skip to main content
research-article

Efficient modular glass box software model checking

Published:17 October 2010Publication History
Skip Abstract Section

Abstract

Glass box software model checking incorporates novel techniques to identify similarities in the state space of a model checker and safely prune large numbers of redundant states without explicitly checking them. It is significantly more efficient than other software model checking approaches for checking certain kinds of programs and program properties.

This paper presents Pipal, a system for modular glass box software model checking. Extending glass box software model checking to perform modular checking is important to further improve its scalability. It is nontrivial because unlike traditional software model checkers such as Java PathFinder (JPF) and CMC, a glass box software model checker does not check every state separately---instead, it checks a large set of states together in each step. We present a solution and demonstrate Pipal's effectiveness on a variety of programs.

References

  1. }}T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In Programming Language Design and Implementation (PLDI), June 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. }}Y. Bertot and P. Casteran. Interactive Theorem Proving and Program Development. Springer Verlag, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. }}C. Boyapati, S. Khurshid, and D. Marinov. Korat: Automated testing based on Java predicates. In International Symposium on Software Testing and Analysis (ISSTA), July 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. }}S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. In International Conference on Software Engineering (ICSE), June 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. }}E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. }}E. M. Clarke, E. A. Emerson, and J. Sifakis. Model checking: Algorithmic verification and debugging. Communications of the ACM (CACM) 52(11), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. }}J. Corbett, M. Dwyer, J. Hatcliff, C. Pasareanu, Robby, S. Laubach, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In International Conference on Software Engineering (ICSE), June 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. }}P. Darga and C. Boyapati. Efficient software model checking of data structure properties. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. }}C. DeMartini, R. Iosif, and R. Sisto. A deadlock detection tool for concurrent Java programs. Software-Practice and Experience (SPE) 29(7), June 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. }}X. Deng, J. Lee, and Robby. Bogor/Kiasan: A k-bounded symbolic execution for checking strong heap properties of open systems. In Automated Software Engineering (ASE), September 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. }}G. Dennis, F. Chang, and D. Jackson. Modular verification of code with SAT. International Symposium on Software Testing and Analysis, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. }}J. Dolby, M. Vaziri, and F. Tip. Finding bugs efficiently with a SAT solver. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), September 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. }}M. Dwyer, J. Hatcliff, M. Hoosier, and Robby. Building your own software model checker using the Bogor extensible model checking framework. In Computer Aided Verification (CAV), January 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. }}N. Een and A. Biere. Effective preprocessing in SAT through variable and clause elimination. In Theory and Applications of Satisfiability Testing (SAT), June 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. }}C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In Principles of Programming Languages (POPL), January 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. }}P. Godefroid. Model checking for programming languages using VeriSoft. In Principles of Programming Languages (POPL), January 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. }}P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In Programming Language Design and Implementation (PLDI), June 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. }}J. Gosling, B. Joy, G. Steele, and G. Bracha. The Java Language Specification, Third Edition. Addison-Wesley, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. }}S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification (CAV), June 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. }}W. Grieskamp, N. Tillmann, and W. Shulte. XRT-Exploring runtime for .NET: Architecture and applications. In Workshop on Software Model Checking (SoftMC), July 2005.Google ScholarGoogle Scholar
  21. }}T. A. Henzinger, R. Jhala, and R. Majumdar. Lazy abstraction. In Principles of Programming Languages (POPL), January 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. }}G. Holzmann. The model checker SPIN. Transactions on Software Engineering (TSE) 23(5), May 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. }}A. Igarashi, B. Pierce, and P. Wadler. Featherweight Java: A minimal core calculus for Java and GJ. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. }}R. Iosif. Symmetry reduction criteria for software model checking. In SPIN workshop on Model Checking of Software (SPIN), April 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. }}C. N. Ip and D. Dill. Better verification through symmetry. In Computer Hardware Description Languages, April 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. }}D. Jackson. Software Abstractions: Logic, Language, and Analysis. MIT Press, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. }}D. Jackson and C. Damon. Elements of style: Analyzing a software design feature with a counterexample detector. IEEE Transactions on Software Engineering (TSE) 22(7), July 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. }}P. Joshi, M. Naik, C.-S. Park, and K. Sen. An extensible active testing framework for concurrent programs. Computer Aided Verification (CAV), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. }}M. Kaufmann, P. Manolios, and J. S. Moore. Computer-Aided Reasoning: An Approach. Kluwer Academic Publishers, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. }}S. Khurshid and D. Marinov. TestEra: Specification-based testing of Java programs using SAT. In Automated Software Engineering (ASE), November 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. }}S. Khurshid, C. S. Pasareanu, and W. Visser. Generalized symbolic execution for model checking and testing. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. }}S. Khurshid, D. Marinov, and D. Jackson. An analyzable annotation language. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), November 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. }}J. C. King. Symbolic execution and program testing. In Communications of the ACM (CACM) 19(7), August 1976. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. }}B. Liskov and J. Guttag. Abstraction and Specification in Program Development. MIT Press, 1986. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. }}D. Marinov, A. Andoni, D. Daniliuc, S. Khurshid, and M. Rinard. An evaluation of exhaustive testing for data structures. Technical Report TR-921, MIT Laboratory for Computer Science, September 2003.Google ScholarGoogle Scholar
  36. }}K. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. }}M. Musuvathi and D. Dill. An incremental heap canonicalization algorithm. In SPIN workshop on Model Checking of Software (SPIN), August 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. }}M. Musuvathi, S. Qadeer, T. Ball, G. Basler, P. A. Nainar, and I. Neamtiu. Finding and reproducing heisenbugs in concurrent programs. Operating System Design and Implementation (OSDI), 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. }}M. Musuvathi, D. Y. W. Park, A. Chou, D. R. Engler, and D. Dill. CMC: A pragmatic approach to model checking real code. In Operating System Design and Implementation (OSDI), December 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. }}T. Nipkow, L. C. Paulson, and M. Wenzel. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer Verlag, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. }}N. Nystrom, M. R. Clarkson, and A. C. Myers. Polyglot: An extensible compiler framework for Java. In Compiler Construction (CC), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. }}J. Offutt and R. Untch. Mutation 2000: Uniting the orthogonal. In Mutation 2000: Mutation Testing in the Twentieth and the Twenty First Centuries, October 2000.Google ScholarGoogle Scholar
  43. }}M. Roberson, M. Harries, P. T. Darga, and C. Boyapati. Efficient software model checking of soundness of type systems. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. }}K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), September 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. }}D. Shao, S. Khurshid, and D. Perry. Whispec: White-box testing of libraries using declarative specifications. Library-Centric Software Design (LCSD), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. }}M. Vaziri and D. Jackson. Checking properties of heap-manipulating procedures using a constraint solver. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. }}W. Visser, C. S. Pasareanu, and S. Khurshid. Test input generation with Java PathFinder. In International Symposium on Software Testing and Analysis (ISSTA), July 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. }}W. Visser, K. Havelund, G. Brat, and S. Park. Model checking programs. In Automated Software Engineering (ASE), September 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Efficient modular glass box software model checking

                    Recommendations

                    Comments

                    Login options

                    Check if you have access through your login credentials or your institution to get full access on this article.

                    Sign in

                    Full Access

                    • Published in

                      cover image ACM SIGPLAN Notices
                      ACM SIGPLAN Notices  Volume 45, Issue 10
                      OOPSLA '10
                      October 2010
                      957 pages
                      ISSN:0362-1340
                      EISSN:1558-1160
                      DOI:10.1145/1932682
                      Issue’s Table of Contents
                      • cover image ACM Conferences
                        OOPSLA '10: Proceedings of the ACM international conference on Object oriented programming systems languages and applications
                        October 2010
                        984 pages
                        ISBN:9781450302036
                        DOI:10.1145/1869459

                      Copyright © 2010 ACM

                      Publisher

                      Association for Computing Machinery

                      New York, NY, United States

                      Publication History

                      • Published: 17 October 2010

                      Check for updates

                      Qualifiers

                      • research-article

                    PDF Format

                    View or Download as a PDF file.

                    PDF

                    eReader

                    View online with eReader.

                    eReader
                    About Cookies On This Site

                    We use cookies to ensure that we give you the best experience on our website.

                    Learn more

                    Got it!