java. Technical Report TR 98-06i, Department of Computer Science, Iowa State University, May 1998.Google Scholar
- J. Lind-Nielsen. BuDDy. http://-sourceforge.net-/projects-/buddy.Google Scholar
- B. Liskov and J. Guttag. Abstraction and Specification in Program Development. MIT Press, 1986. Google Scholar
Digital Library
- D. Marinov. Automatic testing of software with structurally complex inputs. Ph.D. thesis, Massachusetts Institute of Technology, February 2005. Google Scholar
Digital Library
- K. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993. Google Scholar
Digital Library
- S. McPeak and G. C. Necula. Data structure specification via local equality axioms. In Computer Aided Verification (CAV), January 2005. Google Scholar
Digital Library
- A. Moeller and M. I. Schwartzbach. The pointer assertion logic engine. In Programming Language Design and Implementation (PLDI), June 2001. Google Scholar
Digital Library
- M. Musuvathi and D. Dill. An incremental heap canonicalization algorithm. In SPIN workshop on Model Checking of Software (SPIN), August 2005. Google Scholar
Digital Library
- M. Musuvathi and D. R. Engler. Using model checking to find serious file system errors. In Operating System Design and Implementation (OSDI), December 2004. Winner of the best paper award.Google Scholar
- M. Musuvathi, D. Y. W. Park, A. Chou, D. R. Engler, and D. Dill. CMC: A pragmatic approach to model checking real code. In Operating System Design and Implementation (OSDI), December 2002. Google Scholar
Digital Library
- A. C. Myers. JFlow: Practical mostly-static information flow control. In Principles of Programming Languages (POPL), January 1999. Google Scholar
Digital Library
- N. Nystrom, M. R. Clarkson, and A. C. Myers. Polyglot: An extensible compiler framework for Java. In Compiler Construction (CC), April 2003. Google Scholar
Digital Library
- J. Offutt and A. Abdurazik. Generating tests from UML specification. In International Conference on the Unified Modeling Language, October 1999. Google Scholar
Digital Library
- C. Pasareanu, R. Pelanek, and W. Visser. Test input generation for red black trees using abstraction. In Automated Software Engineering (ASE), November 2005. Google Scholar
Digital Library
- M. Sagiv, T. Reps, and R. Wilhelm. Solving shape-analysis problems in languages with destructive updating. Transactions on Programming Languages and Systems (TOPLAS) 20(1), January 1998. Google Scholar
Digital Library
- K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), September 2005. Google Scholar
Digital Library
- D. Suwimonteerabuth, S. Schwoon, and J. Esparza. jMoped: A Java bytecode checker based on Moped. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2005. Google Scholar
Digital Library
- M. Vaziri and D. Jackson. Checking properties of heap-manipulating procedures using a constraint solver. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google Scholar
Digital Library
- W. Visser, K. Havelund, G. Brat, and S. Park. Model checking programs. In Automated Software Engineering (ASE), September 2000. Google Scholar
Digital Library
- W. Visser, C. S. Pasareanu, and S. Khurshid. Test input generation with Java PathFinder. In International Symposium on Software Testing and Analysis (ISSTA), July 2004. Google Scholar
Digital Library
- J. Whaley. JavaBDD. http://-javabdd.sourceforge.net/.Google Scholar
- T. Xie, D. Marinov, and D. Notkin. Rostra: A framework for detecting redundant object-oriented unit tests. In Automated Software Engineering (ASE), September 2004. Google Scholar
Digital Library
- T. Xie, D. Marinov, W. Schulte, and D. Notkin. Symstra: A framework for generating object-oriented unit tests using symbolic execution. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2005. Google Scholar
Digital Library
- X. Zhang and R. Gupta. Cost effective dynamic program slicing. In Programming Language Design and Implementation (PLDI), June 2004. Google Scholar
Digital Library
Index Terms
Efficient software model checking of data structure properties
Recommendations
Efficient software model checking of data structure properties
Proceedings of the 2006 OOPSLA ConferenceThis paper presents novel language and analysis techniques that significantly speed up software model checking of data structure properties. Consider checking a red-black tree implementation. Traditional software model checkers systematically generate ...
Efficient modular glass box software model checking
OOPSLA '10: Proceedings of the ACM international conference on Object oriented programming systems languages and applicationsGlass box software model checking incorporates novel techniques to identify similarities in the state space of a model checker and safely prune large numbers of redundant states without explicitly checking them. It is significantly more efficient than ...







Comments