Skip to main content
SpringerLink
Log in

Verifying Numerical Programs via Iterative Abstract Testing

  • Conference paper
  • First Online:
Static Analysis (SAS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11822))

Included in the following conference series:

Abstract

When applying abstract interpretation to verification, it may suffer from the problem of getting too conservative over-approximations to verify a given target property, and being hardly able to generate counter-examples when the property does not hold. In this paper, we propose iterative abstract testing, to create a property-oriented verification approach based on abstract interpretation. Abstract testing employs forward abstract executions (i.e., forward analysis) together with property checking to mimic (regular) testing, and utilizes backward abstract executions (i.e., backward analysis) to derive necessary preconditions that may falsify the target property, and be useful for reducing the input space that needs further exploration. To verify a property, we conduct abstract testing in an iterative manner by utilizing dynamic partitioning to split the input space into sub-spaces such that each sub-space involves fewer program behaviors and may be easier to verify. Moreover, we leverage bounded exhaustive testing to verify bounded small sub-spaces, as a means to complement abstract testing based verification. The experimental results show that our approach has comparable strength with several state-of-the-art verification tools.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Data Availability Statements

The datasets/code generated during and/or analysed during the current study are available in the Figshare repository: https://doi.org/10.6084/m9.figshare.9861095.v1

References

  1. http://pop-art.inrialpes.fr/people/bjeannet/bjeannet-forge/fixpoint/index.html

  2. SV-COMP 2018. 7th international competition on software verification. https://sv-comp.sosy-lab.org/2018/

  3. Alatawi, E., Søndergaard, H., Miller, T.: Leveraging abstract interpretation for efficient dynamic symbolic execution. In: Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, pp. 619–624. IEEE Press (2017)

    Google Scholar 

  4. Albarghouthi, A., Gurfinkel, A., Chechik, M.: Craig interpretation. In: Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460, pp. 300–316. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33125-1_21

    Chapter  Google Scholar 

  5. Albarghouthi, A., Li, Y., Gurfinkel, A., Chechik, M.: Ufo: a framework for abstraction- and interpolation-based software verification. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 672–678. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31424-7_48

    Chapter  Google Scholar 

  6. Beckman, N.E., Nori, A.V., Rajamani, S.K., Simmons, R.J., Tetali, S.D., Thakur, A.V.: Proofs from tests. IEEE Trans. Softw. Eng. 36(4), 495–508 (2010)

    Article  Google Scholar 

  7. Beyer, D., Henzinger, T.A., Keremoglu, M.E., Wendler, P.: Conditional model checking: a technique to pass information between verifiers. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, p. 57. ACM (2012)

    Google Scholar 

  8. Beyer, D., Jakobs, M.C., Lemberger, T., Wehrheim, H.: Reducer-based construction of conditional verifiers. In: Proceedings of the 40th International Conference on Software Engineering, pp. 1182–1193. ACM (2018)

    Google Scholar 

  9. Beyer, D., Keremoglu, M.E.: CPAchecker: a tool for configurable software verification. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 184–190. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_16

    Chapter  Google Scholar 

  10. Bourdoncle, F.: Abstract interpretation by dynamic partitioning. J. Funct. Program. 2(4), 407–435 (1992)

    Article  MathSciNet  Google Scholar 

  11. Boyapati, C., Khurshid, S., Marinov, D.: Korat: automated testing based on Java predicates. In: ACM SIGSOFT Software Engineering Notes, vol. 27, pp. 123–133. ACM (2002)

    Article  Google Scholar 

  12. Brat, G., Navas, J.A., Shi, N., Venet, A.: IKOS: a framework for static analysis based on abstract interpretation. In: Giannakopoulou, D., Salaün, G. (eds.) SEFM 2014. LNCS, vol. 8702, pp. 271–277. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10431-7_20

    Chapter  Google Scholar 

  13. Carbonneaux, Q., Hoffmann, J., Shao, Z.: Compositional certified resource bounds. ACM SIGPLAN Not. 50(6), 467–478 (2015)

    Article  Google Scholar 

  14. Chimdyalwar, B., Darke, P., Chauhan, A., Shah, P., Kumar, S., Venkatesh, R.: VeriAbs: verification by abstraction (competition contribution). In: Legay, A., Margaria, T. (eds.) TACAS 2017. LNCS, vol. 10206, pp. 404–408. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54580-5_32

    Chapter  Google Scholar 

  15. Christakis, M.: On narrowing the gap between verification and systematic testing. IT Inf. Technol. 59(4), 197–202 (2017)

    Google Scholar 

  16. Christakis, M., Müller, P., Wüstholz, V.: Guiding dynamic symbolic execution toward unverified program executions. In: Proceedings of the 38th International Conference on Software Engineering, pp. 144–155. ACM (2016)

    Google Scholar 

  17. Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement for symbolic model checking. J. ACM (JACM) 50(5), 752–794 (2003)

    Article  MathSciNet  Google Scholar 

  18. Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL 1977, pp. 238–252. ACM (1977)

    Google Scholar 

  19. Cousot, P., Cousot, R.: Abstract interpretation based program testing. In: Proceedings of the SSGRR 2000 Computer & eBusiness International Conference. Scuola Superiore G. Reiss Romoli L’Aquila, Italy (2000)

    Google Scholar 

  20. Cousot, P., Cousot, R.: On abstraction in software verification. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 37–56. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45657-0_3

    Chapter  MATH  Google Scholar 

  21. Cousot, P., Cousot, R., Fähndrich, M., Logozzo, F.: Automatic inference of necessary preconditions. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 128–148. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35873-9_10

    Chapter  Google Scholar 

  22. Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Proceedings of the 5th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pp. 84–96. ACM (1978)

    Google Scholar 

  23. Cyphert, J., Breck, J., Kincaid, Z., Reps, T.: Refinement of path expressions for static analysis. Proc. ACM Program. Lang. 3(POPL), 45 (2019)

    Article  Google Scholar 

  24. Dillig, I., Dillig, T., Li, B., McMillan, K.: Inductive invariant generation via abductive inference. ACM SIGPLAN Not. 48, 443–456 (2013)

    Article  Google Scholar 

  25. D’silva, V., Kroening, D., Weissenbacher, G.: A survey of automated techniques for formal software verification. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 27(7), 1165–1178 (2008)

    Article  Google Scholar 

  26. Ge, X., Taneja, K., Xie, T., Tillmann, N.: DyTa: dynamic symbolic execution guided with static verification results. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 992–994. ACM (2011)

    Google Scholar 

  27. Granger, P.: Static analysis of arithmetical congruences. Int. J. Comput. Math. 30(3–4), 165–190 (1989)

    Article  Google Scholar 

  28. Greitschus, M., et al.: Ultimate Taipan: trace abstraction and abstract interpretation. In: Legay, A., Margaria, T. (eds.) TACAS 2017. LNCS, vol. 10206, pp. 399–403. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54580-5_31

    Chapter  Google Scholar 

  29. Gulavani, B.S., Chakraborty, S., Nori, A.V., Rajamani, S.K.: Automatically refining abstract interpretations. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 443–458. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_33

    Chapter  Google Scholar 

  30. Gulavani, B.S., Henzinger, T.A., Kannan, Y., Nori, A.V., Rajamani, S.K.: Synergy: a new algorithm for property checking. In: Proceedings of the 14th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 117–127. ACM (2006)

    Google Scholar 

  31. Gunter, E., Peled, D.: Model checking, testing and verification working together. Form. Asp. Comput. 17(2), 201–221 (2005)

    Article  Google Scholar 

  32. Gurfinkel, A., Kahsai, T., Komuravelli, A., Navas, J.A.: The SeaHorn verification framework. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 343–361. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21690-4_20

    Chapter  Google Scholar 

  33. Jagannath, V., Lee, Y.Y., Daniel, B., Marinov, D.: Reducing the costs of bounded-exhaustive testing. In: Chechik, M., Wirsing, M. (eds.) FASE 2009. LNCS, vol. 5503, pp. 171–185. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00593-0_12

    Chapter  Google Scholar 

  34. Jeannet, B.: Dynamic partitioning in linear relation analysis: application to the verification of reactive systems. Form. Methods Syst. Des. 23(1), 5–37 (2003)

    Article  Google Scholar 

  35. Jeannet, B.: Interproc analyzer for recursive programs with numerical variables. INRIA, software and documentation are available at the following, pp. 06-11 (2010). http://pop-art.inrialpes.fr/interproc/interprocweb.cgi

  36. Jeannet, B., Miné, A.: Apron: a library of numerical abstract domains for static analysis. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 661–667. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02658-4_52

    Chapter  Google Scholar 

  37. Kroening, D., Groce, A., Clarke, E.: Counterexample guided abstraction refinement via program execution. In: Davies, J., Schulte, W., Barnett, M. (eds.) ICFEM 2004. LNCS, vol. 3308, pp. 224–238. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30482-1_23

    Chapter  Google Scholar 

  38. Marinov, D., Khurshid, S.: TestEra: a novel framework for automated testing of Java programs. In: Proceedings of the 16th Annual International Conference on Automated Software Engineering (ASE 2001), pp. 22–31. IEEE (2001)

    Google Scholar 

  39. Mauborgne, L., Rival, X.: Trace partitioning in abstract interpretation based static analyzers. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 5–20. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-31987-0_2

    Chapter  Google Scholar 

  40. Miné, A.: Tutorial on static inference of numeric invariants by abstract interpretation. Found. Trends Program. Lang. (FnTPL) 4(3–4), 120–372 (2017)

    Article  Google Scholar 

  41. Miné, A.: The octagon abstract domain. High.-Order Symb. Comput. 19(1), 31–100 (2006)

    Article  Google Scholar 

  42. Necula, G.C., McPeak, S., Rahul, S.P., Weimer, W.: CIL: intermediate language and tools for analysis and transformation of C programs. In: Horspool, R.N. (ed.) CC 2002. LNCS, vol. 2304, pp. 213–228. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45937-5_16

    Chapter  Google Scholar 

  43. Toman, J., Grossman, D.: Concerto: a framework for combined concrete and abstract interpretation. Proc. ACM Program. Lang. 3(POPL), 43 (2019)

    Article  Google Scholar 

Download references

Acknowledgment

This work is supported by the National Key R&D Program of China (No. 2017YFB1001802), the NSFC Program (Nos. 61872445, 61532007), and the NSF under Grants CNS-1446511 and CCF-1617717. This work is also supported by the Hunan Key Laboratory of Software Engineering for Complex Systems, China.

Author information

Authors and Affiliations

  1. College of Computer, National University of Defense Technology, Changsha, China

    Banghu Yin, Liqian Chen, Jiangchao Liu & Ji Wang

  2. State Key Laboratory of High Performance Computing, Changsha, China

    Banghu Yin & Ji Wang

  3. New York University, New York, USA

    Patrick Cousot

Authors
  1. Banghu Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqian Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiangchao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ji Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Patrick Cousot
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Banghu Yin or Ji Wang .

Editor information

Editors and Affiliations

  1. University of Colorado, Boulder, CO, USA

    Bor-Yuh Evan Chang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yin, B., Chen, L., Liu, J., Wang, J., Cousot, P. (2019). Verifying Numerical Programs via Iterative Abstract Testing. In: Chang, BY. (eds) Static Analysis. SAS 2019. Lecture Notes in Computer Science(), vol 11822. Springer, Cham. https://doi.org/10.1007/978-3-030-32304-2_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32304-2_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32303-5

  • Online ISBN: 978-3-030-32304-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation