skip to main content
research-article

Reasoning about nondeterminism in programs

Authors Info & Claims
Published:16 June 2013Publication History
Skip Abstract Section

Abstract

Branching-time temporal logics (e.g. CTL, CTL*, modal mu-calculus) allow us to ask sophisticated questions about the nondeterminism that appears in systems. Applications of this type of reasoning include planning, games, security analysis, disproving, precondition synthesis, environment synthesis, etc. Unfortunately, existing automatic branching-time verification tools have limitations that have traditionally restricted their applicability (e.g. push-down systems only, universal path quantifiers only, etc).

In this paper we introduce an automation strategy that lifts many of these previous restrictions. Our method works reliably for properties with non-trivial mixtures of universal and existential modal operators. Furthermore, our approach is designed to support (possibly infinite-state) programs.

The basis of our approach is the observation that existential reasoning can be reduced to universal reasoning if the system's state-space is appropriately restricted. This restriction on the state-space must meet a constraint derived from recent work on proving non-termination. The observation leads to a new route for implementation based on existing tools. To demonstrate the practical viability of our approach, we report on the results applying our preliminary implementation to a set of benchmarks drawn from the Windows operating system, the PostgreSQL database server, SoftUpdates patching system, as well as other hand-crafted examples.

References

  1. Bernholtz, O., Vardi, M. Y., and Wolper, P. An automata-theoretic approach to branching-time model checking (extended abstract). In CAV'94 (1994), D. L. Dill, Ed., vol. 818, Springer, pp. 142--155. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Beyer, D., Henzinger, T. A., Jhala, R., and Majumdar, R. The software model checker blast. STTT 9, 5--6 (2007), 505--525. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bradley, A., Manna, Z., and Sipma, H. The polyranking principle. Automata, Languages and Programming (2005), 1349--1361. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Burch, J., Clarke, E., et al. Symbolic model checking: 10 20 states and beyond. Information and computation 98, 2 (1992), 142--170. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Chaki, S., Clarke, E. M., Grumberg, O., Ouaknine, J., Sharygina, N., Touili, T., and Veith, H. State/event software verification for branching-time specifications. In IFM'05 (2005), J. Romijn, G. Smith, and J. van de Pol, Eds., vol. 3771, pp. 53--69. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Clarke, E., Jha, S., Lu, Y., and Veith, H. Tree-like counterexamples in model checking. In LICS (2002), pp. 19--29. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Clarke, E. M., Emerson, E. A., and Sistla, A. P. Automatic verification of finite-state concurrent systems using temporal logic specifications. TOPLAS 8 (April 1986), 244--263. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Cook, B., Gotsman, A., Podelski, A., Rybalchenko, A., and Vardi, M. Y. Proving that programs eventually do something good. In POPL'07 (2007), pp. 265--276. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Cook, B., and Koskinen, E. Making prophecies with decision predicates. In POPL'11 (2011), T. Ball and M. Sagiv, Eds., ACM, pp. 399--410. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Cook, B., Koskinen, E., and Vardi, M. Temporal verification as a program analysis task {extended version}. FMSD (2012). Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Cook, B., Koskinen, E., and Vardi, M. Y. Temporal property verification as a program analysis task. In CAV'11 (2011), G. Gopalakrishnan and S. Qadeer, Eds., vol. 6806, Springer, pp. 333--348. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Cook, B., Podelski, A., and Rybalchenko, A. Termination proofs for systems code. In PLDI'06 (2006), M. I. Schwartzbach and T. Ball, Eds., pp. 415--426. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Cousot, P., and Cousot, R. An abstract interpretation framework for termination. In POPL'12 (2012), ACM, pp. 245--258. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Dams, D., and Namjoshi, K. S. The existence of finite abstractions for branching time model checking. In LICS (2004), pp. 335--344. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. de Alfaro, L., Godefroid, P., and Jagadeesan, R. Three-valued abstractions of games: Uncertainty, but with precision. In LICS (2004), pp. 170--179. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Emerson, E. A., and Halpern, J. Y. "sometimes" and "not never" revisited: on branching versus linear time temporal logic. J. ACM 33, 1 (1986), 151--178. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Emerson, E. A., and Namjoshi, K. S. Automatic verification of parameterized synchronous systems (extended abstract). In CAV'96 (1996), vol. 1102, pp. 87--98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Giesl, J., Schneider-Kamp, P., and Thiemann, R. Aprove 1.2: Automatic termination proofs in the dependency pair framework. Automated Reasoning (2006), 281--286. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Godefroid, P., Nori, A. V., Rajamani, S. K., and Tetali, S. Compositional may-must program analysis: unleashing the power of alternation. In POPL'10 (2010), ACM, pp. 43--56. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Gulavani, B. S., Henzinger, T. A., Kannan, Y., Nori, A. V., and Rajamani, S. K. SYNERGY: a new algorithm for property checking. In FSE'06 (2006), ACM, pp. 117--127. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Gulwani, S., Jain, S., and Koskinen, E. Control-flow refinement and progress invariants for bound analysis. In PLDI'09 (2009), pp. 375--385. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Gupta, A., Henzinger, T. A., Majumdar, R., Rybalchenko, A., and Xu, R.-G. Proving non-termination. SIGPLAN Not. 43 (January 2008), 147--158. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Gurfinkel, A., Wei, O., and Chechik, M. Yasm: A software model-checker for verification and refutation. In CAV'06 (2006), vol. 4144, pp. 170--174. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Harris, W. R., Lal, A., Nori, A. V., and Rajamani, S. K. Alternation for termination. In SAS (2010). Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Hayden, C. M., Magill, S., Hicks, M., Foster, N., and Foster, J. S. Specifying and verifying the correctness of dynamic software updates. In VSTTE'12 (2012), vol. 7152, pp. 278--293. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Iosif, R., Bozga, M., Bouajjani, A., Habermehl, P., Moro, P., , and Vojnar, T. Programs with lists are counter automata. In CAV (2006). Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Kesten, Y., and Pnueli, A. A compositional approach to ctl* verification. Theor. Comput. Sci. 331, 2-3 (2005), 397--428. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Kupferman, O., Vardi, M., and Wolper, P. An automata-theoretic approach to branching-time model checking. Journal of the ACM 47, 2 (2000), 312--360. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Magill, S., Tsai, M.-H., Lee, P., and Tsay, Y.-K. Automatic numeric abstractions for heap-manipulating programs. In POPL'10 (2010), ACM, pp. 211--222. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. McMillan, K. L. Lazy abstraction with interpolants. In CAV'06 (2006), T. Ball and R. B. Jones, Eds., vol. 4144, pp. 123--136. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Nelson, G. A generalization of Dijkstra's calculus. TOPLAS 11, 4 (1989), 517--561. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Pistore, M., and Traverso, P. Planning as model checking for extended goals in non-deterministic domains. In IJCAI'01 (2001), Springer. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Pnueli, A., and Zaks, A. Psl model checking and run-time verification via testers. In FM (2006), pp. 573--586. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Podelski, A., and Rybalchenko, A. Transition invariants. In LICS (2004), pp. 32--41. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Solar-Lezama, A., Tancau, L., Bodík, R., Seshia, S. A., and Saraswat, V. A. Combinatorial sketching for finite programs. In PLDI (2006), ACM, pp. 404--415.Google ScholarGoogle Scholar
  36. Song, F., and Touili, T. Pushdown model checking for malware detection. In TACAS (2012). Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Stirling, C. Games and modal mu-calculus. In TACAS (1996), vol. 1055, pp. 298--312. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Vardhan, A., and Viswanathan, M. Learning to verify branching time properties. FMSD 31, 1 (2007), 35--61. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Walukiewicz, I. Pushdown processes: Games and model checking. In CAV (1996), vol. 1102, pp. 62--74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Walukiewicz, I. Model checking ctl properties of pushdown systems. In FSTTCS (2000), S. Kapoor and S. Prasad, Eds., vol. 1974, pp. 127--138. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Yang, Z., Al-Rawi, B., Sakallah, K. A., Huang, X., Smolka, S. A., and Grosu, R. Dynamic path reduction for software model checking. In IFM (2009), vol. 5423, pp. 322--336. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Reasoning about nondeterminism in programs

                    Recommendations

                    Comments

                    Login options

                    Check if you have access through your login credentials or your institution to get full access on this article.

                    Sign in

                    Full Access

                    • Published in

                      cover image ACM SIGPLAN Notices
                      ACM SIGPLAN Notices  Volume 48, Issue 6
                      PLDI '13
                      June 2013
                      515 pages
                      ISSN:0362-1340
                      EISSN:1558-1160
                      DOI:10.1145/2499370
                      Issue’s Table of Contents
                      • cover image ACM Conferences
                        PLDI '13: Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation
                        June 2013
                        546 pages
                        ISBN:9781450320146
                        DOI:10.1145/2491956

                      Copyright © 2013 ACM

                      Publisher

                      Association for Computing Machinery

                      New York, NY, United States

                      Publication History

                      • Published: 16 June 2013

                      Check for updates

                      Qualifiers

                      • research-article

                    PDF Format

                    View or Download as a PDF file.

                    PDF

                    eReader

                    View online with eReader.

                    eReader
                    About Cookies On This Site

                    We use cookies to ensure that we give you the best experience on our website.

                    Learn more

                    Got it!